PRIVACY-PRESERVING FLEXIBLE ANONYMOUS-PSEUDONYMOUS ACCESS
First Claim
1. A computer-implemented method of authorizing access for a user to a relying party (RP), mediated by an identity provider (IdP), comprising:
- receiving the user'"'"'s registration of a first pseudonym at the IdP in a previous session;
upon verification of the user'"'"'s possession of the first pseudonym, generating, by a processor, a first representation of an access token to the user for accessing the RP, wherein the first representation of the access token selectively encodes a partial disclosure based on one or more characteristics of the user known to the IdP, the partial disclosure being a confirmation of at least some characteristics required for user access at the RP, the first representation of the access token being modifiable to a second representation of the access token that is unlinkable to the first representation of the access token, and the second representation of the access token remaining as a valid access token for accessing the RP; and
providing the first representation of the access token to the user for accessing the RP.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for privacy-preserving flexible user-selected anonymous and pseudonymous access at a relying party (RP), mediated by an identity provider (IdP). Anonymous access is unlinkable to any previous or future accesses of the user at the RP. Pseudonymous access allows the user to associate the access to a pseudonym previously registered at the RP. A pseudonym system is disclosed. The pseudonym system allows a large number of different and unlinkable pseudonyms to be generated using only a small number of secrets held by the user. The pseudonym system can generate tokens capable of including rich semantics in both a fixed format and a free format. The tokens can be used in obtaining from the IdP, confirmation of access privilege and/or of selective partial disclosure of user characteristics required for access at the RPs. The pseudonym system and associated protocols also support user-enabled linkability between pseudonyms.
-
Citations
47 Claims
-
1. A computer-implemented method of authorizing access for a user to a relying party (RP), mediated by an identity provider (IdP), comprising:
-
receiving the user'"'"'s registration of a first pseudonym at the IdP in a previous session; upon verification of the user'"'"'s possession of the first pseudonym, generating, by a processor, a first representation of an access token to the user for accessing the RP, wherein the first representation of the access token selectively encodes a partial disclosure based on one or more characteristics of the user known to the IdP, the partial disclosure being a confirmation of at least some characteristics required for user access at the RP, the first representation of the access token being modifiable to a second representation of the access token that is unlinkable to the first representation of the access token, and the second representation of the access token remaining as a valid access token for accessing the RP; and providing the first representation of the access token to the user for accessing the RP. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable storage medium encoded with a computer program, the program comprising instructions that when executed by one or more computers cause the one or more computers to perform operations comprising:
-
receiving the user'"'"'s registration of a first pseudonym at the IdP in a previous session; upon verification of the user'"'"'s possession of the first pseudonym, generating, by a processor, a first representation of an access token to the user for accessing the RP, wherein the first representation of the access token selectively encodes a partial disclosure based on one or more characteristics of the user known to the IdP, the partial disclosure being a confirmation of at least some characteristics required for user access at the RP, the first representation of the access token being modifiable to a second representation of the access token that is unlinkable to the first representation of the access token, and the second representation of the access token remaining as a valid access token for accessing the RP; and providing the first representation of the access token to the user for accessing the RP. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
one or more computers; and a computer-readable storage medium coupled to the one or more computers having instructions stored thereon which, when executed by the one or more computers, cause the one or more computers to perform operations comprising; receiving the user'"'"'s registration of a first pseudonym at the IdP in a previous session; upon verification of the user'"'"'s possession of the first pseudonym, generating, by a processor, a first representation of an access token to the user for accessing the RP, wherein the first representation of the access token selectively encodes a partial disclosure based on one or more characteristics of the user known to the IdP, the partial disclosure being a confirmation of at least some characteristics required for user access at the RP, the first representation of the access token being modifiable to a second representation of the access token that is unlinkable to the first representation of the access token, and the second representation of the access token remaining as a valid access token for accessing the RP; and providing the first representation of the access token to the user for accessing the RP. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A computer-implemented method of allowing access for a user to a relying party (RP), mediated by an identity provider (IdP), comprising:
-
receiving a request to access the RP from the user, the request comprising a second representation of an access token, the second representation of the access token being based on a first representation of the access token issued to the user by the IdP, the second representation of the access token being unlinkable to the first representation of the access token by the RP and the IdP individually, and the second representation of the access token being unlinkable to the first representation of the access token by the RP and the IdP in collusion; if the first representation of the access token is publicly verifiable, verifying, by a processor, the second representation of the access token; and providing access to the user upon successful verification of the second representation of the access token; if the first representation of the access token is privately verifiable by the IdP, presenting the second representation of the access token to the IdP for verification; and providing access to the user if the IdP successfully verifies the second representation of the access token. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
29. A tangible computer-readable storage medium encoded with a computer program, the program comprising instructions that when executed by one or more computers cause the one or more computers to perform operations comprising:
-
receiving a request to access the RP from the user, the request comprising a second representation of an access token, the second representation of the access token being based on a first representation of the access token issued to the user by the IdP, the second representation of the access token being unlinkable to the first representation of the access token by the RP and the IdP individually, and the second representation of the access token being unlinkable to the first representation of the access token by the RP and the IdP in collusion; if the first representation of the access token is publicly verifiable, verifying, by a processor, the second representation of the access token; and providing access to the user upon successful verification of the second representation of the access token; if the first representation of the access token is privately verifiable by the IdP, presenting the second representation of the access token to the IdP for verification; and providing access to the user if the IdP successfully verifies the second representation of the access token. - View Dependent Claims (30, 31, 32, 33, 34, 35)
-
-
36. A system comprising:
-
one or more computers; and a computer-readable storage medium coupled to the one or more computers having instructions stored thereon which, when executed by the one or more computers, cause the one or more computers to perform operations comprising; receiving a request to access the RP from the user, the request comprising a second representation of an access token, the second representation of the access token being based on a first representation of the access token issued to the user by the IdP, the second representation of the access token being unlinkable to the first representation of the access token by the RP and the IdP individually, and the second representation of the access token being unlinkable to the first representation of the access token by the RP and the IdP in collusion; if the first representation of the access token is publicly verifiable, verifying, by a processor, the second representation of the access token; and providing access to the user upon successful verification of the second representation of the access token; if the first representation of the access token is privately verifiable by the IdP, presenting the second representation of the access token to the IdP for verification; and providing access to the user if the IdP successfully verifies the second representation of the access token. - View Dependent Claims (37, 38, 39, 40, 41, 42)
-
-
43. A system for managing user access at relying parties (RPs), mediated by identity providers (IdPs), the system comprising:
-
a first subsystem for a user to prove possession of a first pseudonym previously registered with an IdP to the IdP; a second subsystem for the user to obtain a first representation of an access token from the IdP for accessing an RP anonymously; a third subsystem for the user to modify the first representation of the access token to obtain a second representation of the access token for anonymous access at the RP, where the second representation of the access token is unlinkable to the first representation of the access token by the IdP; a fourth subsystem for the user to present the second representation of the access token to the RP either anonymously or pseudonymously based on user choice; a fifth subsystem for the user to connect the second representation of the access token to one of the user'"'"'s pseudonyms previously registered at the RP, wherein the user'"'"'s pseudonyms registered at the RP are unlinkable to the pseudonym registered at the IdP; a sixth subsystem for the user to prove possession of a second pseudonym previously registered with the RP to the RP; and a seventh subsystem for allowing user access to the RP upon successful cryptographic proof of either the second representation of the access token for anonymous access, or the second representation of the access token and the pseudonym previously registered with the RP for pseudonymous access. - View Dependent Claims (44, 45, 46)
-
-
47. A method, comprising:
-
maintaining a pseudonym system on a device, the pseudonym system operable to generate an unbounded number of pseudonyms based on a fixed number of cryptographic keys; generating a plurality of pseudonyms for establishing respective pseudonymous identities with a plurality of entities, the plurality of pseudonyms being generated by the pseudonym system based on at least one of the fixed number of cryptographic keys, and the plurality of pseudonyms being unlinkable to one another by entities that do not possess the cryptographic key; registering each of the plurality of pseudonymous identities with a respective entity in the plurality of entities using a corresponding pseudonym in the plurality of pseudonyms; and reproducing and proving possession of each pseudonymous identity without maintaining a persistent copy of the corresponding pseudonym.
-
Specification