×

SYSTEMS, METHODS AND COMPUTER PROGRAM PRODUCTS FOR GENERATING ANONYMOUS ASSERTIONS

  • US 20090193509A1
  • Filed: 01/30/2008
  • Published: 07/30/2009
  • Est. Priority Date: 01/30/2008
  • Status: Active Grant
First Claim
Patent Images

1. A method for generating anonymous assertions, the method comprising:

  • engaging anonymous role authentication via one or more authenticator services, including;

    submitting an anonymous authorization token request and user credentials to the one or more authenticator services;

    authenticating a user via the user credentials;

    determining whether the user is authorized to make an assertion of the anonymous assertions, based on an assertion type that applies to an event;

    determining whether the user has already authenticated with the one or more authenticator services for the event;

    in response to authorizing the user to make the assertion in the event, completing a blind signature process;

    supplying an anonymous authorization token to the user, the anonymous authorization token enabling the user to make the assertion in the event;

    generating an assertion token on a trusted assertion device that is booted into a trusted configuration, wherein the assertion token is transmitted from any one of a plurality of locations and is transmitted via an Onion Routing method thereby preventing an assertion evaluator from tracing a location of the assertion token and an identity of the user, wherein the assertion token includes the anonymous authorization token coupled to an assertion descriptor, a platform configuration register and log, and an attestation identity key signature;

    processing the assertion and validating a right of the user to make the assertion for the event, including;

    verifying the attestation identity key signature, which is registered and trusted by the assertion evaluator;

    verifying the anonymous authorization token signature, in which a key for the anonymous authorization token signature is registered and trusted by the assertion evaluator;

    verifying the platform configuration registers and the log, which are device-specific and attest a state of the device at a time the assertion token is generated; and

    interpreting the assertion descriptor and the assertion.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×