Systems and methods for distributed identity verification
First Claim
Patent Images
1. An identity management method for controlling an exchange of data bundles by an identity provider server, the method comprising:
- receiving, at the identity provider server, a first request from a user agent server, the first request identifying one or more claim categories;
generating, at the identity provider server, a data bundle at a first time in response to the first request, the data bundle identifying one or more attributes associated with a user related to the user agent server, wherein each attribute corresponds to a claim category of the one or more claim categories identified in the first request and a corresponding value;
the identity provider server encrypting the data bundle with a user encryption key (UEK);
transmitting, by the identity provider server, the data bundle to the user agent server;
generating a first entry;
signing the first entry with an identity provider private key corresponding to the identity provider server to generate a signed first entry;
generating a second entry; and
signing the second entry with a second key to generate a signed second entry, the second key being derived from the identity provider private key;
at a first ledger;
verifying a signature of the identity provider server on the first entry to generate a first signature verification result;
storing the first entry in the first ledger based on the first signature verification result; and
transmitting a first entry address to the identity provider server, the first entry address identifying an address of the first entry in the first ledger;
at a second ledger;
verifying a signature of the identity provider server on the second entry to generate a second signature verification result;
storing the second entry in the second ledger based on the second signature verification result; and
transmitting a second entry address to the identity provider server, the second entry address identifying an address of the second entry in the second ledger; and
at one or more auditor servers;
receiving a first ledger identifier identifying the first ledger storing the first entry, a second ledger identifier identifying the second ledger storing the second entry, the first entry address and the second entry address;
accessing the first entry based on the first ledger identifier and the first entry address;
verifying the signature of the identity provider server on the first entry;
accessing the second entry based on the second ledger identifier and the second entry address;
verifying the signature of the identity provider server on the second entry;
generating a confirmation entry for each of the one or more auditor servers, wherein each confirmation entry is based on successful verification of the signature of the identity provider server on the first entry and the signature of the identity provider server on the second entry; and
linking the first entry address to the second ledger identifier and the second entry address to the first ledger identifier based on the confirmation entry of the one or more auditor servers,wherein the identity provider server, the user agent server, the first ledger, the second ledger, and the one or more auditor servers are executed by one or more computing devices and communicate via a data communication network.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for decentralized and asynchronous authentication flow between users, relying parties and identity providers. A trusted user agent application or digital lock box under a user'"'"'s control may perform the functions of an authentication broker. In particular, the user agent application or digital lock box can accept relying party requests and respond with authentication and identity data previously obtained from an identity provider server, and without the involvement of a centralized broker server.
44 Citations
9 Claims
-
1. An identity management method for controlling an exchange of data bundles by an identity provider server, the method comprising:
-
receiving, at the identity provider server, a first request from a user agent server, the first request identifying one or more claim categories; generating, at the identity provider server, a data bundle at a first time in response to the first request, the data bundle identifying one or more attributes associated with a user related to the user agent server, wherein each attribute corresponds to a claim category of the one or more claim categories identified in the first request and a corresponding value; the identity provider server encrypting the data bundle with a user encryption key (UEK); transmitting, by the identity provider server, the data bundle to the user agent server; generating a first entry; signing the first entry with an identity provider private key corresponding to the identity provider server to generate a signed first entry; generating a second entry; and signing the second entry with a second key to generate a signed second entry, the second key being derived from the identity provider private key; at a first ledger; verifying a signature of the identity provider server on the first entry to generate a first signature verification result; storing the first entry in the first ledger based on the first signature verification result; and transmitting a first entry address to the identity provider server, the first entry address identifying an address of the first entry in the first ledger; at a second ledger; verifying a signature of the identity provider server on the second entry to generate a second signature verification result; storing the second entry in the second ledger based on the second signature verification result; and transmitting a second entry address to the identity provider server, the second entry address identifying an address of the second entry in the second ledger; and at one or more auditor servers; receiving a first ledger identifier identifying the first ledger storing the first entry, a second ledger identifier identifying the second ledger storing the second entry, the first entry address and the second entry address; accessing the first entry based on the first ledger identifier and the first entry address; verifying the signature of the identity provider server on the first entry; accessing the second entry based on the second ledger identifier and the second entry address; verifying the signature of the identity provider server on the second entry; generating a confirmation entry for each of the one or more auditor servers, wherein each confirmation entry is based on successful verification of the signature of the identity provider server on the first entry and the signature of the identity provider server on the second entry; and linking the first entry address to the second ledger identifier and the second entry address to the first ledger identifier based on the confirmation entry of the one or more auditor servers, wherein the identity provider server, the user agent server, the first ledger, the second ledger, and the one or more auditor servers are executed by one or more computing devices and communicate via a data communication network.
-
-
2. The identity management method of claim 1, further comprising, prior to receiving the first request, registering the user agent server at the identity provider server, wherein registering the user agent server at the identity provider server comprises:
-
receiving a user agent public key corresponding to the user agent server and a first user agent address uniquely identifying the user agent server to the identity provider server, wherein the first user agent address and the user encryption key are at least partially based on the user agent public key; and transmitting an identity provider public key associated with the identity provider server to the user agent server.
-
-
3. The identity management method of claim 2, further comprising:
generating, at the identity provider server, a data bundle ownership public key for the user agent server, the data bundle ownership public key being usable for releasing a response bundle based on one or more data bundles to a relying party server.
-
4. The identity management method of claim 1, further comprising:
generating a first entry for a first ledger, the first entry comprising; a hashed data bundle generated by cryptographic hashing of the data bundle; the data bundle ownership public key; the identity provider public key; the one or more hashed attributes and corresponding blinding factor; a cryptographic nonce; metadata corresponding to the one or more attributes; expiry information corresponding to the one or more attributes; a second ledger identifier identifying a second ledger storing a corresponding second entry and a second entry address identifying an address of the second entry in the second ledger; and a revocation status of the data bundle.
-
5. The identity management method of claim 1, further comprising:
generating a second entry for a second ledger, the second entry comprising; a hashed data bundle generated by cryptographic hashing of the data bundle; a cryptographic hash of the data bundle ownership public key and a corresponding blinding factor; a cryptographic hash of the identity provider public key and a corresponding blinding factor; the one or more hashed attributes and corresponding blinding factor; a cryptographic nonce; metadata corresponding to the one or more attributes; expiry information corresponding to the one or more attributes; and a revocation status of the data bundle.
-
6. The identity management method of claim 1, further comprising:
-
generating an auditor bundle for the one or more auditor servers, the auditor bundle comprising a first ledger identifier identifying the first ledger storing the first entry, a second ledger identifier identifying the second ledger storing the second entry, the first entry address and the second entry address; and signing the auditor bundle with the identity provider private key corresponding to the identity provider server to generate a signed auditor bundle.
-
-
7. The identity management method of claim 1, wherein the identity provider server is a group identity provider server, the method further comprising:
-
the identity provider server determining that a child transaction is required to fulfil the first request; and generating at least one child transaction request; and transmitting the at least one child transaction request to at least one other group identity provider server.
-
-
8. The identity management method of claim 1, further comprising:
-
the identity provider server determining that a blind query is required to fulfil the first request; and generating at least one blind query; and transmitting the at least one blind query to at least one other identity provider server.
-
-
9. An identity management system for controlling an exchange of data bundles, the system comprising:
-
a data communication network; a user agent server configured to transmit a first request identifying one or more claim categories to an identity provider server via the data communication network; the identity provider server in communication with the user agent server via the data communication network, the identity provider server being configured to; receive the first request; generate a data bundle at a first time in response to the first request, the data bundle identifying one or more attributes associated with a user related to the user agent server, wherein each attribute corresponds to a claim category of the one or more claim categories identified in the first request and a corresponding value; transmit the data bundle to the user agent server; generate a first entry; sign the first entry with an identity provider private key corresponding to the identity provider server to generate a signed first entry; generate a second entry; and sign the second entry with a second key to generate a signed second entry, the second key being derived from the identity provider private key; a first ledger in communication with the data communication network and configured to; verify a signature of the identity provider server on the first entry to generate a first signature verification result; store the first entry in the first ledger based on the first signature verification result; and transmit a first entry address to the identity provider server, the first entry address identifying an address of the first entry in the first ledger; a second ledger in communication with the data communication network and configured to; verify signature of the identity provider server on the second entry to generate a second signature verification result; store the second entry in the second ledger based on the second signature verification result; and transmit a second entry address to the identity provider server, the second entry address identifying an address of the second entry in the second ledger; and one or more auditor servers in communication with the first ledger and the second ledger via the data communication network, the one or more auditor servers configured to; receive a first ledger identifier identifying the first ledger storing the first entry, a second ledger identifier identifying the second ledger storing the second entry, the first entry address and the second entry address; access the first entry based on the first ledger identifier and the first entry address; verify the signature of the identity provider server on the first entry; access the second entry based on the second ledger identifier and the second entry address; verify the signature of the identity provider server on the second entry; generate a confirmation entry for each of the one or more auditor servers, wherein each confirmation entry is based on successful verification of the signature of the identity provider server on the first entry and the signature of the identity provider server on the second entry; and link the first entry address to the second ledger identifier and the second entry address to the first ledger identifier based on the confirmation entry of the one or more auditor servers, wherein the identity provider server, the user agent server, the first ledger, the second ledger, and the one or more auditor servers are executed by one or more computing devices.
-
Specification