Electronic Identity and Credentialing System
First Claim
Patent Images
1. An electronic identity and credentialing system comprising of:
- acquiring, issuing and using electronic identities;
wherein, the system is comprised of collaborating users, each user owning personal identifying information and owning at least one personal identity device, interoperable with the personal identity devices of other users;
wherein a personal identity device has a network interface, a digital camera, a user interface, a biometric module, authentication data, electronic documents and messages, and a pre-installed identity engine;
wherein the identity engine has electronic credentials contained therein specifying selected identifying information of the e-credential owner, the identity engine also controlling e-credentials of other device users contained therein, and a protected memory store;
wherein the protected memory store, possibly removable from the personal identity device, is controlled by the identity engine to safeguard secrets of the device owner therein, the identity engine not disclosing the secrets of the owner, the secrets utilized for pre-determined operations of the identity engine;
wherein owners of personal identity devices in their physical custody, each owner persistently bound to their device by way of authentication data, selecting an e-credential attested to by other device users, the owner can utilize their personal identity device to unambiguously identify themselves and securely collaborate with other device owners using cryptographic methods bound to the selected e-credential which cannot be employed by another user to masquerade as the device owner because the other user does not have the private keys paired with the public keys embedded in the selected e-credential;
whereby if the protected memory store containing the secrets of the owner is removable and is subsequently removed by the owner, the owner'"'"'s device is thereby rendered inoperable.
0 Assignments
0 Petitions
Accused Products
Abstract
Described is an electronic credentialing system that allows personal identity devices to interact; each interacting device has an installed identity engine that acquires, holds, issues and uses electronic credentials (e-credentials), these electronic credentials can be installed on personal identity devices, such as: smart phones, tablets, laptops, embedded systems, and/or personal computers.
-
Citations
13 Claims
-
1. An electronic identity and credentialing system comprising of:
-
acquiring, issuing and using electronic identities; wherein, the system is comprised of collaborating users, each user owning personal identifying information and owning at least one personal identity device, interoperable with the personal identity devices of other users; wherein a personal identity device has a network interface, a digital camera, a user interface, a biometric module, authentication data, electronic documents and messages, and a pre-installed identity engine; wherein the identity engine has electronic credentials contained therein specifying selected identifying information of the e-credential owner, the identity engine also controlling e-credentials of other device users contained therein, and a protected memory store; wherein the protected memory store, possibly removable from the personal identity device, is controlled by the identity engine to safeguard secrets of the device owner therein, the identity engine not disclosing the secrets of the owner, the secrets utilized for pre-determined operations of the identity engine; wherein owners of personal identity devices in their physical custody, each owner persistently bound to their device by way of authentication data, selecting an e-credential attested to by other device users, the owner can utilize their personal identity device to unambiguously identify themselves and securely collaborate with other device owners using cryptographic methods bound to the selected e-credential which cannot be employed by another user to masquerade as the device owner because the other user does not have the private keys paired with the public keys embedded in the selected e-credential;
whereby if the protected memory store containing the secrets of the owner is removable and is subsequently removed by the owner, the owner'"'"'s device is thereby rendered inoperable. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for handling digital seals applied to electronic artifacts, including documents, messages and e-credentials, comprising the steps of:
-
applying a digital seal to an electronic artifact, and; inspecting the digital seal applied to the electronic artifact. - View Dependent Claims (8, 9)
-
-
10. A method for acquiring attested electronic credentials comprising the steps of:
-
preparing and submitting an e-credential request to an issuer; receiving an e-credential request and attesting to the personal identifying information of the requester; and issuing an attested e-credential to the requester. - View Dependent Claims (11, 12, 13)
-
Specification