[go: up one dir, main page]

WO2008020991A3 - Notarized federated identity management - Google Patents

Notarized federated identity management Download PDF

Info

Publication number
WO2008020991A3
WO2008020991A3 PCT/US2007/017047 US2007017047W WO2008020991A3 WO 2008020991 A3 WO2008020991 A3 WO 2008020991A3 US 2007017047 W US2007017047 W US 2007017047W WO 2008020991 A3 WO2008020991 A3 WO 2008020991A3
Authority
WO
WIPO (PCT)
Prior art keywords
assertion
notarized
user
providers
identity management
Prior art date
Application number
PCT/US2007/017047
Other languages
French (fr)
Other versions
WO2008020991A2 (en
WO2008020991B1 (en
Inventor
Michael T Goodrich
Danfeng Yao
Roberto Tamassia
Original Assignee
Univ Brown
Michael T Goodrich
Danfeng Yao
Roberto Tamassia
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Univ Brown, Michael T Goodrich, Danfeng Yao, Roberto Tamassia filed Critical Univ Brown
Publication of WO2008020991A2 publication Critical patent/WO2008020991A2/en
Publication of WO2008020991A3 publication Critical patent/WO2008020991A3/en
Publication of WO2008020991B1 publication Critical patent/WO2008020991B1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/388Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/389Keeping log of transactions for guaranteeing non-repudiation of a transaction
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The exemplary embodiments of this invention provides notarized federated identity management that may have application like supporting efficient user authentication when providers are unknown to each other and/or for avoiding direct communication between identity providers and service providers, which provides improved privacy protection for users. In one non-limiting, exemplary embodiment, a method includes: receiving through a data communication network an assertion generated by a first entity; notarizing the assertion to obtain a corresponding notarized assertion; and in response to receiving from a second entity via the same or a different data communication; network a query corresponding to the assertion, returning the corresponding notarized assertion. The method further includes: determining a user private key for the user identity information; and returning the user private key to the user as data to be stored on a storage medium.
PCT/US2007/017047 2006-07-28 2007-07-30 Notarized federated identity management WO2008020991A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US83398306P 2006-07-28 2006-07-28
US60/833,983 2006-07-28

Publications (3)

Publication Number Publication Date
WO2008020991A2 WO2008020991A2 (en) 2008-02-21
WO2008020991A3 true WO2008020991A3 (en) 2008-08-14
WO2008020991B1 WO2008020991B1 (en) 2008-10-02

Family

ID=39082524

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/017047 WO2008020991A2 (en) 2006-07-28 2007-07-30 Notarized federated identity management

Country Status (1)

Country Link
WO (1) WO2008020991A2 (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6689754B1 (en) 1998-04-10 2004-02-10 G. D. Searle & Co. Heterocyclic glycyl β-alanine derivatives
US9465800B2 (en) * 2013-10-01 2016-10-11 Trunomi Ltd. Systems and methods for sharing verified identity documents
AU2014339750A1 (en) * 2013-10-22 2016-04-21 Eteam Software Pty Ltd A system and method for certifying information
US9569634B1 (en) 2013-12-16 2017-02-14 Amazon Technologies, Inc. Fine-grained structured data store access using federated identity management
CN106330442B (en) * 2015-06-17 2020-04-28 中兴通讯股份有限公司 Identity authentication method, device and system
US10778707B1 (en) 2016-05-12 2020-09-15 Amazon Technologies, Inc. Outlier detection for streaming data using locality sensitive hashing
CZ308358B6 (en) * 2019-04-08 2020-06-17 Aducid S.R.O. Method of user authentication to the relying party in an electronic identity federation system
EP4248612B1 (en) 2020-11-18 2025-08-20 Visa International Service Association Integrating identity tokens and privacy-preserving identity attribute attestations into interactions
WO2022184391A1 (en) 2021-03-05 2022-09-09 Sepior Aps A method for authenticating a user towards a multi-node party
CN113468614B (en) * 2021-07-23 2024-10-18 成都卓拙科技有限公司 Bulletproofs-based Kerberos cross-domain authentication method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010002485A1 (en) * 1995-01-17 2001-05-31 Bisbee Stephen F. System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents
US20020004800A1 (en) * 2000-07-10 2002-01-10 Masahiro Kikuta Electronic notary method and system
US20040093497A1 (en) * 2002-11-08 2004-05-13 Arangio Joseph P. Authentication and ownership system, method and database
US20050114701A1 (en) * 2003-11-21 2005-05-26 International Business Machines Corporation Federated identity management within a distributed portal server

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010002485A1 (en) * 1995-01-17 2001-05-31 Bisbee Stephen F. System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents
US20020004800A1 (en) * 2000-07-10 2002-01-10 Masahiro Kikuta Electronic notary method and system
US20040093497A1 (en) * 2002-11-08 2004-05-13 Arangio Joseph P. Authentication and ownership system, method and database
US20050114701A1 (en) * 2003-11-21 2005-05-26 International Business Machines Corporation Federated identity management within a distributed portal server

Also Published As

Publication number Publication date
WO2008020991A2 (en) 2008-02-21
WO2008020991B1 (en) 2008-10-02

Similar Documents

Publication Publication Date Title
WO2008020991A3 (en) Notarized federated identity management
Ahmed et al. A survey of COVID-19 contact tracing apps
ATE548704T1 (en) PROVIDING A SERVICE BASED ON ACCESS RIGHTS TO SHARED DATA
WO2006086721A3 (en) Context limited shared secret
WO2013081983A3 (en) Migrating authenticated content towards content consumer
WO2008121157A3 (en) Cryptographic key management system facilitating secure access of data portions to corresponding groups of users
WO2008060320A3 (en) Method and system for enterprise network access control and management for government and corporate entities
US9413769B2 (en) Key management system for toll-free data service
WO2009155473A3 (en) Information rights management
WO2008048179A3 (en) Cryptographic key management in communication networks
WO2008017009A3 (en) Systems and methods for enabling assured records using fine grained auditing of virtual private network traffic
WO2005104720A3 (en) Method and system for managing access to media files
WO2008021454A3 (en) Federated credentialing system and method
WO2009045317A3 (en) Method for authenticating mobile units attached to a femtocell in communication with a secure core network such as an ims
WO2007138486A3 (en) System and method for improving restrictiveness on accessing software applications
NZ592061A (en) Secure negotiation of authentication capabilities
FR3006082A1 (en) METHOD FOR IMPLEMENTING A RIGHT TO CONTENT
GB0613235D0 (en) File system authentication
WO2013036011A3 (en) Method for managing profile of embedded uicc, and embedded uicc, embedded uicc-equipped terminal, provision method, and method for changing mno using same
FI20070416A0 (en) management system
WO2009046684A3 (en) Method of establishing protected electronic communication between various electronic devices, especially between electronic devices of electronic service providers and electronic devices of users of electronic service
RU2010103678A (en) NETWORK AND METHOD FOR INITIALIZING THE KEY FOR THE SECURITY MANAGEMENT CENTER LINE
WO2008062353A3 (en) Method for authenticating nomadic user domains and nodes therefor
CN112215591B (en) Distributed encryption management method, device and system for encrypted money bags
GB0709764D0 (en) Anonymous Authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07836352

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

122 Ep: pct application non-entry in european phase

Ref document number: 07836352

Country of ref document: EP

Kind code of ref document: A2