SYSTEMS AND METHODS FOR MANAGING DIGITAL IDENTITIES

US 20170222814A1
Filed: 04/17/2017
Published: 08/03/2017
Est. Priority Date: 10/14/2015
Status: Active Grant

First Claim

Patent Images

6. (canceled)

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for managing digital identities. In some embodiments, a method is provided, comprising acts of: using a plurality of measurements taken from a user to generate an identifier for the user, the identifier comprising a cryptographic proof of the plurality of measurements; instantiating a digital identity representation associated with the identifier for the user, the digital identity representation comprising program code that implements rules for attestation; generating an electronic signature over the digital identity representation; and publishing the digital identity representation and the electronic signature to a distributed ledger system.

Citations

30 Claims

6. (canceled)

7. A computer-implemented method comprising acts of:
- generating a badge for use in attesting to an identity of an identity owner, wherein the act of generating comprises;
  
  identifying a plurality of values, each value corresponding to an attribute of a plurality of attributes;
  
  generating an attribute attestation for each attribute of the plurality of attributes, the attribute attestation comprising at least one cryptographic proof of the value corresponding to the attribute of the plurality of attributes; and
  
  identifying an entity as being responsible for verifying the badge;
  
  publishing the badge to a distributed ledger system, wherein the badge includes the attribute attestation for each attribute of the plurality of attributes;
  
  sending, via the distributed ledger system, a request to the responsible entity to verify the badge; and
  
  sending, via a channel outside the distributed ledger system, to the responsible entity, the plurality of values corresponding respectively to the plurality of attributes.
- View Dependent Claims (1, 2, 3, 4, 5)
- - 1. The computer-implemented method of claim 7, further comprising acts of:
    - using a plurality of measurements taken from the identity owner to generate an identifier for the identity owner, the identifier comprising a cryptographic proof of the plurality of measurements;
      
      instantiating a digital identity representation associated with the identifier for the identity owner, the digital identity representation comprising program code that implements rules for attestation;
      
      generating an electronic signature over the digital identity representation; and
      
      publishing the digital identity representation and the electronic signature to the distributed ledger system.
  - 2. The computer-implemented method of claim 1, wherein the identity owner is a natural person, and wherein the plurality of measurements comprise at least one biometric measurement and at least one behavioral measurement.
  - 3. The computer-implemented method of claim 1, further comprising an act of:
    - receiving a confirmation from the distributed ledger system that a record of the digital identity representation has been created.
  - 4. The computer-implemented method of claim 7, wherein the distributed ledger system is implemented using at least one blockchain.
  - 5. The computer-implemented method of claim 7, further comprising an act of:
    - selecting a schema from a plurality of schemas for badges, the schema comprising the plurality of attributes, wherein the badge is generated according to the schema.

14. A computer-implemented method performed by an entity, the method comprising:
- receiving, via a distributed ledger system, a request to verify a badge, the badge comprising a plurality of attribute attestations corresponding respectively to a plurality of attributes for an identity owner, wherein for each attribute of the plurality of attributes, the corresponding attribute attestation comprises a cryptographic proof, and wherein the badge identifies the entity as being responsible for verifying the badge;
  
  receiving, via a channel outside the distributed ledger system, a plurality of values comprising, for each attribute of the plurality of attributes, a value corresponding to that attribute; and
  
  for at least one attribute of the plurality of attributes;
  
  checking whether the cryptographic proof in the attribute attestation corresponding to the at least one attribute is a valid proof of the received value corresponding to the at least one attribute;
  
  verifying, based on information relating to the identity owner, the received value corresponding to the at least one attribute; and
  
  in response to determining that the cryptographic proof is a valid proof of the received value corresponding to the at least one attribute, and successfully verifying the received value corresponding to the at least one attribute;
  
  electronically signing the attribute attestation corresponding to the at least one attribute; and
  
  causing, via the distributed ledger system, the attribute attestation corresponding to the at least one attribute to be in a VERIFIED state.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The computer-implemented method of claim 14, wherein the distributed ledger system comprises a digital identity representation associated with the identity owner, the digital identity representation comprises program code that implements rules for attestation.
  - 9. The computer-implemented method of claim 8, wherein:
    - the program code, when executed by at least one processor, maintains state information for the attribute attestation of each attribute of the plurality of attributes.
  - 10. The computer-implemented method of claim 9, wherein the program code, when executed by the at least one processor, maintains the attribute attestation corresponding to the at least one attribute in a state selected from a group consisting of:
    - PENDING, VERIFIED, EXPIRED, and INVALID.
  - 11. The computer-implemented method of claim 10, wherein the program code, when executed by the at least one processor, causes the attribute attestation corresponding to the at least one attribute to transition from the PENDING state to the VERIFIED state only in response to an instruction from the entity responsible for verifying the badge.
  - 12. The computer-implemented method of claim 10, wherein the program code, when executed by the at least one processor, causes the attribute attestation corresponding to the at least one attribute to transition from the VERIFIED state to the EXPIRED state upon expiration of a timer that was set when the attribute attestation last transitioned to the VERIFIED state.
  - 13. The computer-implemented method of claim 10, wherein the program code, when executed by the at least one processor, allows access to the cryptographic proof in the attribute attestation corresponding to the at least one attribute only if the attribute attestation is in the VERIFIED state.

15-17. -17. (canceled)

18. A system comprising:
- at least one processor;
  
  at least one non-transitory computer-readable medium having stored thereon instructions that program the at least one processor to;
  
  generate a badge for use in attesting to an identity of an identity owner, wherein the at least one processor is programmed to generate the badge at least in part by;
  
  identifying a plurality of values, each value corresponding to an attribute of a plurality of attributes;
  
  generating an attribute attestation for each attribute of the plurality of attributes, the attribute attestation comprising at least one cryptographic proof of the value corresponding to the attribute of the plurality of attributes; and
  
  identifying an entity as being responsible for verifying the badge;
  
  publish the badge to a distributed ledger system, wherein the badge includes the attribute attestation for each attribute of the plurality of attributes;
  
  send, via the distributed ledger system, a request to the responsible entity to verify the badge; and
  
  send, via a channel outside the distributed ledger system, to the responsible entity, the plurality of values corresponding respectively to the plurality of attributes.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The system of claim 18, wherein the at least one processor is further programmed to:
    - use a plurality of measurements taken from the identity owner to generate an identifier for the identity owner, the identifier comprising a cryptographic proof of the plurality of measurements;
      
      instantiate a digital identity representation associated with the identifier for the identity owner, the digital identity representation comprising program code that implements rules for attestation;
      
      generate an electronic signature over the digital identity representation; and
      
      publish the digital identity representation and the electronic signature to the distributed ledger system.
  - 20. The system of claim 19, wherein the identity owner is a natural person, and wherein the plurality of measurements comprise at least one biometric measurement and at least one behavioral measurement.
  - 21. The system of claim 19, wherein the at least one processor is further programmed to:
    - receive a confirmation from the distributed ledger system that a record of the digital identity representation has been created.
  - 22. The system of claim 18, wherein the distributed ledger system is implemented using at least one blockchain.
  - 23. The system of claim 18, wherein the at least one processor is further programmed to:
    - select a schema from a plurality of schemas for badges, the schema comprising the plurality of attributes, wherein the badge is generated according to the schema.

24. A system comprising:
- at least one processor;
  
  at least one non-transitory computer-readable medium having stored thereon instructions that program the at least one processor to;
  
  receive, via a distributed ledger system, a request to verify a badge, the badge comprising a plurality of attribute attestations corresponding respectively to a plurality of attributes for an identity owner, wherein for each attribute of the plurality of attributes, the corresponding attribute attestation comprises a cryptographic proof, and wherein the badge identifies the entity as being responsible for verifying the badge;
  
  receive, via a channel outside the distributed ledger system, a plurality of values comprising, for each attribute of the plurality of attributes, a value corresponding to that attribute; and
  
  for at least one attribute of the plurality of attributes;
  
  check whether the cryptographic proof in the attribute attestation corresponding to the at least one attribute is a valid proof of the received value corresponding to the at least one attribute;
  
  verify, based on information relating to the identity owner, the received value corresponding to the at least one attribute; and
  
  in response to determining that the cryptographic proof is a valid proof of the received value corresponding to the at least one attribute, and successfully verifying the received value corresponding to the at least one attribute;
  
  electronically signing the attribute attestation corresponding to the at least one attribute; and
  
  cause, via the distributed ledger system, the attribute attestation corresponding to the at least one attribute to be in a VERIFIED state.
- View Dependent Claims (25, 26, 27, 28, 29, 30)
- - 25. The system of claim 24, wherein the distributed ledger system comprises a digital identity representation associated with the identity owner, the digital identity representation comprises program code that implements rules for attestation.
  - 26. The system of claim 25, wherein:
    - the program code, when executed, maintains state information for the attribute attestation of each attribute of the plurality of attributes.
  - 27. The system of claim 26, wherein the program code, when executed, maintains the attribute attestation corresponding to the at least one attribute in a state selected from a group consisting of:
    - PENDING, VERIFIED, EXPIRED, and INVALID.
  - 28. The computer-implemented method of claim 27, wherein the program code, when executed, causes the attribute attestation corresponding to the at least one attribute to transition from the PENDING state to the VERIFIED state only in response to an instruction from the entity responsible for verifying the badge.
  - 29. The system of claim 27, wherein the program code, when executed, causes the attribute attestation corresponding to the at least one attribute to transition from the VERIFIED state to the EXPIRED state upon expiration of a timer that was set when the attribute attestation last transitioned to the VERIFIED state.
  - 30. The system of claim 27, wherein the program code, when executed, allows access to the cryptographic proof in the attribute attestation corresponding to the at least one attribute only if the attribute attestation is in the VERIFIED state.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blockchains Incorporated
Original Assignee
Cambridge Blockchain, LLC
Inventors
Oberhauser, Alex, Commons, Matthew, Bhargava, Alok

Granted Patent

US 9,749,140 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/33   using certificates

G06Q 10/06   Resources, workflows, human...

G06Q 20/02   involving a neutral party, ...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/4014   Identity check for transact...

G06Q 2220/00   Business processing using c...

G11B 20/00086   Circuits for prevention of ...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3247   involving digital signatures

H04L 9/50   using hash chains, e.g. blo...

H04N 2201/3233   of authentication informati...

SYSTEMS AND METHODS FOR MANAGING DIGITAL IDENTITIES

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR MANAGING DIGITAL IDENTITIES

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links