Method and system for managing identities in a peer-to-peer networking environment
First Claim
1. A computer-readable medium containing an identity certificate data structure, the identity certificate data structure comprising:
- a first data field containing data representing an identity peer name;
a second data field containing data representing an identity public key, the identity public key and an identity private key forming a public/private key pair;
a third data field containing data representing a certificate type, the certificate type indicating an identity certificate; and
a fourth data field containing data representing a signature of the identity certificate, the signature derived, at least in part, from the identity private key.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed is a system for organizing and storing information about multiple peer identities. New certificates are introduced that enable a user to efficiently create, modify, and delete identities and groups. New storage structures enable the user to list and search through existing identities, groups, and their related certificates. An identity certificate contains information about a peer identity. A group root certificate is created by a user when he decides to create a new group. When the group creator user wishes to invite another entity to join the group, it creates another type of certificate called a group membership certificate. The group membership certificate is logically “chained” to the group root certificate. The invitee checks the validity of these certificates by checking that the chaining has been properly done. The invitee may then be allowed to invite other entities to join the group by sending out its own group membership certificates.
-
Citations
35 Claims
-
1. A computer-readable medium containing an identity certificate data structure, the identity certificate data structure comprising:
-
a first data field containing data representing an identity peer name;
a second data field containing data representing an identity public key, the identity public key and an identity private key forming a public/private key pair;
a third data field containing data representing a certificate type, the certificate type indicating an identity certificate; and
a fourth data field containing data representing a signature of the identity certificate, the signature derived, at least in part, from the identity private key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-readable medium containing a group root certificate data structure, the group root certificate data structure comprising:
-
a first data field containing data representing a group peer name;
a second data field containing data representing a group root public key;
a third data field containing data representing a certificate type, the certificate type indicating a group root certificate; and
a fourth data field containing data representing a signature of the group root certificate, the signature derived, at least in part, from a group root private key, the group root private key and the group root public key in the second data field forming a public/private key pair. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer-readable medium containing a group membership certificate data structure, the group membership certificate data structure comprising:
-
a first data field containing data representing a group peer name;
a second data field containing data representing an issuer peer name;
a third data field containing data representing a subject peer name;
a fourth data field containing data representing a certificate type, the certificate type indicating a group membership certificate; and
a fifth data field containing data representing a signature of the group membership certificate. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A computer-readable medium containing a group certificate chain data structure, the group certificate chain data structure comprising:
-
a first data field containing data representing a group root certificate, the group root certificate comprising;
a second data field containing data representing a group peer name;
a third data field containing data representing a group root public key;
a fourth data field containing data representing a certificate type, the certificate type indicating a group root certificate; and
a fifth data field containing data representing a signature of the group root certificate, the signature derived, at least in part, from a group root private key, the group root private key and the group root public key in the third data field forming a public/private key pair; and
a sixth data field containing data representing a group membership certificate, the group membership certificate comprising;
a. seventh data field containing data representing a group peer name, the group peer name in the seventh data field being the same as the group peer name in the second data field in the group root certificate;
an eighth data field containing data representing an issuer peer name, the issuer peer name in the eighth data field being a reference to the group root certificate in the first data field;
a ninth data field containing data representing a subject peer name;
a tenth data field containing data representing a certificate type, the certificate type indicating a group membership certificate; and
an eleventh data field containing data representing a signature of the group membership certificate. - View Dependent Claims (33, 34, 35)
-
Specification