Method and apparatus for revocation list management

US 7,260,715 B1
Filed: 12/09/1999
Issued: 08/21/2007
Est. Priority Date: 12/09/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method for controlling access to information, the method comprising the steps of:

maintaining, for a given entity controlling access to the information, a contact list comprising information identifying one or more other entities which have attempted to communicate with the given entity; and

utilizing the contact list in conjunction with a revocation list associated with the given entity to determine which of at least a subset of the one or more other entities are authorized to communicate with the given entity.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access to information is controlled by maintaining, for a given device or other entity through which information may be accessed, a contact list that includes information identifying one or more other entities which have attempted to communicate with the given entity. In accordance with the invention, the contact list is utilized in conjunction with a revocation list stored in a memory associated with the given entity in order to determine which of the other entities are authorized to communicate with the given entity. The contact list includes a number of entries, each entry having at least an identifier of a particular one of the other entities and a corresponding revocation flag indicating whether the particular entity has been revoked. The contact list is updated after a modification of the revocation list, or if a new entity not already included in the contact list attempts to communicate with the given entity.

74 Citations

View as Search Results

20 Claims

1. A method for controlling access to information, the method comprising the steps of:
- maintaining, for a given entity controlling access to the information, a contact list comprising information identifying one or more other entities which have attempted to communicate with the given entity; and
  
  utilizing the contact list in conjunction with a revocation list associated with the given entity to determine which of at least a subset of the one or more other entities are authorized to communicate with the given entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1 wherein the given entity and at least a subset of the one or more other entities each comprise a consumer electronics device.
  - 3. The method of claim 1 wherein the maintaining and utilizing steps are implemented in an access control system associated with the given entity.
  - 4. The method of claim 3 wherein the revocation list comprises a local revocation list stored in the access control system.
  - 5. The method of claim 1 wherein the contact list comprises a plurality of entries, each entry including at least an identifier of a particular one of the other entities and a corresponding revocation flag indicating whether authorization of the particular entity has been revoked.
  - 6. The method of claim 5 further including the step of updating the contact list after a modification of the revocation list.
  - 7. The method of claim 6 wherein the step of updating the contact list after a modification of the revocation list further includes the steps of:
    - identifying all of the entities in the contact list that do not have their corresponding revocation flag set; and
      
      determining, for each of the entities identified as being on the contact list but not having a set revocation flag, whether that entity is on a modified local revocation list, and if such an entity is determined to be on the modified local revocation list, setting its revocation flag in the contact list.
  - 8. The method of claim 5 further including the step of updating the contact list if a new entity not already included in the contact list attempts to communicate with the given entity.
  - 9. The method of claim 8 wherein the step of updating the contact list if a new entity not already included in the contact list attempts to communicate with the given entity further includes the steps of:
    - storing in the contact list an entity identifier for the new entity if there is sufficient space available in the contact list; and
      
      determining if the new entity is on the revocation list, and if it is, setting the corresponding revocation flag for the new entity in the contact list.
  - 10. The method of claim 9 further including the step of selecting a particular entry of the contact list for removal from the contact list if there is not sufficient space available in the contact list for the new entity.
  - 11. The method of claim 10 wherein the selecting step is implemented using a random or pseudo-random selection process.
  - 12. The method of claim 5 wherein the contact list is configured such that the revocation flag of a particular entry may not be cleared once that flag has been set as long as that entry remains in the contact list.
  - 13. The method of claim 1 further including the step of periodically generating a digital signature for at least a portion of the contact list.
  - 14. The method of claim 13 further including the step of updating the digital signature each time the contact list is updated.
  - 15. The method of claim 1 wherein each of at least a subset of the other entities stores a contact list having entries corresponding to entities which have attempted to communicate with those other entities.

16. An apparatus for controlling access to information, the apparatus comprising:
- a processor-based device for controlling access to the information, wherein the processor-based device is operative to maintain a contact list comprising information identifying one or more other entities which have attempted to communicate with the processor-based device, and to utilize the contact list in conjunction with a revocation list associated with the given entity to determine which of at least a subset of the one or more other entities are authorized to communicate with the processor-based device.
- View Dependent Claims (17)
- - 17. The apparatus of claim 16, wherein the contact list comprises a plurality of entries, each entry including at least an identifier of a particular one of the other entities and a corresponding revocation flag indicating whether authorization of the particular entity has been revoked.

18. An article of manufacture comprising a machine-readable storage medium containing one or more software programs for use in controlling access to information, wherein the programs when executed implement the steps of:
- maintaining, for a given entity controlling access to the information, a contact list comprising information identifying one or more other entities which have attempted to communicate with the given entity; and
  
  utilizing the contact list in conjunction with a revocation list associated with the given entity to determine which of at least a subset of the one or more other entities are authorized to communicate with the given entity.
- View Dependent Claims (19, 20)
- - 19. The article of manufacture of claim 18, wherein the contact list comprises a plurality of entries, each entry including at least an identifier of a particular one of the other entities and a corresponding revocation flag indicating whether authorization of the particular entity has been revoked.
  - 20. The article of manufacture of claim 19, wherein the programs when executed implement the further step of updating the contact list after a modification of the revocation list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Koninklijke Philips Electronics N.V. (Koninklijke Philips N.V.)
Original Assignee
Koninklijke Philips Electronics N.V. (Koninklijke Philips N.V.)
Inventors
Pasieka, Michael S.
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Parthasarathy; Pramila

Application Number

US09/456,689
Time in Patent Office

2,812 Days
Field of Search

713/158, 345/741, 379/142.05
US Class Current

713/158
CPC Class Codes

G06F 21/6218 to a system of files or obj...

G06F 2221/2141 Access rights, e.g. capabil...

Method and apparatus for revocation list management

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

74 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for revocation list management

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

74 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links