Challenge-Response Access Control Using Context-Based Proof
First Claim
1. A method for authorizing access to an asset, in which an access-controlling entity controls access to the asset and a requesting entity wishes access to the asset, said method comprising:
- transmitting to the requesting entity a challenge data set;
receiving from the requesting entity a response purportedly corresponding to a representation of the challenge data set in a non-repudiatable form, obtained from an event validation system;
querying the event validation system to determine whether the response does correspond to a correct representation of the challenge data set in the non-repudiatable form; and
authorizing the requesting entity for access only if the response is correct representation.
2 Assignments
0 Petitions
Accused Products
Abstract
Access by a requesting entity to an asset is authorized by an access-controlling entity, which transmits to the requesting entity a challenge data set and then receives from the requesting entity a response purportedly corresponding to a representation of the challenge data set in a non-repudiatable form, obtained from an event validation system. The access-controlling entity queries the event validation system to determine whether the response does correspond to a correct representation of the challenge data set in the non-repudiatable form, and authorizes the requesting entity for access only if the response is correct representation. Non-repudiation can be established through entry into a blockchain, or using a hash-tree-based digital signature infrastructure.
-
Citations
30 Claims
-
1. A method for authorizing access to an asset, in which an access-controlling entity controls access to the asset and a requesting entity wishes access to the asset, said method comprising:
-
transmitting to the requesting entity a challenge data set; receiving from the requesting entity a response purportedly corresponding to a representation of the challenge data set in a non-repudiatable form, obtained from an event validation system; querying the event validation system to determine whether the response does correspond to a correct representation of the challenge data set in the non-repudiatable form; and authorizing the requesting entity for access only if the response is correct representation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for authorizing access to an asset, in which an access-controlling entity controls access to the asset and a requesting entity wishes access to the asset, comprising computer-executable code embodied in a non-volatile storage medium, which, when executed by a processor, causes the access-controlling entity:
-
to transmit to the requesting entity a challenge data set; to receive from the requesting entity a response purportedly corresponding to a representation of the challenge data set in a non-repudiatable form, obtained from an event validation system; to query the event validation system to determine whether the response does correspond to a correct representation of the challenge data set in the non-repudiatable form; and to authorize the requesting entity for access only if the response is correct representation. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification