SYSTEMS, METHODS AND COMPUTER PROGRAM PRODUCTS FOR GENERATING ANONYMOUS ASSERTIONS
First Claim
Patent Images
1. A method for generating anonymous assertions, the method comprising:
- engaging anonymous role authentication via one or more authenticator services, including;
submitting an anonymous authorization token request and user credentials to the one or more authenticator services;
authenticating a user via the user credentials;
determining whether the user is authorized to make an assertion of the anonymous assertions, based on an assertion type that applies to an event;
determining whether the user has already authenticated with the one or more authenticator services for the event;
in response to authorizing the user to make the assertion in the event, completing a blind signature process;
supplying an anonymous authorization token to the user, the anonymous authorization token enabling the user to make the assertion in the event;
generating an assertion token on a trusted assertion device that is booted into a trusted configuration, wherein the assertion token is transmitted from any one of a plurality of locations and is transmitted via an Onion Routing method thereby preventing an assertion evaluator from tracing a location of the assertion token and an identity of the user, wherein the assertion token includes the anonymous authorization token coupled to an assertion descriptor, a platform configuration register and log, and an attestation identity key signature;
processing the assertion and validating a right of the user to make the assertion for the event, including;
verifying the attestation identity key signature, which is registered and trusted by the assertion evaluator;
verifying the anonymous authorization token signature, in which a key for the anonymous authorization token signature is registered and trusted by the assertion evaluator;
verifying the platform configuration registers and the log, which are device-specific and attest a state of the device at a time the assertion token is generated; and
interpreting the assertion descriptor and the assertion.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods and computer program products for generating anonymous assertions. Exemplary embodiments include a method for generating anonymous assertions, the method comprising engaging anonymous role authentication via one or more authenticator services, generating an assertion token on a trusted assertion device that is booted into a trusted configuration, and processing the assertion and validating a right of the user to make the assertion for the event.
-
Citations
3 Claims
-
1. A method for generating anonymous assertions, the method comprising:
-
engaging anonymous role authentication via one or more authenticator services, including; submitting an anonymous authorization token request and user credentials to the one or more authenticator services; authenticating a user via the user credentials; determining whether the user is authorized to make an assertion of the anonymous assertions, based on an assertion type that applies to an event; determining whether the user has already authenticated with the one or more authenticator services for the event; in response to authorizing the user to make the assertion in the event, completing a blind signature process; supplying an anonymous authorization token to the user, the anonymous authorization token enabling the user to make the assertion in the event; generating an assertion token on a trusted assertion device that is booted into a trusted configuration, wherein the assertion token is transmitted from any one of a plurality of locations and is transmitted via an Onion Routing method thereby preventing an assertion evaluator from tracing a location of the assertion token and an identity of the user, wherein the assertion token includes the anonymous authorization token coupled to an assertion descriptor, a platform configuration register and log, and an attestation identity key signature; processing the assertion and validating a right of the user to make the assertion for the event, including; verifying the attestation identity key signature, which is registered and trusted by the assertion evaluator; verifying the anonymous authorization token signature, in which a key for the anonymous authorization token signature is registered and trusted by the assertion evaluator; verifying the platform configuration registers and the log, which are device-specific and attest a state of the device at a time the assertion token is generated; and interpreting the assertion descriptor and the assertion. - View Dependent Claims (2, 3)
-
Specification