System and method for secure group transactions

US 7,036,146 B1
Filed: 09/24/2001
Issued: 04/25/2006
Est. Priority Date: 10/03/2000
Status: Active Grant

First Claim

Patent Images

1. A distributed authorization system for processing a group authorization decision according to a security policy, the security policy running as software on a network comprising one or more computers, the distributed authorization system comprising:

an information element, accessible on the one or more computers;

means for defining access to the one or more computers;

a plurality of secure processing agents that process on the one or more computers, reviewing the information element;

an authorization interface, accessible over the network, through which each secure processing agent communicates a decision to the plurality of secure processing agents;

means for accepting the decision from each secure processing agents and forming a consensus decision on the information element;

a digital group certification signature;

means for posting a result of the consensus decision; and

means for processing the consensus decision on the one or more computers, according to a security policy.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

Citations

8 Claims

1. A distributed authorization system for processing a group authorization decision according to a security policy, the security policy running as software on a network comprising one or more computers, the distributed authorization system comprising:
- an information element, accessible on the one or more computers;
  
  means for defining access to the one or more computers;
  
  a plurality of secure processing agents that process on the one or more computers, reviewing the information element;
  
  an authorization interface, accessible over the network, through which each secure processing agent communicates a decision to the plurality of secure processing agents;
  
  means for accepting the decision from each secure processing agents and forming a consensus decision on the information element;
  
  a digital group certification signature;
  
  means for posting a result of the consensus decision; and
  
  means for processing the consensus decision on the one or more computers, according to a security policy.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The distributed authorization system of claim 1, further comprising:
    - means for validating the digital group certification signature;
      
      an authenticating chokepoint filter, implemented on the one or more computers, for rejecting an invalid digital group certification signature; and
      
      means for certifying a processing of the consensus decision.
  - 3. The distributed authorization system of claim 2, wherein the means for certifying the processing of the consensus decision comprises a group signature protocol having a public-private key pair.
  - 4. The distributed authorization system of claim 1, wherein the digital group certification signature has a threshold signature scheme.
  - 5. The distributed authorization system of claim 1, wherein the one or more computers is a network of computers having communications between each computer in the network.

6. A method for using an authorization system to control a group transaction on a network, wherein the network comprises one or more computers, wherein the authorization system comprises a plurality of secure agents, the method comprising:
- loading a secure agent onto at least one computer in the network;
  
  organizing the secure agent with at least one other secure agent, forming an agent collective;
  
  controlling the group transaction on the network, according to a plurality of policies and protocols, thereby providing a group transaction control;
  
  developing an authorization interface, accessible over the network, wherein each secure agent communicates a decision to the plurality of secure agents;
  
  accepting a decision from each secure agent, according to a group authentication protocol for a transaction; and
  
  generating a group consensus decision.
- View Dependent Claims (7, 8)
- - 7. The method of claim 6, wherein the group authentication protocol comprises a digital group certification signature.
  - 8. The method of claim 7, further comprising:
    - validating the digital group certification signature; and
      
      implementing an authenticating chokepoint filter, for rejecting an invalid digital group certification signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
National Technology & Engineering Solutions Of Sandia LLC (Honeywell International Inc.)
Original Assignee
Sandia Corporation (Martin Marietta Corporation)
Inventors
Goldsmith, Steven Y.
Primary Examiner(s)
Barrón, Jr., Gilberto
Assistant Examiner(s)
Simitoski, Michael J.

Application Number

US09/962,474
Time in Patent Office

1,674 Days
Field of Search

713175-177, 713/168, 380/47, 726/21
US Class Current

726/21
CPC Class Codes

G06F 21/40 by quorum, i.e. whereby two...

System and method for secure group transactions

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure group transactions

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links