Abstract: A client can store information about federation points. A federation point is a combination of an identifier of an account on a relying party and an identifier of an information card. The client can track which information cards are included n various federation points, and can use this information to assist the user in performing a transaction with relying parties.

Abstract: A user defines an audit policy. The audit policy identifies one or more triggers that, when related information is included in a security token, trigger the performance of the audit. The audit can include notifying the user in some manner that the trigger occurred. The audit can require in-line confirmation of the audit, so that the security token is not transmitted until the user confirms the audit.

Abstract: A user engages in a transaction with a relying party. The relying party requests identity information from the user in a security policy and identifies transaction elements for an on-line business transaction. Typically, the security policy and transaction elements are transmitted together; the security policy can be as little as a request to conduct the on-line business transaction. The user identifies an information card that satisfies the security policy. The computer system requests a security token from the identity provider managing the information card, which can include requesting a transaction receipt for the transaction elements. The computer system then returns the security token (and the transaction receipt) to the relying party, to complete the transaction.

Abstract: A system and method is presented for incremental replication of changes in a state based distributed database synchronization system. If a destination server has one previously established yet unsatisfied synchronization point, a starting synchronization point is formed by extracting the unsatisfied synchronization point from the destination server, identifying a type identifier within the extracted unsatisfied synchronization point identifying a predetermined set of synchronization algorithms and an execution order thereof, identifying a current key within the extracted unsatisfied synchronization point which indicates one of the predetermined set of synchronization algorithms to be started for execution, and adjusting a target state of the destination server to one older than or equal to an established target state specified by the extracted unsatisfied synchronization point.