Method and apparatus for authenticating participants in electronic commerce
First Claim
1. A method for obtaining and storing on an electronic commerce participant'"'"'s network device digitally signed information that certifies the value of certain other information associated with the participant, including the validity of one or more of the participant'"'"'s credentials for delivery by the participant to other parties to the electronic commerce, thereby enabling the other party to validate the other information without consulting a third party, comprising the steps of:
- receiving at a Validity Status Authority connected to a network an inquiry concerning the validity status of information associated with the participant;
checking, by the Validity Status Authority, whether the information is valid;
encoding a block of data (“
a Cookie”
) by the Validity Status Authority and transmitting the Cookie for embedding within the participant'"'"'s device, the Cookie including a plurality of attributes for validating the participant information such that the Cookie, when transmitted to another party during electronic commerce, will allow that other party to determine the validity of the other information associated with the participant without consulting a third party.
0 Assignments
0 Petitions
Accused Products
Abstract
A participant (14) in electronic commerce can validate his/her own certificate (24, 31) by accessing an authority (28, 32) that checks whether the participant'"'"'s certificate is valid. If the certificate is valid, the authority embeds with the participant'"'"'s terminal (12) a block of data, in the form of a Cookie (28, 30) that includes a plurality of attributes indicative of the certificate, for example, the certificate'"'"'s date of expiration. When accessing a secure application (16), the participant presents both the certificate and the authenticating Cookie, obviating the need for a real-time inquiry to the authority, unless the Cookie is stale or missing.
132 Citations
19 Claims
-
1. A method for obtaining and storing on an electronic commerce participant'"'"'s network device digitally signed information that certifies the value of certain other information associated with the participant, including the validity of one or more of the participant'"'"'s credentials for delivery by the participant to other parties to the electronic commerce, thereby enabling the other party to validate the other information without consulting a third party, comprising the steps of:
-
receiving at a Validity Status Authority connected to a network an inquiry concerning the validity status of information associated with the participant;
checking, by the Validity Status Authority, whether the information is valid;
encoding a block of data (“
a Cookie”
) by the Validity Status Authority and transmitting the Cookie for embedding within the participant'"'"'s device, the Cookie including a plurality of attributes for validating the participant information such that the Cookie, when transmitted to another party during electronic commerce, will allow that other party to determine the validity of the other information associated with the participant without consulting a third party.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 19)
redirecting the participant to the status authority for a Cookie refresh if the Cookie is deemed too stale by the other party; and
returning the participant back to the other party with the now-refreshed Cookie.
-
-
15. A method for authenticating a participant in electronic commence to enable the participant to access an application on a network though the participant'"'"'s terminal, comprising the steps of:
-
receiving at a Certificate Status Authority connected to a network an inquiry from a participant seeking authentication of a public key certificate held by the participant;
checking, by the Certificate Status Authority, whether the public key certificate held by the participant is valid; and
if so,encoding a first block of data (“
a certificate Cookie”
) by the Certificate Status Authority and transmitting the certificate Cookie for embedding within the participant'"'"'s terminal, the Cookie including a plurality of attributes for validating the public key certificate held by the participant;
receiving at an Associate Status Authority connected to the network an inquiry from a participant seeking the participant'"'"'s status;
determining, by the Associate Status Authority, the participant'"'"'s status; and
encoding a second block of data (“
an Associate Status Cookie”
) by the Associate Status Authority and transmitting the Associate Status Cookie for embedding within the participant'"'"'s terminal, the Associate Status Cookie including a plurality of attributes including the participant'"'"'s status.
-
-
16. A system for electronic commerce that certifies the value of certain other information associated with a participant, including the validity of one or more of the participant'"'"'s credentials, to enable another party to validate the other information without consulting a third party, comprising:
-
a Validity Status Authority connected to a network for receiving an inquiry the validity status of information associated with the participant and for checking whether the information is valid;
means for encoding a block of data (“
a Cookie”
) by the Validity Status Authority for transmitting the Cookie for embedding within a participant'"'"'s network device, the Cookie including a plurality of attributes for validating the participant information;
means for transmitting the Cookie to another party during electronic commerce so that the other party can determine the validity of the other information associated with the participant without consulting a third party;
means for redirecting the participant to the status authority for a Cookie refresh if the Cookie is deemed too stale by the other party; and
means for returning the participant back to the other party with the now-refreshed Cookie. - View Dependent Claims (17, 18)
-
Specification