Central key authority (CKA) database for user accounts in ABDS system
First Claim
1. A method of maintaining a CKA computer database by a Central Key Authority (CKA) on behalf of a plurality of users having accounts linked with one or more public keys of the users (“
- PuK-linked accounts”
) wherein one or more PuK-linked accounts are maintained by one or more respective third parties, comprising the steps of, for a respective user;
(a) storing in the CKA computer database a public key of a public-private key pair, the public key associated with a user device of a respective user, the user device configured to generate digital signatures using a private key of the public-private key pair, the private key maintained securely within the user device;
(b) associating in the CKA computer database a security profile of the user device with the public key;
(c) associating in the CKA computer database one or more third-party account identifiers with the public key, each account identifier associated with a respective PuK-linked account of the respective user maintained by one of the respective third parties;
(d) associating a unique CKA account identifier with each public key stored in the CKA computer database; and
(e) updating PuK-linked accounts of the respective user with a new public-key of the respective user, wherein each PuK-linked account is maintained by different third parties, comprising the further steps of;
(i) receiving a request Electronic Communication (“
EC”
), the request EC including one of the unique CKA account identifiers and a message including the new public key and a digital signature of the message;
(ii) authenticating the message using the public key associated with the unique CKA account identifier from the request EC and obtained from the CKA computer database; and
(iii) upon successful authentication of the message, sending a response EC to each of the different third parties, the response EC including the new public key and the third-party account identifier for the respective different third parties maintained in the CKA computer database and associated with the unique CKA account identifier.
8 Assignments
0 Petitions
Accused Products
Abstract
A Central Key Authority (CKA) database includes PuK-linked account information of users, wherein the PuK-linked account information maintained in the database for each user includes, (a) a public key of a user device that generates digital signatures, (b) information securely linked with the public key of the device within a secure environment of the manufacture of the device, and (c) third-party account identifiers each of which identifies to a third-party an account of the user that is maintained with the third-party and that has been associated with the user'"'"'s public key by the third-party.
155 Citations
27 Claims
-
1. A method of maintaining a CKA computer database by a Central Key Authority (CKA) on behalf of a plurality of users having accounts linked with one or more public keys of the users (“
- PuK-linked accounts”
) wherein one or more PuK-linked accounts are maintained by one or more respective third parties, comprising the steps of, for a respective user;(a) storing in the CKA computer database a public key of a public-private key pair, the public key associated with a user device of a respective user, the user device configured to generate digital signatures using a private key of the public-private key pair, the private key maintained securely within the user device;
(b) associating in the CKA computer database a security profile of the user device with the public key;
(c) associating in the CKA computer database one or more third-party account identifiers with the public key, each account identifier associated with a respective PuK-linked account of the respective user maintained by one of the respective third parties;
(d) associating a unique CKA account identifier with each public key stored in the CKA computer database; and
(e) updating PuK-linked accounts of the respective user with a new public-key of the respective user, wherein each PuK-linked account is maintained by different third parties, comprising the further steps of;
(i) receiving a request Electronic Communication (“
EC”
), the request EC including one of the unique CKA account identifiers and a message including the new public key and a digital signature of the message;
(ii) authenticating the message using the public key associated with the unique CKA account identifier from the request EC and obtained from the CKA computer database; and
(iii) upon successful authentication of the message, sending a response EC to each of the different third parties, the response EC including the new public key and the third-party account identifier for the respective different third parties maintained in the CKA computer database and associated with the unique CKA account identifier. - View Dependent Claims (2, 3)
- PuK-linked accounts”
-
4. A computer-readable medium having a plurality of data fields stored on the medium and representing a plurality of data structures, wherein each data structure is stored in a computer database of a Central Key Authority (CKA), comprising:
-
(a) a public key of a public-private key pair, the public key associated with a user device of an account holder, wherein the user device generates digital signatures using a private key of the public-private key pair, wherein the private key is maintained securely within the user device and wherein the computer database of the CKA is not contained in the user device; and
(b) at least one third-party account identifier, each account identifier identifying an account of the account holder that is maintained with a respective account authority, wherein the account authority is distinct and separate from the CKA and wherein the public key of the user device has been previously associated with the account of the account holder by the respective account authority. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of maintaining a CKA computer database on behalf of a plurality of account holders, each respective account holder having a user device, the CKA computer database being maintained by a Central Key Authority (CKA) and wherein the CKA computer database is not contained in any of the user devices, comprising the steps of:
for each respective account holder;
(a) storing in the CKA database a public key of a public-private key pair, wherein the user device of the respective account holder generates digital signatures using a private key of the public-private key pair, wherein the private key is maintained securely within the respective user device; and
(b) associating in the CKA database at least one third-party account identifier with the public key, each account identifier identifying an account of the respective account holder that is maintained with a respective account authority, wherein the respective account authority is distinct and separate from the CKA and wherein the public key of the user device has been previously associated with the account of the respective account holder by the respective account authority. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
Specification