Person-centric account-based digital signature system
First Claim
1. A method of communicating electronically over a communications medium regarding accounts, comprising the steps of:
- (a) for a first account,(i) maintaining information pertaining to the first account in an account database such that the information is retrievable based on a first unique identifier,(ii) associating a public key of a public-private key pair with the first unique identifier,(iii) generating a digital signature for an electronic message using a private key of the public-private key pair, the electronic message including an instruction and the first unique identifier,(iv) authenticating the electronic message using the public key associated with the information identified by the first unique identifier, and(v) upon the successful authentication of the electronic message, executing the instruction with respect to the first account represented by the information that is identified by the first unique identifier; and
(b) for a second account,(i) maintaining information pertaining to the second account in an account database such that the information is retrievable based on a second unique identifier,(ii) associating the same public key that is associated with the first account with the second unique identifier,(iii) generating a digital signature for an electronic message using the private key of the public-private key pair, the electronic message including an instruction and the second unique identifier,(iv) authenticating the electronic message using the public key associated with the information identified by the second unique identifier, and(v) upon the successful authentication of the electronic message, executing the instruction with respect to the second account represented by the information that is identified by the second unique identifier.
8 Assignments
0 Petitions
Accused Products
Abstract
In a method of managing a database of existing accounts (214) for account holders (202), each account holder (202) has multiple accounts with one or more account authorities (212) for use of a single device with multiple accounts, with each account of each account holder being associated with a public key of a public-private key pair of that account holder. A record of information pertaining to all accounts of a particular account holder is maintained in a central location by a central key authority. The information for that account includes the public keys of that account holder. The central key authority transfers information from the record for an account holder to a new account authority for which that account holder desires to establish a new account; the central key authority also receives information from account authorities for inclusion in the record centrally maintained for that account holder.
-
Citations
91 Claims
-
1. A method of communicating electronically over a communications medium regarding accounts, comprising the steps of:
-
(a) for a first account, (i) maintaining information pertaining to the first account in an account database such that the information is retrievable based on a first unique identifier, (ii) associating a public key of a public-private key pair with the first unique identifier, (iii) generating a digital signature for an electronic message using a private key of the public-private key pair, the electronic message including an instruction and the first unique identifier, (iv) authenticating the electronic message using the public key associated with the information identified by the first unique identifier, and (v) upon the successful authentication of the electronic message, executing the instruction with respect to the first account represented by the information that is identified by the first unique identifier; and (b) for a second account, (i) maintaining information pertaining to the second account in an account database such that the information is retrievable based on a second unique identifier, (ii) associating the same public key that is associated with the first account with the second unique identifier, (iii) generating a digital signature for an electronic message using the private key of the public-private key pair, the electronic message including an instruction and the second unique identifier, (iv) authenticating the electronic message using the public key associated with the information identified by the second unique identifier, and (v) upon the successful authentication of the electronic message, executing the instruction with respect to the second account represented by the information that is identified by the second unique identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80)
-
-
81. A device used in communicating electronically over a communications medium regarding an account, the device including,
(a) a private key of a public-private key pair; (b) a plurality of unique account identifiers, each identifying an account maintained by an account authority with which the public key of the public-private key pair is associated. - View Dependent Claims (82, 83, 84, 85, 86, 87, 89, 90, 91)
-
88. The method claim or 81, wherein an electronic message which is digitally-signed by the device is not encrypted.
Specification