Patent attributes
A federated credentialing system, and a correspond method, includes credential issuers that interact with relying parties to provide system users with access to protected resources within the system. The system includes a relying party federated domain server including devices for identifying users and authenticating user access credentials and a credential issuer domain server including devices for verifying user identities and access credentials. The access credentials may be single smart cards. The single smart cards are operative to provide user access to both logical and physical protected resources of the relying party. The system also includes a federated trust broker in communication in communication with the relying party and credential issuer federated domain servers. The trust broker receives authorization requests from the relying party, routes the received requests to the credential issuer and receives in return authorization responses from the credential issuer and routes the responses to the relying party. The relying party grants users access to the physical and the logical protected resources based on information contained in the responses.
