×

Preserving Privacy While Using Authorization Certificates

  • US 20080052772A1
  • Filed: 12/13/2004
  • Published: 02/28/2008
  • Est. Priority Date: 12/24/2003
  • Status: Abandoned Application
First Claim
Patent Images

1. A method of preserving privacy for a user while enabling the user controlled access to data,the user being represented by a user device (110,721) and identified by a user identity,the method using at least one certificate that associates data access rights with the user identity,wherein the certificate conceals the user identity,the certificate comprises publicly available solution information P, anda concealed secret S′

  • is publicly available,the method further comprises at least one ofa certificate verification process (120,420) between the user device and a verifier device (111,701),a certificate issuing process (220,520,620) between the user device and an issuing device (211,711), anda certificate re-issuing process (320) between the user device and the issuing device,wherein the certificate verification process comprises the steps ofthe user device obtaining the concealed secret S′

    corresponding to the certificate,the user device retrieving the secret S from the concealed secret S′

    ,the verifier device obtaining the solution information P from the certificate,the user device proving to the verifier device that it knows the secret S without the verifier device learning the secret S or the user identity,wherein the certificate issuing process comprises the steps of;

    generating a secret S and a solution information P,concealing the secret S into a concealed secret S′

    ,the issuing device issuing a certificate comprising at least the solution information P,wherein the certificate re-issuing process comprises the steps ofthe user device obtaining the concealed secret S′

    corresponding to the certificate,the user device retrieving the secret S from the concealed secret S′

    ,the issuing device obtaining the solution information P from the certificate,the user device proving to the issuing device that it knows the secret S without the issuing verifier device learning the secret S or the user identity,generating a new secret S2 and new solution information P2,concealing the secret S2 into a concealed secret S2

    ,the issuing device issuing a new certificate comprising at least the new solution information P2.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×