Relying party trust anchor based public key technology framework
First Claim
1. A public key (PK) framework having a relying party user authentication system for allowing a relying party to authenticate a user, wherein the PK framework places user credentials under the control of the relying party, and wherein the relying party user authentication system includes:
- a storage system for storing certificates received from users in a user credentials data repository, wherein the certificates are issued by a plurality of different certificate authorities;
a management system for managing records in the user credentials data repository associated with users; and
a validation system that allows the relying party to retrieve certificates from the user credentials data repository in order to authenticate users.
1 Assignment
0 Petitions
Accused Products
Abstract
A public key (PK) framework for allowing a relying party to act as a trust anchor to authenticate a subscriber. The framework provides a directory system under the control of the relying party, wherein the directory system includes: a storage system for storing certificates received from subscribers in a database, wherein the certificates are issued by a plurality of different certificate authorities; a management system for managing records in the database associated with subscribers; and a validation system that allows the relying party to retrieve certificates from the database in order to authenticate subscribers.
-
Citations
20 Claims
-
1. A public key (PK) framework having a relying party user authentication system for allowing a relying party to authenticate a user, wherein the PK framework places user credentials under the control of the relying party, and wherein the relying party user authentication system includes:
-
a storage system for storing certificates received from users in a user credentials data repository, wherein the certificates are issued by a plurality of different certificate authorities;
a management system for managing records in the user credentials data repository associated with users; and
a validation system that allows the relying party to retrieve certificates from the user credentials data repository in order to authenticate users. - View Dependent Claims (2, 3, 4)
-
-
5. A relying party authentication server that authenticates users using public key infrastructure (PKI) credentials, wherein the relying party authentication server includes a plurality of trust anchors for authenticating the users, and wherein the trust anchors include:
-
a key store containing trusted certificate authority certificates;
a directory of registered certificates; and
a custom web services user credentials verification application. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A method for allowing a relying party to authenticate a user within a public key (PK) framework in which the user credentials are under the control of the relying party, comprising:
-
providing a user credentials data repository that is under the control of a relying party;
storing certificates received from users in the user credentials data repository, wherein the certificates are issued by a plurality of different certificate authorities;
receiving a request at the relying party to authenticate a user; and
retrieving a certificate from the user credentials data repository in order to authenticate the user. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A method for authenticating users using public key infrastructure (PKI) credentials, comprising the steps of:
-
receiving a request to authenticate a user at a relying party authentication server; and
selecting at least one trust anchor from a plurality of trust anchors to authenticate the user, wherein the plurality of trust anchors for authenticating the subscriber include;
a key store containing trusted certificate authority certificates;
a directory of registered certificates; and
a custom web services user credentials verification application. - View Dependent Claims (16, 17, 18, 20)
-
-
19. A method for deploying a relying party user authentication application in which user credentials are under the control of a relying party, comprising:
-
providing a computer infrastructure being operable to;
store certificates received from users in a user credentials data repository that is under the control of the relying party, wherein the certificates are issued by a plurality of different certificate authorities;
manage records in the user credentials data repository associated with the relying party; and
allow the relying party to retrieve certificates from the user credentials data repository in order to authenticate users.
-
Specification