Transaction coordinator for digital certificate validation and other services
First Claim
1. A microprocessor-based transaction coordinator for facilitating computerized transactions using techniques of public key cryptography, said transaction coordinator comprising:
- an interface module adapted to communicate with other entities;
coupled to the interface module, a set of service modules comprising at least one of a digital certificate status check module, a warranty service module, and a payment guarantee module; and
coupled to the interface module, a set of core components comprising at least one of a logging component, a billing component, and a digital signature component.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for facilitating electronic commerce by securely providing certificate-related and other services including certificate validation and warranty. In a preferred embodiment, these services are provided within the context of a four-corner trust model. The four-corner model comprises a buyer, or subscribing customer, and a seller, or relying customer, who engage in an on-line transaction. The buyer is a customer of a first financial institution, or issuing participant. The issuing participant operates a certificate authority and issues the buyer a hardware token including a private key and a digital certificate signed by the issuing participant. The seller is a customer of a second financial institution, or relying participant. The relying participant operates a certificate authority and issues the seller a hardware token including a private key and a digital certificate signed by the relying participant. The system also includes a root certificate authority that operates a certificate authority that issues digital certificates to the issuing and relying participants. At the time of a transaction, the buyer creates a hash of the transaction data, signs the hash, and transmits the transaction data, the signature, and its digital certificate to the seller. The seller may then request system services via a connection with its financial institution, the relying participant. The system services may include a certificate status check service and a warranty service. The certificate status check service allows the relying customer to validate the subscribing customer'"'"'s certificate. The warranty service allows the relying customer to receive a collateral-backed warranty that the subscribing customer'"'"'s certificate is valid. Each participant and the root entity is provided with a transaction coordinator for combining services and operations into a single transaction having the qualities of atomicity, consistency, isolation, and durability. The transaction coordinator provides a single consistent interface for certificate-status messages and requests, as well as messages and requests relating to other services.
84 Citations
29 Claims
-
1. A microprocessor-based transaction coordinator for facilitating computerized transactions using techniques of public key cryptography, said transaction coordinator comprising:
-
an interface module adapted to communicate with other entities;
coupled to the interface module, a set of service modules comprising at least one of a digital certificate status check module, a warranty service module, and a payment guarantee module; and
coupled to the interface module, a set of core components comprising at least one of a logging component, a billing component, and a digital signature component. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. Apparatus for providing a digital certificate status check service via a computer network, said apparatus comprising:
-
a root entity;
at least one issuing participant; and
at least one relying participant;
wherein;
each of the root entity, each issuing participant, and each relying participant comprises a transaction coordinator;
coupled to each transaction coordinator is a digital certificate authentication and validation module adapted to check status of digital certificates, to receive online digital certificate status requests from the transaction coordinator, and to transmit online digital certificate status responses to the transaction coordinator; and
coupled to each digital certificate authentication and validation module is a hardware security module. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer-implemented method for providing a digital certificate status check service via a computer network, said method comprising the steps of:
-
providing a root entity, at least one issuing participant, and at least one relying participant; and
providing each of the root entity, each issuing participant, and each relying participant with a microprocessor-based transaction coordinator;
coupling to each transaction coordinator a digital certificate authentication and validation module to check status of digital certificates, to receive online certificate status requests from the transaction coordinator, and to transmit online certificate status responses to the transaction coordinator; and
coupling to each digital certificate authentication and validation module a hardware security module. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
Specification