Method and system for granting acces to information for electronic commerce
First Claim
1. A system for controlling access to information items comprising:
- a) a storage subsystem containing definitions of customer groups, customer information including which customer group or groups to which each customer belongs, information item definitions including which customer group or groups with which each information item is associated, a set of group source keys, each group source key being associated with a different one of the customer groups, a set of group member keys, each group member key being associated with a different one of said group source keys;
b) an encryption subsystem for encrypting information items information items associated with a customer group using the group source key associated with the same group; and
c) an authentication subsystem for allowing a customer access to a group member key once the customer has been authenticated as a member of the customer group with which the group member key is associated, thereby enabling the customer to use the group member key to decrypt item information previously encrypted using the associated group source key.
1 Assignment
0 Petitions
Accused Products
Abstract
To reduce the number of key pairs that must be managed in an asymmetric encryption/decryption system, each customer of a vendor is assigned to at least one defined customer group as a function of the information that is to be made available to the customer. A key pair consisting of a group source key and a group member key is assigned to each defined customer group. The vendor uses the group source key to encrypt information to be made available only to members of the associated group. Authenticated customers are given the group member key for each group to which they belong. The customers use the group member key to decrypt information previously encrypted by the vendor using the associated group source key.
84 Citations
8 Claims
-
1. A system for controlling access to information items comprising:
-
a) a storage subsystem containing definitions of customer groups, customer information including which customer group or groups to which each customer belongs, information item definitions including which customer group or groups with which each information item is associated, a set of group source keys, each group source key being associated with a different one of the customer groups, a set of group member keys, each group member key being associated with a different one of said group source keys;
b) an encryption subsystem for encrypting information items information items associated with a customer group using the group source key associated with the same group; and
c) an authentication subsystem for allowing a customer access to a group member key once the customer has been authenticated as a member of the customer group with which the group member key is associated, thereby enabling the customer to use the group member key to decrypt item information previously encrypted using the associated group source key. - View Dependent Claims (2, 3, 4)
-
-
5. A method for controlling access to information items comprising the steps of:
-
a) storing definitions of customer groups;
b) storing customer information including which customer group or groups to which each customer belongs;
c) storing information items including which customer group or groups with which each information item is associated;
d) storing sets of key pairs, each key pair being associated with one of the defined customer groups and comprising a group source key and a group member key;
e) encrypting at least one information item using the group source key for the group with which the information item is associated; and
f) providing the group member keys to customer members of the groups with which the group member keys are associated, thereby enabling a customer to decrypt an encrypted information item associated with the customer'"'"'s group. - View Dependent Claims (6)
-
-
7. A program product having a computer-readable medium storing computer-readable program code for controlling access to information items, said computer-reable program code comprising:
-
a) code for causing the storage of definitions of customer groups;
b) code for causing the storage of customer information including which customer group or groups to which each customer belongs;
c) code for causing the storage of information items including which customer group or groups with which each information item is associated;
d) code for causing the storage of sets of key pairs, each key pair being associated with one of the defined customer groups and comprising a group source key and a group member key;
e) code for encrypting at least one information item using the group source key for the group with which the information item is associated; and
f) code for providing the group member keys to customer members of the groups with which the group member keys are associated, thereby enabling a customer to decrypt an encrypted information item associated with the customer'"'"'s group. - View Dependent Claims (8)
-
Specification