Provision of authorization and other services
First Claim
1. In a system comprising:
- a root entity, the root entity maintaining a root certification authority adapted to issue a digital certificate to each of a first participant and a second participant;
the first participant maintaining a first certification authority adapted to issue a digital certificate to a first customer; and
the second participant maintaining a second certification authority adapted to issue a digital certificate to a second customer;
a method for providing authorization services, said method comprising the steps of;
generating by the second customer an authorization request to confirm the authority of an individual to act on behalf of the first customer, wherein the first customer has contacted the second customer but has not sent a digital signature to the second customer;
transmitting the authorization request from the second customer to the second participant;
transmitting the authorization request from the second participant to the first participant;
retrieving at the first participant information concerning the authority of the individual to act on behalf of the first customer and at least one rule for responding to the authorization request;
generating by the first participant an authorization response using the retrieved information and rules;
transmitting the response from the first participant to the second participant; and
transmitting the response from the second participant to the second customer.
5 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparati, and computer-readable media for providing authorization and other services. In a preferred embodiment, an authorization service includes both a messaging specification and a set of rules that govern its use. A first customer wishing to use the authorization service prepares a request that complies with the service'"'"'s messaging specification and transmits it to a first participant. The first participant transmits the request to a second participant, which processes the request according to authorization information provided by a second customer and rules that have been specified for the service. The second participant then prepares a response that complies with the service'"'"'s messaging specification.
106 Citations
20 Claims
-
1. In a system comprising:
-
a root entity, the root entity maintaining a root certification authority adapted to issue a digital certificate to each of a first participant and a second participant;
the first participant maintaining a first certification authority adapted to issue a digital certificate to a first customer; and
the second participant maintaining a second certification authority adapted to issue a digital certificate to a second customer;
a method for providing authorization services, said method comprising the steps of;
generating by the second customer an authorization request to confirm the authority of an individual to act on behalf of the first customer, wherein the first customer has contacted the second customer but has not sent a digital signature to the second customer;
transmitting the authorization request from the second customer to the second participant;
transmitting the authorization request from the second participant to the first participant;
retrieving at the first participant information concerning the authority of the individual to act on behalf of the first customer and at least one rule for responding to the authorization request;
generating by the first participant an authorization response using the retrieved information and rules;
transmitting the response from the first participant to the second participant; and
transmitting the response from the second participant to the second customer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for establishing an authorization service, said method comprising:
-
defining a proposed authorization service for confirming the authority of individuals and/or computers to transact on behalf of customers;
presenting the proposed authorization service to a policy management authority by sending an electronic communication to the policy management authority, wherein the proposed authorization service is developed by a participant and approved by the policy management authority before being offered to customers;
receiving approval of the proposed authorization service from the policy management authority via an electronic communication, whereby the proposed authorization service becomes an approved authorization service; and
implementing the approved authorization service. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. Apparatus for providing authorization services, said apparatus comprising:
-
a root entity, the root entity maintaining a root certification authority adapted to issue a digital certificate to each of a first participant and a second participant;
the first participant maintaining a first certification authority adapted to issue a digital certificate to a first customer; and
the second participant maintaining a second certification authority adapted to issue a digital certificate to a second customer;
said apparatus further comprising;
means for generating by the second customer an authorization request to confirm the authority of an individual to act on behalf of the first customer, wherein the first customer has contacted the second customer but has not sent a digital signature to the second customer;
means for transmitting the authorization request from the second customer to the second participant;
means for transmitting the authorization request from the second participant to the first participant;
means for retrieving at the first participant information concerning the authority of the individual to act on behalf of the first customer and at least one rule for responding to the authorization request;
means for generating by the first participant an authorization response using the retrieved information and rules;
means for transmitting the response from the first participant to the second participant; and
means for transmitting the response from the second participant to the second customer.
-
-
20. Apparatus for establishing an authorization service, said apparatus comprising:
-
means for defining a proposed authorization service for confirming the authority of individuals and/or computers to transact on behalf of customers;
means for presenting the proposed authorization service to a policy management authority by sending an electronic communication to the policy management authority, wherein the proposed authorization service is developed by a participant and approved by the policy management authority before being offered to customers;
means for receiving approval of the proposed authorization service from the policy management authority via an electronic communication, whereby the proposed authorization service becomes an approved authorization service; and
means for implementing the approved authorization service.
-
Specification