SYSTEMS AND METHODS AUTHENTICATING A DIGITALLY SIGNED ASSERTION USING VERIFIED EVALUATORS

US 20190312734A1
Filed: 05/01/2019
Published: 10/10/2019
Est. Priority Date: 04/05/2018
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a requesting device using verified evaluators, the method comprising:

receiving, by an authenticating device, at least a first digitally signed assertion from a requesting device, the at least a first digitally signed assertion linked to at least a verification datum;

evaluating, by the authenticating device, at least a second digitally signed assertion, signed by at least a cryptographic evaluator, conferring a credential to the requesting device;

validating, by the authenticating device, the credential as a function of the at least a second digitally signed assertion; and

authenticating, by the authenticating device, the requesting device based on the credential.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for authenticating a requesting device using verified evaluators includes an authenticating device. The authenticating device is designed and configured to receive at least a first digitally signed assertion from a requesting device, the at least a first digitally signed assertion linked to at least a verification datum, evaluate at least a second digitally signed assertion, signed by at least a cryptographic evaluator, conferring a credential to the requesting device, validate the credential, as a function of the at least a second digitally signed assertion, and authenticate the requesting device based on the credential.

81 Citations

20 Claims

1. A method of authenticating a requesting device using verified evaluators, the method comprising:
- receiving, by an authenticating device, at least a first digitally signed assertion from a requesting device, the at least a first digitally signed assertion linked to at least a verification datum;
  
  evaluating, by the authenticating device, at least a second digitally signed assertion, signed by at least a cryptographic evaluator, conferring a credential to the requesting device;
  
  validating, by the authenticating device, the credential as a function of the at least a second digitally signed assertion; and
  
  authenticating, by the authenticating device, the requesting device based on the credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 20)
- - 2. The method of claim 1, wherein receiving further comprises receiving a credential renewal request.
  - 3. The method of claim 2 further comprising generating a new credential as a function of credential
  - 4. The method of claim 3 further comprising posting the new credential to a temporally sequential listing.
  - 5. The method of claim 1, wherein validating further comprises:
    - determining a confidence level in the at least a cryptographic evaluator; and
      
      validating the credential as a function of the confidence level.
  - 6. The method of claim 1, wherein the second digitally signed assertion includes a plurality of digitally signed assertions generated by a plurality of cryptographic evaluators.
  - 7. The method of claim 6, wherein validation further comprises:
    - determining an aggregate confidence level in the plurality of cryptographic evaluators;
      
      comparing the aggregate confidence level to a validation threshold; and
      
      validating the credential as a function of the determination.
  - 8. The method of claim 1, wherein:
    - the credential includes an expiration period; and
      
      validation further comprises determining that the credential is current, based on the expiration period.
  - 9. The method of claim 1, wherein validation further comprises determining that the credential is not on a revocation list.
  - 10. The method of claim 1 further comprising transmitting, to a cryptographic evaluator, a secondary authentication request.
  - 11. The method of claim 10 further comprising receiving, from the cryptographic evaluator, an identifier of the requesting device.
  - 12. The method of claim 1 further comprising determining a scope of authorization based on the credential.
  - 13. The method of claim 12, whereinreceiving the at least a first digitally signed assertion further comprises receiving an authorization request to execute an application;
    - andauthentication further comprises determining that the scope of authorization includes the application.
  - 20. The system of claim 1 wherein the authenticating device is further configured to determine a scope of authorization based on the credential.

14. A system for authenticating a requesting device using verified evaluators, the system comprising:
- an authenticating device, wherein the authenticating device is designed and configured to receive at least a first digitally signed assertion from a requesting device, the at least a first digitally signed assertion linked to at least a verification datum, evaluate at least a second digitally signed assertion, signed by at least a cryptographic evaluator, conferring a credential to the requesting device, validate the credential, as a function of the at least a second digitally signed assertion, and authenticate the requesting device based on the credential.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14, wherein the authenticating device is further configured to receive a credential renewal request.
  - 16. The system of claim 14, wherein the second digitally signed assertion includes a plurality of digitally signed assertions generated by a plurality of cryptographic evaluators.
  - 17. The system of claim 14, wherein:
    - the credential includes an expiration period; and
      
      validation further comprises determining that the credential is current, based on the expiration period.
  - 18. The system of claim 14, wherein the authenticating device is further configured to transmit, to a cryptographic evaluator, a secondary authentication request.
  - 19. The system of claim 18 wherein the authenticating device is further configured to receive, from the cryptographic evaluator, an identifier of the requesting device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ares Technologies, Inc.
Original Assignee
Ares Technologies, Inc.
Inventors
Wentz, Christian T., Lebedev, Ilia

Granted Patent

US 11,218,324 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 2209/42   Anonymization, e.g. involvi...

H04L 9/006   involving public key infras...

H04L 9/0833   involving conference or gro...

H04L 9/085   Secret sharing or secret sp...

H04L 9/0866   involving user or device id...

H04L 9/0877   using additional device, e....

H04L 9/088   Usage controlling of secret...

H04L 9/0891   Revocation or update of sec...

H04L 9/3218   using proof of knowledge, e...

H04L 9/3228   One-time or temporary data,...

H04L 9/3234   involving additional secure...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/3265   using certificate chains, t...

H04L 9/3278   using physically unclonable...

H04L 9/3297   involving time stamps, e.g....

H04L 9/50   using hash chains, e.g. blo...

SYSTEMS AND METHODS AUTHENTICATING A DIGITALLY SIGNED ASSERTION USING VERIFIED EVALUATORS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

81 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

SYSTEMS AND METHODS AUTHENTICATING A DIGITALLY SIGNED ASSERTION USING VERIFIED EVALUATORS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

81 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others