Method for acquiring and revalidating an electronic credential
First Claim
1. A method for acquiring an electronic credential utilizing a customer trusted agent, an authority trusted agent, and a host processor, comprising the steps of:
- establishing a cryptographically secure session between said customer trusted agent and said authority trusted agent, wherein said customer and authority trusted agents are tamper-proofed processing devices;
said host processor sending credential information to said authority trusted agent;
said authority trusted agent assembling said electronic credential including said credential information, a device identifier uniquely designating the trusted agent that will receive said electronic credential, a digital signature of said authority trusted agent, and a certificate of said authority trusted agent;
sending said electronic credential to said customer trusted agent, via said cryptographically secure session;
said customer trusted agent validating said electronic credential;
said customer trusted agent committing;
said authority trusted agent committing; and
when said electronic credential is sent to another device and is checked, said other device verifying that said device identifier in said electronic credential matches a device identifier of said customer trusted agent.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for open electronic commerce having a customer trusted agent securely communicating with a first money module, and a merchant trusted agent securely communicating with a second money module. Both trusted agents are capable of establishing a first cryptographically secure session, and both money modules are capable of establishing a second cryptographically secure session. The merchant trusted agent transfers electronic merchandise to the customer trusted agent, and the first money module transfers electronic money to the second money module. The money modules inform their trusted agents of the successful completion of payment, and the customer may use the purchased electronic merchandise.
478 Citations
23 Claims
-
1. A method for acquiring an electronic credential utilizing a customer trusted agent, an authority trusted agent, and a host processor, comprising the steps of:
-
establishing a cryptographically secure session between said customer trusted agent and said authority trusted agent, wherein said customer and authority trusted agents are tamper-proofed processing devices; said host processor sending credential information to said authority trusted agent; said authority trusted agent assembling said electronic credential including said credential information, a device identifier uniquely designating the trusted agent that will receive said electronic credential, a digital signature of said authority trusted agent, and a certificate of said authority trusted agent; sending said electronic credential to said customer trusted agent, via said cryptographically secure session; said customer trusted agent validating said electronic credential; said customer trusted agent committing; said authority trusted agent committing; and when said electronic credential is sent to another device and is checked, said other device verifying that said device identifier in said electronic credential matches a device identifier of said customer trusted agent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 22)
-
-
11. A method for remotely revalidating an electronic credential utilizing a customer trusted agent and an authority trusted agent, comprising the steps of:
-
(a) establishing a cryptographically secure session between said customer trusted agent and said authority trusted agent, wherein said customer and authority trusted agents are tamper-proofed processing devices; (b) said customer trusted agent sending said electronic credential to said authority trusted agent, via said cryptographically secure session, for remote revalidation, wherein said electronic credential includes a device identifier uniquely designating the trusted agent that had received said electronic credential; (c) said authority trusted agent validating said electronic credential, including verifying that said device identifier in said electronic credential matches a device identifier of said customer trusted agent; (d) said authority trusted agent assembling an updated electronic credential including updated credential information, said device identifier of said customer trusted agent, a digital signature of said authority trusted agent, and a certificate of said authority trusted agent; (e) sending said updated electronic credential to said customer trusted agent, via said cryptographically secure session; (f) said customer trusted agent validating said updated electronic credential; (g) said customer trusted agent committing; and (h) said authority trusted agent committing. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 23)
-
Specification