System and method for specifying security, privacy, and access control to information used by others

US 20030033528A1
Filed: 06/14/2002
Published: 02/13/2003
Est. Priority Date: 06/15/2001
Status: Active Grant

First Claim

Patent Images

1. A method for issuing an electronic document comprising:

establishing a grantor certified reference, a requestor certified reference, and access control rules for said requestor; and

incorporating said grantor certified reference, said requester certified reference, and said access control rules in the electronic document digitally signed by said grantor, wherein said grantor grants access to information stored in a computer system owned by another party to said requester.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A grantor issues a trustable electronic document for the benefit of a requester. The requestor may be able to get the benefits specified by the electronic document through access controls located at the service or information origin. A request digitally signed by a requestor is received. The digitally signed request contains the electronic document digitally signed by the grantor. The electronic document also contains a grantor certified reference, a requester certified reference, and access control rules for the requester. The request is validated using the requestor certified reference and the access control rules for the requestor.

117 Citations

42 Claims

1. A method for issuing an electronic document comprising:
- establishing a grantor certified reference, a requestor certified reference, and access control rules for said requestor; and
  
  incorporating said grantor certified reference, said requester certified reference, and said access control rules in the electronic document digitally signed by said grantor, wherein said grantor grants access to information stored in a computer system owned by another party to said requester.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1 wherein said grantor certified reference includes a name and password combination.
  - 3. The method according to claim 1 wherein said requestor certified reference includes a name and password combination.
  - 4. The method according to claim 1 wherein said grantor certified reference includes a digital certificate.
  - 5. The method according to claim 1 wherein said requestor certified reference includes a digital certificate.
  - 6. The method according to claim 1 wherein said access rule is expressed in hypertext language.
  - 7. The method according to claim 1 wherein said access rule is expressed in extensible mark-up language (XML).

8. A method for accessing information comprising:
- receiving an electronic document digitally signed by a grantor, said electronic document having a grantor certified reference, a requester certified reference, and access control rules for said requester; and
  
  appending a digitally signed request for access to the information to said electronic document by said requester, wherein said grantor grants access to information stored in a computer system owned by the third party to said requestor.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 9. The method according to claim 8 wherein said grantor certified reference includes a name and password combination.
  - 10. The method according to claim 8 wherein said requestor certified reference includes a name and password combination.
  - 11. The method according to claim 8 wherein said grantor certified reference includes a digital certificate.
  - 12. The method according to claim 8 wherein said requestor certified reference includes a digital certificate.
  - 13. The method according to claim 8 wherein said access rule is expressed in hypertext language.
  - 14. The method according to claim 8 wherein said access rule is expressed in extensible mark-up language (XML).
  - 15. The method according to claim 8 wherein said request is expressed in hypertext language.
  - 16. The method according to claim 8 wherein said request is expressed in extensible mark-up language (XML).
  - 17. The method according to claim 8 wherein said request is expressed in structured query language.

18. A method for validating access to information comprising:
- receiving a request digitally signed by a requester, said digitally signed request having an electronic document digitally signed by a grantor, said electronic document having a grantor certified reference, a requestor certified reference, access control ru for said requester; and
  
  validating said request using said requester certified reference and said access control rules for said requester, wherein said grantor grants access to information stored in a computer system owned by the third party to said requester.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 19. The method according to claim 18 wherein said grantor certified reference includes a name and password combination.
  - 20. The method according to claim 18 wherein said requestor certified reference includes a name and password combination.
  - 21. The method according to claim 18 wherein said grantor certified reference includes a digital certificate.
  - 22. The method according to claim 18 wherein said requester certified reference includes a digital certificate.
  - 23. The method according to claim 18 wherein said access rule is expressed in hypertext language.
  - 24. The method according to claim 18 wherein said access rule is expressed in extensible mark-up language (XML).
  - 25. The method according to claim 18 wherein said request is expressed in hypertext language.
  - 26. The method according to claim 18 wherein said request is expressed in extensible mark-up language (XML).
  - 27. The method according to claim 18 wherein said request is expressed in structured query language.
  - 28. The method according to claim 18, further comprising:
    - validating said electronic document using said grantor certified reference.

29. A method for validating access to information comprising:
- providing an electronic document having a requestor certified reference, a grantor certified reference, at least one access rule digitally signed by a grantor, and a request digitally signed by said requestor;
  
  validating said electronic document using said requestor certified reference, said grantor certified reference and said at least one access rule, wherein said grantor grants access to information stored in a computer system owned by another party to said beneficiary.

30. A method for validating access to information comprising:
- providing an electronic document which contains means to check the identity of a requester, at least one access rule digitally signed by a grantor, and a request digitally signed by said requester;
  
  validating said request using said identity and said access rules, wherein said grantor grants access to information stored in a computer system owned by another party to said beneficiary.

31. An apparatus for issuing an electronic document comprising:
- means for establishing a grantor certified reference, a requestor certified reference, and access control rules for said requestor; and
  
  means for incorporating said grantor certified reference, said requester certified reference, and said access control rules in the electronic document digitally signed by said grantor, wherein said grantor grants access to information stored in a computer system owned by another party to said requester.

32. An apparatus for accessing information comprising:
- means for receiving an electronic document digitally signed by a grantor, said electronic document having a grantor certified reference, a requester certified reference, and access control rules for said requester; and
  
  means for appending a digitally signed request for access to the information to said electronic document by said requester, wherein said grantor grants access to information stored in a computer system owned by the third party to said requester.

33. An apparatus for validating access to information comprising:
- means for receiving a request digitally signed by a requester, said digitally signed request having an electronic document digitally signed by a grantor, said electronic document having a grantor certified reference, a requestor certified reference, access control rules for said requester; and
  
  means for validating said request using said requester certified reference and said access control rules for said requester, wherein said grantor grants access to information stored in a computer system owned by the third party to said requestor.

34. An apparatus for validating access to information comprising:
- means for providing an electronic document having a requester certified reference, a grantor certified reference, at least one access rule digitally signed by a grantor, and a request digitally signed by said requestor;
  
  means for validating said electronic document using said requester certified reference, said grantor certified reference and said at least one access rule, wherein said grantor grants access to information stored in a computer system owned by another party to said beneficiary.

35. An apparatus for validating access to information comprising:
- means for providing an electronic document which contains means to check the identity of a requester, at least one access rule digitally signed by a grantor, and a request digitally signed by said requestor;
  
  means for validating said request using said identity and said access rules, wherein said grantor grants access to information stored in a computer system owned by another party to said beneficiary.

36. A program storage device readable by a machine, tangibly embodying a program of instructions readable by the machine to perform a method for issuing an electronic document, the method comprising:
- establishing a grantor certified reference, a requester certified reference, and access control rules for said requester; and
  
  incorporating said grantor certified reference, said requestor certified reference, and said access control rules in the electronic document digitally signed by said grantor, wherein said grantor grants access to information stored in a computer system owned by another party to said requestor.

37. A program storage device readable by a machine, tangibly embodying a program of instructions readable by the machine to perform a method for access information, the method comprising:
- receiving an electronic document digitally signed by a grantor, said electronic document having a grantor certified reference, a requestor certified reference, and access control rules for said requestor; and
  
  appending a digitally signed request for access to the information to said electronic document by said requestor, wherein said grantor grants access to information stored in a computer system owned by the third party to said requestor.

38. A program storage device readable by a machine, tangibly embodying a program of instructions readable by the machine to perform a method for validating access to information, the method comprising:
- receiving a request digitally signed by a requester, said digitally signed request having an electronic document digitally signed by a grantor, said electronic document having a grantor certified reference, a requester certified reference, access control rules for said requestor; and
  
  validating said request using said requestor certified reference and said access control rules for said requestor, wherein said grantor grants access to information stored in a computer system owned by the third party to said requestor.

39. A program storage device readable by a machine, tangibly embodying a program of instructions readable by the machine to perform a method for validating access to information, the method comprising:
- providing an electronic document having a requester certified reference, a grantor certified reference, at least one access rule digitally signed by a grantor, and a request digitally signed by said requester;
  
  validating said electronic document using said requestor certified reference, said grantor certified reference and said at least one access rule, wherein said grantor grants access to information stored in a computer system owned by another party to said requestor.

40. A program storage device readable by a machine, tangibly embodying a program of instructions readable by the machine to perform a method for validating access to information, the method comprising:
- providing an electronic document which contains means to check the identity of a requester, at least one access rule digitally signed by a grantor, and a request digitally signed by said requestor;
  
  validating said request using said identity and said access rules, wherein said grantor grants access to information stored in a computer system owned by another party to said requester.

41. An electronic document comprising:
- a requestor certified reference;
  
  at least one access rule; and
  
  a grantor digital signature coupled to said requester certified reference and said at least one access rule, wherein said grantor grants access to information stored in a computer system owned by another party to said requester.
- View Dependent Claims (42)
- - 42. The electronic document according to claim 41 further comprising:
    - a request for access to information stored in said computer system; and
      
      a requestor digital signature coupled to said request and the electronic document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Link US All LLC
Original Assignee
Versada Networks
Inventors
Ozog, Francois Frederic, Coulon, Etienne

Granted Patent

US 7,657,747 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

G06F 21/33   using certificates

G06F 21/6209   to a single file or object,...

G06F 2221/2115   Third party

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/105   Multiple levels of security

H04L 63/126   the source of the received ...

System and method for specifying security, privacy, and access control to information used by others

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

117 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for specifying security, privacy, and access control to information used by others

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

117 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links