ABDS Method and Verification Status for Authenticating Entity Access
First Claim
1. A method of authenticating a requesting entity for access to a controlled resource by communicating electronically over a communications medium to an access authentication component controlling the controlled resource, comprising the steps of,(a) the requesting entity initially opening a security account with the access authentication component, the access authentication component establishing and maintaining at least one record including information pertaining to the account and being retrievable based on a unique identifier established for the requesting entity, and for each record, associating a public key of a respective public-private key pair of the requesting entity with the record,(b) after initializing the account, the requesting entity entering personal verification data and verifying the data to form at least one verification status,(c) the requesting entity then originating an electronic message including the verification status and generating a digital signature using the private key of the requesting entity'"'"'s public-private key pair,(d) sending the digitally signed electronic message to the access authentication component with the unique identifier of the requesting entity, the access authentication component authenticating the electronic message and the verification status using the public key associated with the record identified by the requesting entity'"'"'s unique identifier included with the electronic message;
- and(e) upon the successful authentication of the electronic message and the verification status, the access authentication component authenticating the requesting entity for access to the controlled resource.
9 Assignments
0 Petitions
Accused Products
Abstract
Authenticating an entity for access to a controlled resource by an access authentication component for the controlled resource includes the steps of: the requesting entity initially opening a security account with the access authentication component, with the access authentication component establishing and maintaining a record including information pertaining to the account and being retrievable based on a unique identifier for the requesting entity, and associating a public key of a public-private key pair with the record; the requesting entity originating an electronic message and generating a digital signature using a private key of the key pair, and sending the digitally signed electronic message to the access authentication component with the unique identifier; authenticating the electronic message using the public key associated with the record identified by the unique identifier; and upon successful authentication, authenticating access to the controlled resource. A digitally signed verification status is included with the electronic message.
170 Citations
20 Claims
-
1. A method of authenticating a requesting entity for access to a controlled resource by communicating electronically over a communications medium to an access authentication component controlling the controlled resource, comprising the steps of,
(a) the requesting entity initially opening a security account with the access authentication component, the access authentication component establishing and maintaining at least one record including information pertaining to the account and being retrievable based on a unique identifier established for the requesting entity, and for each record, associating a public key of a respective public-private key pair of the requesting entity with the record, (b) after initializing the account, the requesting entity entering personal verification data and verifying the data to form at least one verification status, (c) the requesting entity then originating an electronic message including the verification status and generating a digital signature using the private key of the requesting entity'"'"'s public-private key pair, (d) sending the digitally signed electronic message to the access authentication component with the unique identifier of the requesting entity, the access authentication component authenticating the electronic message and the verification status using the public key associated with the record identified by the requesting entity'"'"'s unique identifier included with the electronic message; - and
(e) upon the successful authentication of the electronic message and the verification status, the access authentication component authenticating the requesting entity for access to the controlled resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- and
- 10. A method of authenticating a requesting entity for continuing access to a controlled resource by communicating electronically over a communications medium to an access authentication component for the controlled resource, the requesting entity initially entering personal verification data and verifying the data to form a verification status and having sent the verification status to the access authentication component, the access authentication component having evaluated the verification status and authenticated access to the controlled resource for the requesting entity, the access authentication component maintaining business rules and now requesting in accordance with one of the rules that the verification status be reconfirmed by the requesting entity, comprising the steps of,
- 15. A method of initially authenticating a requesting entity for access to a controlled resource by communicating electronically over a communications medium to an access authentication component for the controlled resource, comprising the steps of,
-
20. A data structure for an electronic communication from a requesting entity to an access authentication component, comprising
Specification