Method for Authorizing and Authenticating Data
First Claim
Patent Images
1. A method for authenticating data to be processed in a digital processing system, comprising the steps of:
- generating a first key comprising a first public key portion and a first private key portion;
transferring the first public key portion and a digital representation of associated entitlements to the digital processing system;
generating a second key comprising a second public key portion and a second private key portion;
authorizing the second key using the first key producing a signature of the second key and associating entitlements with the second key, the associated entitlements being within the entitlements associated with the first key;
transferring the second public key portion and the associated signature and a digital representation of the associated entitlements to the digital processing system;
authenticating the second public key portion using the first public key portion and verifying that entitlements associated with the second public key portion are within the entitlements associated with the first public key portion.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and a corresponding apparatus for authenticating data in a digital processing system (DPS) is disclosed, wherein a root/first tier key pair associated with a first tier/root authority may sign data and second tier keys for authorizing data for processing in the DPS. The first tier/root authority may pass entitlements to the authorized second tier key, which may itself authorize third tier keys and pass entitlements to said key.
36 Citations
22 Claims
-
1. A method for authenticating data to be processed in a digital processing system, comprising the steps of:
-
generating a first key comprising a first public key portion and a first private key portion; transferring the first public key portion and a digital representation of associated entitlements to the digital processing system; generating a second key comprising a second public key portion and a second private key portion; authorizing the second key using the first key producing a signature of the second key and associating entitlements with the second key, the associated entitlements being within the entitlements associated with the first key; transferring the second public key portion and the associated signature and a digital representation of the associated entitlements to the digital processing system; authenticating the second public key portion using the first public key portion and verifying that entitlements associated with the second public key portion are within the entitlements associated with the first public key portion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A digital processing system adapted and configured for authenticating data by
receiving a first public key portion and a digital representation of associated entitlements in the digital processing system; -
receiving a second public key portion and a digital representation of associated entitlements and an associated digital signature in the digital processing system; authenticating the second public key portion and its associated entitlements using the first public key portion and verifying that entitlements associated with the second public key portion are within the entitlements associated with the first public key portion. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification