Method and system for identity exchange and recognition for groups and group members
First Claim
1. In an initiating system, a method for establishing a group membership with a group identity information document comprising:
- creating group identity information for inclusion in the group identity information document; and
generating a self-signed group identity information document comprising the group identity information, at least a first key, and a group identity information document signature signed using a second key associated with the first key in the identity information document.
2 Assignments
0 Petitions
Accused Products
Abstract
A group certificate is used in a communication system to establish and recognize a group identity at a receiving system. Once a group identity is recognized, members of the group may be recognized based on membership certificates, or they may be recognized based on their own personal certificates separate from the group. In other words a member may be recognized based on trust by the recipient in the group or based on trust by the recipient in the member personally. Group identity information is created for inclusion in the group certificate. A group-signed group certificate is generated, and the certificate has as the group identity information, at least a first key, and a digital signature signed using a second key associated with the first key in the group certificate. The group-signed group certificate is sent to a receiving system to establish the group identity at the receiving system. A group-signed group membership certificate is sent to the receiving system to establish membership of the originator of the membership certificate in the group whose group identity is established at the receiving system. A security protocol is assigned to communications from group members based on the group identity information if the membership certificate is accepted. A security protocol is also assigned to communications from a group member based on a personal identity if a personal certificate is accepted.
83 Citations
22 Claims
-
1. In an initiating system, a method for establishing a group membership with a group identity information document comprising:
-
creating group identity information for inclusion in the group identity information document; and
generating a self-signed group identity information document comprising the group identity information, at least a first key, and a group identity information document signature signed using a second key associated with the first key in the identity information document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. In a communication system, apparatus for establishing a group identity comprising:
-
a group ID generate module generating a group certificate having at least a public key and a digital signature for the group; and
a send module transmitting the group certificate to establish the group identity at a receiving system. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer readable medium readable by a computing system and encoding a computer program of instructions for executing a computer process for establishing a group identity in a communications between an initiating system and a receiving system, said computer process comprising:
-
generating at the initiating system a group certificate having at least a group public key and a digital signature for the group signed with a group private key associated with group public key; and
sending the group certificate to the receiving system to establish the group identity at the receiving system. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
Specification