Access control
First Claim
1. A method for at least one administration entity to control access to an electronic device, comprising:
- the at least one administration entity generating credentials and a plurality of proofs for the electronic device, wherein the proofs are not determinable as valid given only the credentials and values for expired proofs, the expired proofs being no longer valid;
the electronic device receiving the credentials;
if access is authorized at a particular time, the electronic device receiving a corresponding proof corresponding to the particular time; and
the electronic device confirming the corresponding proof using the credentials, wherein the corresponding proof is a result of applying a one way function to a subsequent one of the plurality of proofs received at the electronic device, wherein the credentials are a digital certificate that includes a final value that is a result of applying the one way function to a first one of the plurality of proofs, and wherein said access is access to data on the electronic device.
5 Assignments
0 Petitions
Accused Products
Abstract
An administration entity controls access to an electronic device by generating credentials and a plurality of corresponding proofs, wherein no valid proofs are determinable given only the credentials and values for expired proofs. The electronic device receives the credentials and, if access is authorized at a particular time, the electronic device receives a proof corresponding to the particular time and confirms the proof using the credentials. A single administration entity may generate the credentials and generate the proofs and/or there may be a first administration entity that generates the credentials and other administration entities that generate proofs. The credentials may be a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.
-
Citations
50 Claims
-
1. A method for at least one administration entity to control access to an electronic device, comprising:
-
the at least one administration entity generating credentials and a plurality of proofs for the electronic device, wherein the proofs are not determinable as valid given only the credentials and values for expired proofs, the expired proofs being no longer valid; the electronic device receiving the credentials; if access is authorized at a particular time, the electronic device receiving a corresponding proof corresponding to the particular time; and the electronic device confirming the corresponding proof using the credentials, wherein the corresponding proof is a result of applying a one way function to a subsequent one of the plurality of proofs received at the electronic device, wherein the credentials are a digital certificate that includes a final value that is a result of applying the one way function to a first one of the plurality of proofs, and wherein said access is access to data on the electronic device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method for an electronic device to control access thereto, comprising:
-
receiving credentials and at least one of a plurality of proofs for the electronic device, wherein the at least one of the plurality of proofs is not determinable as valid given only the credentials and values for expired proofs, the expired proofs being no longer valid; and testing, using at least one processor, the at least one of the plurality of proofs using the credentials, wherein, if access is authorized at a particular time, the at least one the plurality of proofs corresponds to the particular time, and wherein the at least one of the plurality of proofs is a result of applying a one way function to a subsequent one of the plurality of proofs, wherein the credentials are a digital certificate that includes a final value that is a result of applying the one way function to a first one of the plurality of proofs, and wherein said access is access to data on the electronic device. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A method of controlling access to an electronic device, comprising:
-
providing credentials to the electronic device; and if access is allowed at a particular time, providing a proof from a plurality of proofs to the electronic device corresponding to the particular time, wherein the proof is not determinable as valid given only the credentials and values for expired proofs, the expired proofs being no longer valid, and wherein the proof provided to the electronic device is a result of applying, using at least one processor, a one way function to a subsequent proof provided to the electronic device, wherein the credentials are a digital certificate that includes a final value that is a result of applying the one way function to a first one of the plurality of proofs, and wherein said access is access to data on the electronic device. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
-
Specification