Method for securely using digital signatures in a commercial cryptographic system
First Claim
1. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
- receiving a digital user transaction including a digital message and attribute data, and a digital user signature based on said digital message and on a private key of a user;
receiving a digital identifying certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user;
receiving a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, and authorizing transactions by said user, said authorizing certificate containing rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data;
verifying said transaction based on information in said identifying certificate and in said authorizing certificate, said step of verifying including applying said rules to said attribute data in order to verify that said transaction is valid; and
accepting said transaction based on said outcome of said verifying,wherein said attribute data includes a timestamp indicating when said transaction was formed and wherein said rules specify allowed times at which transactions can be formed and wherein said step of verifying includes a step of determining whether said timestamp indicates one of said specified allowed times, andwherein said allowed times are certain days of the week, and wherein said step of verifying includes a step of determining whether said timestamp indicates that said transaction was formed on one of said certain days of the week.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for securely using digital signatures in a commercial cryptographic system that allows industry-wide security policy and authorization information to be encoded into the signatures and certificates by employing attribute certificates to enforce policy and authorization requirements. In addition to value limits, cosignature requirements and document type restrictions that can be placed on transactions, an organization can enforce with respect to any transaction geographical and temporal controls, age-of-signature limitations, preapproved counterparty limitations and confirm-to requirements by using attribute certificates for the transacting user. Restrictions on distribution of certificates can be set using attribute certificates. Certificates can be used also to ensure key confinement and non-decryption requirements of smartcards in this system.
701 Citations
37 Claims
-
1. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and attribute data, and a digital user signature based on said digital message and on a private key of a user; receiving a digital identifying certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user; receiving a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, and authorizing transactions by said user, said authorizing certificate containing rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data; verifying said transaction based on information in said identifying certificate and in said authorizing certificate, said step of verifying including applying said rules to said attribute data in order to verify that said transaction is valid; and accepting said transaction based on said outcome of said verifying, wherein said attribute data includes a timestamp indicating when said transaction was formed and wherein said rules specify allowed times at which transactions can be formed and wherein said step of verifying includes a step of determining whether said timestamp indicates one of said specified allowed times, and wherein said allowed times are certain days of the week, and wherein said step of verifying includes a step of determining whether said timestamp indicates that said transaction was formed on one of said certain days of the week.
-
-
2. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and attribute data, and a digital user signature based on said digital message and on a private key of a user; receiving a digital identifying certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user; receiving a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, and authorizing transactions by said user, said authorizing certificate containing rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data; verifying said transaction based on information in said identifying certificate and in said authorizing certificate, said step of verifying including applying said rules to said attribute data in order to verify that said transaction is valid; and accepting said transaction based on said outcome of said verifying, wherein said attribute data includes a timestamp indicating when said transaction was formed and wherein said rules specify allowed times at which transactions can be formed and wherein said step of verifying includes a step of determining whether said timestamp indicates one of said specified allowed times, and wherein said allowed times are certain times of day, and wherein said step of verifying includes a step of determining whether said timestamp indicates that said transaction was formed at said certain times of day.
-
-
3. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and attribute data, and a digital user signature based on said digital message and on a private key of a user; receiving a digital identifying certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user; receiving a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, and authorizing transactions by said user, said authorizing certificate containing rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data; verifying said transaction based on information in said identifying certificate and in said authorizing certificate, said step of verifying including applying said rules to said attribute data in order to verify that said transaction is valid; and accepting said transaction based on said outcome of said verifying, wherein said attribute data includes a timestamp indicating when said transaction was formed and wherein said rules specify a time period after said transaction was formed within which said user signature is valid, and wherein said transaction is invalid if said signature is not verified within said specified time period, and wherein said step of verifying said transaction comprises the steps of; verifying said signature and determining whether said verifying of said signature took place within said specified time period.
-
-
4. A method A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and attribute data, and a digital user signature based on said digital message and on a private key of a user; receiving a digital identifying certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user; receiving a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, and authorizing transactions by said user, said authorizing certificate containing rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data; verifying said transaction based on information in said identifying certificate and in said authorizing certificate, said step of verifying including applying said rules to said attribute data in order to verify that said transaction is valid; and accepting said transaction based on said outcome of said verifying, wherein said attribute data includes a role said user is exercising by performing said transaction and wherein said rules specify roles which said user may exercise, and wherein said step of verifying includes a step of determining whether said role is one of said specified roles.
-
-
5. A method A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and attribute data, and a digital user signature based on said digital message and on a private key of a user; receiving a digital identifying certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user; receiving a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, and authorizing transactions by said user, said authorizing certificate containing rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data, wherein said rules specify a list of at least one recipient of said transaction considered acceptable by said sponsor; verifying said transaction based on information in said identifying certificate and in said authorizing certificate, said step of verifying including applying said rules to said attribute data in order to verify that said transaction is valid, said step of verifying by a recipient including the step of determining whether said recipient is in said list; and accepting said transaction based on said outcome of said verifying, said method further comprising the steps of, after said step of verifying; forming a digital recipient signature based on said user transaction and on a private key of said recipient; combining said digital recipient signature and said user transaction to form a verified transaction; providing to said sponsor said verified transaction.
-
-
6. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and attribute data, and a digital user signature based on said digital message and on a private key of a user; receiving a digital identifying certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user; receiving a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, and authorizing transactions by said user, said authorizing certificate containing rules specifying conditions under which said digital transaction is valid, said rules specifying that said sponsor must be notified of and must approve said transaction, said rules to be applied to said attribute data; verifying said transaction based on information in said identifying certificate and in said authorizing certificate, said step of verifying including applying said rules to said attribute data in order to verify that said transaction is valid; accepting said transaction based on said outcome of said verifying; notifying said sponsor of said transaction; and awaiting a reply from said sponsor. - View Dependent Claims (7)
-
-
8. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, said digital transaction containing attribute data including a timestamp indicating when said transaction was formed; combining with said digital user transaction a digital identifying certificate issued by a certifying authority, said identifying certificate having a plurality of digital fields, at least one of said fields identifying said user; and combining with said digital transaction a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, for authorizing transactions by said user, wherein said digital authorizing certificate contains rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data in order to determine whether said transaction is valid, wherein said rules specify allowed times at which transactions can be formed, and wherein said transaction is invalid if said timestamp does not indicate one of said specified allowed times, and wherein said allowed times are certain days of the week, and wherein said transaction is invalid if said timestamp indicates that said transaction was not formed on one of said certain days of the week.
-
-
9. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, said digital transaction containing attribute data including a timestamp indicating when said transaction was formed; combining with said digital user transaction a digital identifying certificate issued by a certifying authority, said identifying certificate having a plurality of digital fields, at least one of said fields identifying said user; and combining with said digital transaction a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, for authorizing transactions by said user, wherein said digital authorizing certificate contains rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data in order to determine whether said transaction is valid, wherein said rules specify allowed times at which transactions can be formed, and wherein said transaction is invalid if said timestamp does not indicate one of said specified allowed times, and wherein said allowed times are certain times of day and wherein said transaction is invalid if said timestamp indicates that said transaction was not formed at said certain times of day.
-
-
10. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, said digital transaction containing attribute data; combining with said digital user transaction a digital identifying certificate issued by a certifying authority, said identifying certificate having a plurality of digital fields, at least one of said fields identifying said user; and combining with said digital transaction a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, for authorizing transactions by said user, wherein said digital authorizing certificate contains rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data in order to determine whether said transaction is valid, wherein said attribute data includes a role said user is exercising by performing said transaction and wherein said rules specify roles which said user may exercise and wherein said transaction is invalid if said role is not one of said specified roles.
-
-
11. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, said digital transaction containing attribute data; combining with said digital user transaction a digital identifying certificate issued by a certifying authority, said identifying certificate having a plurality of digital fields, at least one of said fields identifying said user; and combining with said digital transaction a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, for authorizing transactions by said user, wherein said digital authorizing certificate contains rules specifying conditions under which said digital transaction is valid, said rules to be applied to said attribute data in order to determine whether said transaction is valid, wherein said rules specify that said sponsor must be notified of and must approve said transaction and wherein said transaction is invalid unless said sponsor is notified of said transaction. - View Dependent Claims (36)
-
-
12. A method of enforcing a policy in a cryptographic communication system comprising:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction; combining with said digital user transaction a digital identifying certificate issued by a certifying authority, said identifying certificate having a plurality of digital fields, at least one of said fields identifying said user; and combining with said digital transaction a digital authorizing certificate, separate from said identifying certificate and issued by a sponsor of said user, for authorizing transactions by said user, wherein said digital authorizing certificate contains rules identifying conditions under which said digital transaction is valid, said rules to be applied to said digital message in order to determine whether said transaction is valid.
-
-
13. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, wherein said transaction contains attribute data including a document type of said message; combining with said digital user transaction a digital certificate issued by a certifying authority, said certificate having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, said rule to be applied to said attribute data in order to determine whether said transaction is valid, and wherein said rule specifies allowed document types for messages, and wherein said transaction is invalid if said document type is not one of said specified allowed document types.
-
-
14. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and a digital user signature based on said digital message and on a private key of a user, wherein said transaction contains attribute data including a document type of said message; receiving a digital certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, said rule to be applied to said attribute data in order to determine whether said transaction is valid, and wherein said rule specifies allowed document types for messages; verifying said transaction based on information in said certificate, including determining whether said document type is one of said specified allowed document types; and accepting said transaction based on said outcome of said verifying.
-
-
15. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, wherein said transaction contains attribute data including a location at which said transaction was formed; combining with said digital user transaction a digital certificate issued by a certifying authority, said certificate having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, said rule to be applied to said attribute data in order to determine whether said transaction is valid, and wherein said rule specifies allowed locations at which transactions may be formed, and wherein said transaction is invalid if said location is not one of said specified allowed locations.
-
-
16. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and a digital user signature based on said digital message and on a private key of a user, wherein said transaction contains attribute data including a location at which said transaction was formed; receiving a digital certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, and wherein said rule specifies allowed locations at which transactions may be formed; verifying said transaction based on information in said certificate, including determining whether said location is one of said specified allowed locations; and accepting said transaction based on said outcome of said verifying.
-
-
17. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, wherein said transaction contains attribute data including a timestamp indicating when said transaction was formed; combining with said digital user transaction a digital certificate issued by a certifying authority, said certificate having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, said rule to be applied to said attribute data in order to determine whether said transaction is valid, and wherein said rule specifies allowed times at which transactions may be formed, and wherein said transaction is invalid if said timestamp does not indicate one of said specified allowed times. - View Dependent Claims (18, 19)
-
-
20. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and a digital user signature based on said digital message and on a private key of a user, wherein said transaction contains attribute data including a timestamp indicating when said transaction was formed; receiving a digital certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, and wherein said rule specifies allowed times at which transactions may be formed; verifying said transaction based on information in said certificate, including determining whether said timestamp indicates one of said specified allowed times; and accepting said transaction based on said outcome of said verifying. - View Dependent Claims (21, 22)
-
-
23. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, wherein said transaction contains attribute data including a timestamp indicating when said transaction was formed; combining with said digital user transaction a digital certificate issued by a certifying authority, said certificate having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, said rule to be applied to said attribute data in order to determine whether said transaction is valid, and wherein said rule specifies a time period within which said signature is valid, and wherein said transaction is invalid if said signature is not verified within said specified time period. - View Dependent Claims (24)
-
-
25. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and a digital user signature based on said digital message and on a private key of a user, wherein said transaction contains attribute data including a timestamp indicating when said transaction was formed; receiving a digital certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, and wherein said rule specifies a time period within which said signature is valid; verifying said transaction based on information in said certificate; and accepting said transaction based on said outcome of said verifying, wherein said step of verifying includes the steps of; verifying said signature; and determining whether said verifying of said signature took place within said specified time period. - View Dependent Claims (26)
-
-
27. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction, wherein said transaction contains attribute data including a role said user is exercising by performing said transaction; combining with said digital user transaction a digital certificate issued by a certifying authority, said certificate having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, said rule to be applied to said attribute data in order to determine whether said transaction is valid, and wherein said rule specifies allowed roles which said user may exercise, and wherein said transaction is invalid if said role is not one of said specified allowed roles.
-
-
28. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and a digital user signature based on said digital message and on a private key of a user, wherein said transaction contains attribute data including a role said user is exercising by performing said transaction; receiving a digital certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, and wherein said rule specifies allowed roles which said user may exercise; verifying said transaction based on information in said certificate, including determining whether said role is one of said specified allowed roles; and accepting said transaction based on said outcome of said verifying.
-
-
29. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction; combining with said digital user transaction a digital certificate issued by a certifying authority, said certificate having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, said rule to be applied to said attribute data in order to determine whether said transaction is valid, and wherein said rule specifies that a specified entity must be notified of said transaction and wherein said transaction is invalid unless said specified entity is notified of and approves said transaction.
-
-
30. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and a digital user signature based on said digital message and on a private key of a user; receiving a digital certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, and wherein said rule specifies that a specified entity must be notified of said transaction; verifying said transaction based on information in said certificate; accepting said transaction based on said outcome of said verifying; notifying said specified entity of said transaction; and awaiting a reply from said specified entity. - View Dependent Claims (31, 33)
-
-
32. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
forming a digital message by a user; forming a digital user signature based on said digital message and a private key of said user; combining said digital message and said digital user signature to form a digital user transaction; combining with said digital user transaction a digital certificate issued by a certifying authority, said certificate having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, said rule to be applied to said attribute data in order to determine whether said transaction is valid, and wherein said rule specifies a list of at least one recipient of said transaction considered acceptable by said certifying authority and wherein said transaction is invalid if it is acted on by a recipient not in said list.
-
-
34. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and a digital user signature based on said digital message and on a private key of a user; receiving a digital certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, and wherein said rule specifies a list of at least one recipient of said transaction considered acceptable by said certifying authority; verifying said transaction based on information in said certificate, including determining whether a recipient is in said list, and accepting said transaction based on said outcome of said verifying. - View Dependent Claims (35)
-
-
37. A method of enforcing a policy in a cryptographic communication system comprising the steps of:
-
receiving a digital user transaction including a digital message and a digital user signature based on said digital message and on a private key of a user, wherein said transaction contains attribute data including a timestamp indicating when said transaction was formed; receiving a digital certificate issued by a certifying authority and having a plurality of digital fields, at least one of said fields identifying said user and at least one other of said fields containing a rule specifying a condition under which said digital transaction is valid according to said certifying authority, and wherein said rule specifies a time period after said transaction was formed within which said user signature is valid, and wherein said transaction is invalid if said signature is not verified within said specified time period, verifying said transaction based on information in said certificate; and accepting said transaction based on said outcome of said verifying, wherein said step of verifying includes the steps of; verifying said signature; and determining whether said verifying of said signature took place after said specified time period.
-
Specification