Defending the name space
First Claim
1. A global digital entity identification mean comprising a plurality of identification schemes for personal key storage units or key boxes belonging to the said entity used to contain key data for security means comprise a public cryptographic one etc. The said key data comprises the collection of all relevant information pertaining to the key or keys for the said security means. The said key storage units may have names comprising “
- key boxes”
(used in the sequel), “
key containers”
, “
key storages”
, etc., stored in any media, which serves as logical key boxes used in the application domains implicitly or explicitly claimed by this patent.
0 Assignments
0 Petitions
Accused Products
Abstract
This invention is about an global entity oriented declarative authentication and security system that can be used in the present and future internet based distributed applications and services. An entity here refers to an unique object (most likely to be physical or human) or aspect that can hardly be duplicated. The system provides both authentication and security (A & S). It can be used in areas comprising one to one or one to many (OR or AND) content publication or distribution so that maximum granularity of access control is made possible. Examples comprise 1) A & S in messaging or communication (one to one). 2) A & S in publication or distribution or information sharing (one to many(OR)). 3) Secured document escrowing (one to many(AND)). 4) Declarative just in time A & S for web-services. 5) Copyright protection for digital products. 6) Digital cash. 7) Internet based electronic voting system. 8) Witnessed digital legal papers. 9) Support large scale virtualized virtual private network and its applications. 10) etc.
171 Citations
58 Claims
-
1. A global digital entity identification mean comprising a plurality of identification schemes for personal key storage units or key boxes belonging to the said entity used to contain key data for security means comprise a public cryptographic one etc. The said key data comprises the collection of all relevant information pertaining to the key or keys for the said security means. The said key storage units may have names comprising “
- key boxes”
(used in the sequel), “
key containers”
, “
key storages”
, etc., stored in any media, which serves as logical key boxes used in the application domains implicitly or explicitly claimed by this patent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 58)
- key boxes”
-
35. A crypto-gateway “
- server”
approach to centralized entity cryptographic keys and peer certificates management, cryptographic processing, etc., to provide a mean for establishing a scalable declarative digital identification and authentication system in distributed or centralized applications wherein the “
server”
comprise any hardware or virtual devices, operation systems virtual or not, systems, software collections, etc. that processes requests either in a serialized or concurrent fashion with control means comprise monolithic, micro-kerneled, centralized, distributed, etc. The term “
server”
is also used to denote any processes, fibres, jobs, threads running within the client software'"'"'s process or running outside of it or running on a different operating system or on a different hardware platform controlled by the same or different operating system as the one where its clients reside, that serves the purpose of a server. The scope of “
centralization”
is limited to a trusted local area network, a single computer (virtual or not), a group of related fibres, jobs, processes, application domain, or even threads, etc. The said crypto-gateway server communicates with client softwares using a plurality of protocols. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
- server”
Specification