Distributed registration and key distribution system and method

US 6,002,768 A
Filed: 05/07/1996
Issued: 12/14/1999
Est. Priority Date: 05/07/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A method of distributing electronic registration certificates to electronic online conference session participants, comprising the steps of:

providing a first service provider who is a conference session holder with a public/private key pair for a specified conference session;

providing a plurality of other service providers with active participant registration certificates that give said service providers authority to register participants of said specified conference session, as well as authority to register additional service providers as active participants of said specified conference session by providing said additional service providers with respective active participant registration certificates;

where each active participant registration certificate is digitally signed by either said conference session holder or one of said service providers using a private key of a public/private key pair unique to said conference session holder or respective service provider;

each active participant registration certificate including the public key of said public/private key pair unique to the service provider whose authority to register participants is given by said each active participant registration certificate;

said service providers providing participants of said specified conference session with passive participant registration certificates, where each passive participant registration certificate is digitally signed by a respective one of said service providers using a private key of a public/private key pair unique to said respective service provider; and

validating any one of said passive participant registration certificates by verifying its digital signature with the public key associated with the service provider who provided said one passive participant registration certificate, and validating that service provider'"'"'s active participant registration certificate by verifying its digital signature with the public key associated with the conference session holder or service provider who provided said service provider'"'"'s active participant registration certificate;

whereinsaid conference session holder receives conference session certificates from one or more certification authorities, each conference session certificate including a public key associated with the conference session holder, where said conference session holder stores a corresponding private key for digitally signing said active participant registration certificates provided by said conference session holder to said service providers; and

when any one of said passive participants requests an attendance certificate for said specified conference session from one of said certification authorities, said certification authority validates the requesting party'"'"'s passive participant registration certificate and then generates a corresponding conference session attendance certificate.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An online conference session management system includes computer sites associated with a conference session holder, a plurality of service providers and a plurality of conference session participants. The conference session holder and each service provider has a respective associated public/private key pair for a specified online conference session. Each service provider is provided with an active participant registration certificate that gives the service provider the authority to register participants of the specified conference session, as well as authority to register other service providers as active participants of the specified conference session by providing those other service providers with respective active participant registration certificates. Each active participant registration certificate is digitally signed by either the conference session holder or one of the service providers using a private key of a public/private key pair unique to the conference session holder or respective service provider. Each active participant registration certificate includes the public key of the public/private key pair unique to the service provider whose authority to register participants is given by that active participant registration certificate. The service providers provide participants of the specified conference session with passive participant registration certificates. Each passive participant registration certificate is digitally signed by a service provider using a private key associated with that service provider. A passive participant registration certificate is validated by verifying the certificate'"'"'s digital signature with the public key associated with the service provider that provided the passive participant registration certificate, and then validating that service provider'"'"'s active participant registration certificate.

112 Citations

9 Claims

1. A method of distributing electronic registration certificates to electronic online conference session participants, comprising the steps of:
- providing a first service provider who is a conference session holder with a public/private key pair for a specified conference session;
  
  providing a plurality of other service providers with active participant registration certificates that give said service providers authority to register participants of said specified conference session, as well as authority to register additional service providers as active participants of said specified conference session by providing said additional service providers with respective active participant registration certificates;
  
  where each active participant registration certificate is digitally signed by either said conference session holder or one of said service providers using a private key of a public/private key pair unique to said conference session holder or respective service provider;
  
  each active participant registration certificate including the public key of said public/private key pair unique to the service provider whose authority to register participants is given by said each active participant registration certificate;
  
  said service providers providing participants of said specified conference session with passive participant registration certificates, where each passive participant registration certificate is digitally signed by a respective one of said service providers using a private key of a public/private key pair unique to said respective service provider; and
  
  validating any one of said passive participant registration certificates by verifying its digital signature with the public key associated with the service provider who provided said one passive participant registration certificate, and validating that service provider'"'"'s active participant registration certificate by verifying its digital signature with the public key associated with the conference session holder or service provider who provided said service provider'"'"'s active participant registration certificate;
  
  whereinsaid conference session holder receives conference session certificates from one or more certification authorities, each conference session certificate including a public key associated with the conference session holder, where said conference session holder stores a corresponding private key for digitally signing said active participant registration certificates provided by said conference session holder to said service providers; and
  
  when any one of said passive participants requests an attendance certificate for said specified conference session from one of said certification authorities, said certification authority validates the requesting party'"'"'s passive participant registration certificate and then generates a corresponding conference session attendance certificate.
- View Dependent Claims (2)
- - 2. The method of claim 1,when said conference session is a private conference session,said active participant registration certificates and passive participant registration certificates each includes a copy of a secret key associated with said private conference session that has been encrypted using a public key associated with the respective active or passive participant to whom the respective active/passive registration certificate was provided;
    - at least a portion of said private conference session is transmitted by said session holder in encrypted form, encrypted using said associated secret key; and
      
      a participant decrypts the portion of the private conference session transmitted in encrypted form using a copy of the secret key generated by decrypting the encrypted secret key in the participant'"'"'s participant registration certificate with a private key held by the participant, the private key corresponding to the public key with which the secret key was encrypted.

3. A distributed computer system for distributing electronic registration certificates to electronic online conference session participants, the distributed computer system for use in conjunction with a communication channel, the distributed computer system comprising:
- a first service provider who is a conference session holder, said conference session holder storing a public/private key pair associated with a specified conference session;
  
  a plurality of other service providers, each having an active participant registration certificate that gives said each service provider authority to register participants of said specified conference session, as well as authority to register additional service providers as active participants of said specified conference session by providing said additional service providers with respective active participant registration certificates;
  
  where each active participant registration certificate is digitally signed by one of said service providers using a private key of a public/private key pair unique to said service provider;
  
  each active participant registration certificate including the public key of said public/private key pair unique to the service provider whose authority to register participants is given by said each active participant registration certificate;
  
  said service providers including certificate issuing means for providing participants of said specified conference session with passive participant registration certificates, where each passive participant registration certificate is digitally signed by a respective one of said service providers using a private key of a public/private key pair unique to said respective service provider; and
  
  means, coupled to said communication channel, for validating any one of said passive participant registration certificates by verifying its digital signature with the public key associated with the service provider who provided said one passive participant registration certificate, including validating that service provider'"'"'s active participant registration certificate by verifying its digital signature with the public key associated with the service provider who provided said service provider'"'"'s active participant registration certificate, and then generating a corresponding conference session attendance certificate.
- View Dependent Claims (4, 5)
- - 4. The system of claim 3,wherein, when said conference session is a private conference session,said active participant registration certificates and passive participant registration certificates each includes a copy of a secret key associated with said private conference session that has been encrypted using a public key associated with the respective active or passive participant to whom the respective active/passive registration certificate was provided;
    - andsaid session holder including means for transmitting at least a portion of said private conference session in encrypted form, encrypted using said associated secret key; and
      
      a participant decrypts the portion of the private conference session transmitted in encrypted form using a copy of the secret key generated by decrypting the encrypted secret key in the participant'"'"'s participant registration certificate with a private key held by the participant, the private key corresponding to the public key with which the secret key was encrypted.
  - 5. The system of claim 3,said conference session holder storing conference session certificates from one or more certification authorities, each conference session certificate including a public key associated with the conference session holder, where said conference session holder further stores a corresponding private key for digitally signing said active participant registration certificates provided by said conference session holder to said service providers.

6. A distributed computer system for distributing electronic registration certificates to electronic online conference session participants, the distributed computer system for use in conjunction with a communication channel, the distributed computer system comprising:
- a first service provider who is a conference session holder, said conference session holder storing a public/private key pair associated with a specified conference session;
  
  a plurality of other service providers, each having an active participant registration certificate that gives said each service provider authority to register participants of said specified conference session, as well as authority to register additional service providers as active participants of said specified conference session by providing said additional service providers with respective active participant registration certificates;
  
  where each active participant registration certificate is digitally signed by one of said service providers using a private key of a public/private key pair unique to said service provider;
  
  each active participant registration certificate including the public key of said public/private key pair unique to the service provider whose authority to register participants is given by said each active participant registration certificate;
  
  said service providers including certificate issuing means for providing participants of said specified conference session with passive participant registration certificates, where each passive participant registration certificate is digitally signed by a respective one of said service providers using a private key of a public/private key pair unique to said respective service provider; and
  
  means, coupled to said communication channel, for validating any one of said passive participant registration certificates by verifying its digital signature with the public key associated with the service provider who provided said one passive participant registration certificate, including validating that service provider'"'"'s active participant registration certificate by verifying its digital signature with the public key associated with the service provider who provided said service provider'"'"'s active participant registration certificate;
  
  said conference session holder storing conference session certificates from one or more certification authorities, each conference session certificate including a public key associated with the conference session holder, where said conference session holder further stores a corresponding private key for digitally signing said active participant registration certificates provided by said conference session holder to said service providers;
  
  wherein said certification authorities each include means for responding to a request by any one of said passive participants for an attendance certificate for said specified conference session by validating the requesting party'"'"'s passive participant registration certificate and then generating a corresponding conference session attendance certificate.

7. A method of operating a service provider participating in electronic online conference sessions, comprising the steps of:
- receiving from a conference session holder of a specified conference session an active participant registration certificate that gives said service provider authority to register participants of said specified conference session, as well as authority to register other service providers as active participants of said specified conference session by providing said other service providers with respective active participant registration certificates;
  
  where each active participant registration certificate is digitally signed by one entity selected from the group consisting of said conference session holder and another service provider, using a private key of a public/private key pair unique to said entity;
  
  each active participant registration certificate including the public key of said public/private key pair unique to the service provider whose authority to register participants is given by said each active participant registration certificate;
  
  providing participants of said specified conference session with passive participant registration certificates, where each passive participant registration certificate is digitally signed by said service provider using a private key of a public/private key pair unique to said service provider; and
  
  validating any one of said passive participant registration certificates by verifying its digital signature with the public key associated with the service provider who provided said one passive participant registration certificate, and validating that service provider'"'"'s active participant registration certificate by verifying its digital signature with the public key associated with the entity that provided said service provider'"'"'s active participant registration certificate, and then generating a corresponding conference session attendance certificate.

8. A computer program product for use in conjunction with a set of networked computer systems, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
- a first service provider module, for use by a first service provider who is a conference session holder, the first service provider module including instructions for storing a public/private key pair associated with a specified conference session;
  
  a second service provider module, for use by service providers other than the conference session holder, the second service provide module including instructions that enable a service provide to store an active participant registration certificate that gives an associated service provider authority to register participants of the specified conference session, as well as authority to register additional service providers as active participants of the specified conference session by providing the additional service providers with respective active participant registration certificates;
  
  the first and second service provide modules including instructions for digitally signing an active participant registration certificate using a private key of a public/private key pair unique to an associated service provider;
  
  each active participant registration certificate including the public key of the public/private key pair unique to the service provider whose authority to register participants is given by that service provider'"'"'s active participant registration certificate;
  
  the first and second service provider modules including instructions for issuing passive participant registration certificates to participants of the specified conference session, where each passive participant registration certificate is digitally signed by a respective one of the service providers using a private key of a public/private key pair unique to the respective service provider;
  
  the first service provider module including instructions for storing conference session certificates from one or more certification authorities, each conference session certificate including a public key associated with the conference session holder, where the conference session holder further stores a corresponding private key for digitally signing the active participant registration certificates provided by the conference session holder to the service providers;
  
  a validation module for validating any one of the passive participant registration certificates by verifying its digital signature with the public key associated with the service provider who provided the one passive participant registration certificate, including validating that service provider'"'"'s active participant registration certificate by verifying its digital signature with the public key associated with the service provider who provided the service provider'"'"'s active participant registration certificate; and
  
  a conference session attendance certificate generating module, for use by computers associated with the certification authorities, for responding to a request by any one of the passive participants for an attendance certificate for the specified conference session by validating the requesting party'"'"'s passive participant registration certificate and then generating a corresponding conference session attendance certificate.
- View Dependent Claims (9)
- - 9. The computer program product of claim 8, whereinthe first and second service provider modules include instructions for including in the active participant registration certificates and passive participant registration certificates a copy of a secret key associated with a private conference session that has been encrypted using a public key associated with the respective active or passive participant to whom the respective active/passive registration certificate is provided;
    - a session encryption module for encrypting at least a portion of the private conference session with the associated secret key;
      
      a session decryption module, for use by a participant, for decrypting the portion of the private conference session transmitted in encrypted form using a copy of the secret key generated by decrypting the encrypted secret key in the participant'"'"'s participant registration certificate with a private key held by the participant, the private key corresponding to the public key with which the secret key was encrypted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Computer Science Institute
Original Assignee
International Computer Science Institute
Inventors
Albanese, Andres, Oppliger, Rolf
Primary Examiner(s)
Dombroske, George
Assistant Examiner(s)
CLARK, ROBIN C

Application Number

US08/643,892
Time in Patent Office

1,316 Days
Field of Search

380/21, 380/23, 380/24, 380/25, 380/30, 380/4
US Class Current

713/175
CPC Class Codes

H04L 9/0836   using tree structure or hie...

H04L 9/3268   using certificate validatio...

H04N 21/2347   involving video stream encr...

H04N 21/2543   Billing , e.g. for subscrip...

H04N 21/25875   involving end-user authenti...

H04N 21/47202   for requesting content on d...

H04N 21/4788   communicating with other us...

H04N 21/63345   by transmitting keys key di...

H04N 7/15   Conference systems

H04N 7/17318   Direct or substantially dir...

Distributed registration and key distribution system and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

112 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Distributed registration and key distribution system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

112 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links