Method and system for identity recognition
First Claim
1. A computer-implemented method of sending an identity information document from an initiating system to an intended receiving system, the method comprising:
- presenting a list of identity information from a self-identity information store included in the initiating system for a principal using the initiating system to select information to include in a first identity information document and to include in a second identity information document, wherein the first identity information document is based on a first intended receiving system and the second identity information document is based on a second intended receiving system, the first intended receiving system being different from the second intended receiving system, and wherein the presenting the list of identity information for selection allows the principal to control the disclosure of identity information to the first and the second intended receiving systems;
receiving a first selection of identity information from the list of identity information from the self-identity information store stored in a memory for inclusion in the first identity information document, wherein the first selected identity information comprises a first subset of identity information relating to the principal in the self-identity information store, and wherein the first subset of identity information is specific to the first intended receiving system;
receiving a second selection of identity information from the list of identity information from the self-identity information store stored in memory for inclusion in the second identity information document, wherein the second selected identity information comprises a second subset of identity information relating to the principal in the self-identity information store, and wherein the second subset of identity information is specific to the second intended receiving system and is different from the first subset of identity information;
reading the first and the second selected identity information from the self-identity information store included in the initiating system;
generating the first identity information document to include the first selected identity information and at least a first key, the first identity information document signed using a second key associated with the first key in the first identity information document; and
sending the first identity information document to the first intended receiving system.
2 Assignments
0 Petitions
Accused Products
Abstract
In accordance with various aspects, the present invention relates to methods and systems for sending an identity information document comprising selecting identity information from a self-identity information store for inclusion in the identity information document. The selected identity information is read from a self-identity information store. The identity information document is generated to include the selected identity information and one or more keys, and signed using a key associated with one of the keys included in the identity information document. The identity information document is then sent to a recipient. Receiving an identity information document comprises receiving a signed identity information document from an originator. A determination is made as to whether identity information in the identity information document is reliable. The identity information is saved in a recognized identity information store if the identity information is determined to be reliable. If the identity information is determined to be unreliable, an identity recognition number retrieved from the sender is compared to an identity recognition number generated by the recipient based on information in the received identity information document. If the identity recognition number is verified, the identity information is saved in the recognized identity information store.
22 Citations
24 Claims
-
1. A computer-implemented method of sending an identity information document from an initiating system to an intended receiving system, the method comprising:
-
presenting a list of identity information from a self-identity information store included in the initiating system for a principal using the initiating system to select information to include in a first identity information document and to include in a second identity information document, wherein the first identity information document is based on a first intended receiving system and the second identity information document is based on a second intended receiving system, the first intended receiving system being different from the second intended receiving system, and wherein the presenting the list of identity information for selection allows the principal to control the disclosure of identity information to the first and the second intended receiving systems; receiving a first selection of identity information from the list of identity information from the self-identity information store stored in a memory for inclusion in the first identity information document, wherein the first selected identity information comprises a first subset of identity information relating to the principal in the self-identity information store, and wherein the first subset of identity information is specific to the first intended receiving system; receiving a second selection of identity information from the list of identity information from the self-identity information store stored in memory for inclusion in the second identity information document, wherein the second selected identity information comprises a second subset of identity information relating to the principal in the self-identity information store, and wherein the second subset of identity information is specific to the second intended receiving system and is different from the first subset of identity information; reading the first and the second selected identity information from the self-identity information store included in the initiating system; generating the first identity information document to include the first selected identity information and at least a first key, the first identity information document signed using a second key associated with the first key in the first identity information document; and sending the first identity information document to the first intended receiving system. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method of receiving an identity information document at a recipient from an initiating system, the method comprising:
-
receiving, at a first recipient, a signed first identity information document from the initiating system, wherein the first identity information document contains selected identity information comprising a first subset of identity information relating to a principal and selected from a self-identity information store included in the initiating system, and wherein the first subset of identity information is specific to the first recipient, and wherein the first subset of identity information is different from a second subset of identity information, the second subset of identity information being contained in a second identity information document intended for a second recipient; determining whether the first subset of identity information in the first identity information document is reliable; saving the first subset of identity information in a recognized identity information store located at the first recipient and stored in a memory if the first subset of identity information is determined to be reliable; determining whether to verify the first subset of identity information if the first subset of identity information is not reliable; and if the first subset of identity information is not reliable, saving the first subset of identity information in the recognized identity information store at the first recipient with a flag indicating the first subset of identity information is not reliable. - View Dependent Claims (8, 9, 10)
-
-
11. A system to send an identity information document comprising:
-
a processor; a communication channel connected with the processor; and a memory coupled with and readable by the processor, the memory containing a series of instructions that, when executed by the processor, cause the processor to; select identity information from a self-identity information store included in an initiating system for inclusion in a first identity information document, wherein the selected identity information comprises a predetermined first subset of identity information relating to a principal in the self-identity information store and wherein the predetermined first subset of identity information is specific to a first intended recipient and is automatically selected for inclusion in the first identity information document, and wherein a predetermined second subset of identity information relating to the principal in the self-identity information store is specific to a second intended recipient, the second subset of identity information being different from the first subset of identity information; read the first subset of identity information from the self-identity information store included in the initiating system; generate the first identity information document to include the first subset of identity information and at least a first key, the first identity information document signed using a second key paired with the first key; and send the first identity information document to the first intended recipient connected to the communication channel to establish an identity of the principal at the first recipient. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system to receive an identity information document at a recipient from an initiating system for use in future recognition of a principal comprising:
-
a processor; a communication channel connected with the processor; and a memory coupled with and readable by the processor, the memory containing a series of instructions that, when executed by the processor, cause the processor to; receive, at a first recipient, a signed first identity information document from the initiating system, the signed first identity information document containing selected identity information comprising a first subset of identity information relating to the principal in a self-identity information store included in the initiating system, wherein the first subset of identity information is specific to the first recipient, and wherein a second subset of identity information relating to the principal in the self-identity information store is specific to a second intended recipient, the second intended recipient being different from the first intended recipient, and the second subset of identity information being different from the first subset of identity information; determine whether the first subset of identity information in the first identity information document is reliable; determine whether to verify the first subset of identity information if the identity information is not reliable; save the first subset of identity information in a recognized identity information store located at the first recipient if the first subset of identity information is determined to be reliable; and if the first subset of identity information is not reliable, save the first subset of identity information in the recognized identity information store at the first recipient with a flag indicating the first subset of identity information is not reliable, the recognized identity information store being used for future recognition of the principal. - View Dependent Claims (17, 18, 19)
-
-
20. A computer readable storage medium encoding a computer program of instructions for executing a computer process for identity recognition, said computer process comprising:
-
presenting a list of identity information from a self-identity information store included in an initiating system for a principal using the initiating system to select information to include in a first identity information document and to include in a second identity information document, wherein the first identity information document is based on a first intended recipient and the second identity information document is based on a second intended recipient, the first intended recipient being different from the second intended recipient, and wherein the presenting the list of identity information for selection allows the principal to control the disclosure of identity information to the first and the second intended recipients; receiving a first selection of identity information from the list of identity information from the self-identity information store stored in a memory for inclusion in the first identity information document, wherein the first selected identity information comprises a first subset of identity information relating to the principal in the self-identity information store, and wherein the first subset of identity information is specific to the first intended recipient; receiving a second selection of identity information from the list of identity information from the self-identity information store stored in memory for inclusion in the second identity information document, wherein the second selected identity information comprises a second subset of identity information relating to the principal in the self-identity information store, and wherein the second subset of identity information is specific to the second intended receiving system and is different from the first subset of identity information; reading the first and the second selected identity information from the self-identity information store included in the initiating system; generating the first identity information document to include the first selected identity information and at least a public key, the first identity information document signed with a private key associated with the public key in the first identity information document; and sending the first identity information document to the first recipient to establish an identity of the principal at the first recipient; generating the second identity information document to include the second selected identity information and a digital signature; and sending the second identity information document to the second recipient to establish an identity of the principal at the second recipient. - View Dependent Claims (21, 22, 23, 24)
-
Specification