Digital certificate proxy

US 20030046544A1
Filed: 09/06/2001
Published: 03/06/2003
Est. Priority Date: 09/06/2001
Status: Active Grant

First Claim

Patent Images

1. A computer-user authentication system, comprising:

a physical token that can be carried by a user and introduced to a secure computing platform;

a long-term digital certificate disposed in the physical token; and

a short-term digital certificate authorized by the long-term digital certificate and generated by said physical token when the physical token is proximate thereto.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention generates a temporary digital certificate with a useful life of only a few minutes to a few hours. An expiration time is attached to such temporary digital certificate by a secure computer platform that is presented with a user'"'"'s smart-card. Expiration dates one or two years after the issuance of the smart-card are conventional. A digital certificate issued by a central authority is carried within the smart card and is used by the secure computer platform to generate temporary digital certificate. The temporary digital certificate functions as a proxy digital certificate that will allow the user to immediately pocket the smart card and thus avoid the possibility of forgetting it in a card reader.

Citations

14 Claims

1. A computer-user authentication system, comprising:
- a physical token that can be carried by a user and introduced to a secure computing platform;
  
  a long-term digital certificate disposed in the physical token; and
  
  a short-term digital certificate authorized by the long-term digital certificate and generated by said physical token when the physical token is proximate thereto.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-user authentication system of claim 1, wherein:
    - the physical token comprises a smart-card and is introduced to said computing platform by bringing it into electrical contact such that the short-term digital certificate can be read.
  - 3. The computer-user authentication system of claim 1, wherein:
    - the long-term digital certificate is issued by a centralized certificate authentication authority and includes an expiration date.
  - 4. The computer-user authentication system of claim 1, wherein:
    - the short-term digital certificate is substantially a proxy of the long-term digital certificate and includes an expiration time that is dependent on a separation time in which the physical token leaves its proximity with said secure computing platform.
  - 5. The computer-user authentication system of claim 1, wherein:
    - the physical token comprises a microcomputer and is introduced to said secure computing platform by bringing it near enough to establish contact such that a short-term digital certificate proxy can be read.
  - 6. The computer-user authentication system of claim 1, wherein:
    - the physical token comprises a microcomputer and is introduced to said secure computing platform by bringing it first into actual electrical contact and then keeping it near enough to maintain contact such that the long-term digital certificate can be periodically read; and
      
      the short-term digital certificate is a proxy of the long-term digital certificate and includes an expiration time that is dependent on a separation time in which said radio contact discontinues.
  - 7. The computer-user authentication system of claim 1, further comprising:
    - a centralized certificate authentication authority in network communication with said secure computing platform and which originally issued the long-term digital certificate; and
      
      a time standard supplied to both the centralized certificate authentication authority and said secure computing platform, and providing for a test of said expiration time for the short-term digital certificate and the expiration date of long-term digital certificate.

8. A method of computer-user authentication, comprising the steps of:
- introducing a long-term digital certificate with an expiration date to a computer platform;
  
  generating a short-term digital certificate with an expiration time from said long-term digital certificate; and
  
  using said short-term digital certificate as a proxy digital certificate in subsequent secure communications.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of computer-user authentication of claim 8, wherein:
    - said expiration time cannot exceed said expiration date.
  - 10. The method of computer-user authentication of claim 8, wherein:
    - proximity between a smart card and said computer platform is a prerequisite to the step of generating.
  - 11. The method of computer-user authentication of claim 8, wherein:
    - a radio contact between said smart card and said computer platform is a prerequisite to the step of generating.
  - 12. The method of computer-user authentication of claim 8, further comprising the step of:
    - dissolving said short-term digital certificate after said expiration time.
  - 13. The method of computer-user authentication of claim 8, further comprising the step of:
    - dissolving said short-term digital certificate when an electrical contact between said smart card and said computer platform is discontinued.
  - 14. The method of computer-user authentication of claim 8, further comprising the step of:
    - dissolving said short-term digital certificate when a radio contact between said smart card and said computer platform is discontinued.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
America Online Inc. (Warner Bros. Discovery, Inc.)
Inventors
Hayes, Terry N., Lord, Robert, Roskind, James Anthony

Granted Patent

US 6,854,057 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06Q 20/367   involving electronic purses...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 2209/80   Wireless

H04L 9/3234   involving additional secure...

H04L 9/3263   involving certificates, e.g...

Digital certificate proxy

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Digital certificate proxy

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links