Verifying authenticity of webpages

US 7,877,784 B2
Filed: 06/07/2007
Issued: 01/25/2011
Est. Priority Date: 06/07/2007
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

creating a certificate registry including authentication certificates issued to each one of a plurality of information providers and a root certificate corresponding to all of said authentication certificates, wherein each one of said authentication certificates links respective authentication information thereof to identification information of a corresponding one of said information providers, wherein each one of said authentication certificates is devoid of linkage between the corresponding one of said information providers and domain name information thereof, and wherein said authentication certificates of the certificate registry are associated in a manner at least partially dependent upon at least one of a particular type of information that said information providers provide, a particular organization that said information providers are associated with, a particular type profession in which said information providers are engaged and a particular geographical region in which said information providers are located;

providing the root certificate to an information recipient; and

facilitating verification of a webpage accessed by the information recipient and having an authentication certificate associated therewith, wherein said verification includes successfully verifying authenticity of said associated authentication certificate using authentication information contained in the root certificate thereby verifying that said associated authentication certificate belongs to the certificate registry and, after said successfully verifying authenticity of said associated authentication certificate, successfully verifying identity of a designated owner of the webpage using authentication information contained in said associated authentication certificate.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A certificate registry system is configured to issue authentication certificates issued to each one of a plurality of information providers and to maintain a root certificate corresponding to all of the authentication certificates. Each one of the authentication certificates links respective authentication information thereof to identification information of a corresponding one of the information providers. Each one of the authentication certificates is devoid of linkage between the corresponding one of the information providers and domain name information thereof. The authentication certificates of the certificate registry are associated in a manner at least partially dependent upon at least one of a particular type of information that the information providers provide, a particular organization that the information providers are associated with, a particular type profession in which the information providers are engaged and a particular geographical region in which the information providers are located.

153 Citations

22 Claims

1. A method, comprising:
- creating a certificate registry including authentication certificates issued to each one of a plurality of information providers and a root certificate corresponding to all of said authentication certificates, wherein each one of said authentication certificates links respective authentication information thereof to identification information of a corresponding one of said information providers, wherein each one of said authentication certificates is devoid of linkage between the corresponding one of said information providers and domain name information thereof, and wherein said authentication certificates of the certificate registry are associated in a manner at least partially dependent upon at least one of a particular type of information that said information providers provide, a particular organization that said information providers are associated with, a particular type profession in which said information providers are engaged and a particular geographical region in which said information providers are located;
  
  providing the root certificate to an information recipient; and
  
  facilitating verification of a webpage accessed by the information recipient and having an authentication certificate associated therewith, wherein said verification includes successfully verifying authenticity of said associated authentication certificate using authentication information contained in the root certificate thereby verifying that said associated authentication certificate belongs to the certificate registry and, after said successfully verifying authenticity of said associated authentication certificate, successfully verifying identity of a designated owner of the webpage using authentication information contained in said associated authentication certificate.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein said identification information includes at least one of a name by which a respective one of said information providers is recognized, an image specific to a respective one of said information providers, text specific to a respective one of said information providers, and a sound specific to a respective one of said information providers.
  - 3. The method of claim 1 wherein said identification information includes at least one of a protected name of a respective one of said information providers, a protected image of a respective one of said information providers, protected text of a respective one of said information providers, and protected sound of a respective one of said information providers.
  - 4. The method of claim 1 wherein:
    - providing the root certificate to the information recipient is performed in response to the information recipient expressly requesting the root certificate; and
      
      the root certificate corresponds to at least one of a particular type of information, a particular organization, a particular type profession and a particular geographical region.
  - 5. The method of claim 4 wherein said identification information includes at least one of a protected name of a respective one of said information providers, a protected image of a respective one of said information providers, protected text of a respective one of said information providers, and protected sound of a respective one of said information providers.
  - 6. The method of claim 4 wherein facilitating verification of the webpage accessed by the information recipient includes:
    - retrieving said associated authentication certificate from a web server;
      
      verifying that the web server has a matching key to the authentication certificate; and
      
      acknowledging authenticity of the webpage in response to determining that the authentication certificate is valid and that the web server has the matching key thereby verifying that a web page communicating channel between the web server and the information recipient is authentic.
  - 7. The method of claim 4 wherein:
    - facilitating verification of the webpage accessed by the information recipient includes retrieving a file representing the webpage from a web server;
      
      the file includes a serial number of the webpage and said associated authentication certificate;
      
      verifying that the file was sent from the web server and that the web server has a matching key to the authentication certificate includes;
      
      sending the serial number to the web server,receiving a checksum of the file from the server that is signed with a private key of the authentication certificate; and
      
      determining if the confirmation checksum received from the server matches that, of a checksum created using the received file; and
      
      determining if the authentication certificate is signed by the private key of the root certificate.
  - 8. The method of claim 7 wherein the file designates an authentication certificate associated with the webpage.
  - 9. The method of claim 8, further comprising:
    - caching said associated authentication certificate after retrieving said associated authentication certificate, thereby precluding repeated retrieval of said authentication certificate.

10. A certificate registry, comprising:
- authentication certificates issued to each one of a plurality of information providers; and
  
  a root certificate corresponding to all of said authentication certificates;
  
  wherein each one of said authentication certificates links respective authentication information thereof to identification information of a corresponding one of said information providers;
  
  wherein each one of said authentication certificates is devoid of linkage between the corresponding one of said information providers and domain name information thereof; and
  
  wherein said authentication certificates of the certificate registry which is stored on a tangible computer readable storage medium are associated in a manner at least partially dependent upon at least one of a particular type of information that said information providers provide, a particular organization that said information providers are associated with, a particular type profession in which said information providers are engaged and a particular geographical region in which said information providers are located.
- View Dependent Claims (11, 12)
- - 11. The registry of claim 10 wherein said identification information includes at least one of a name by which a respective one of said information providers is recognized, an image specific to a respective one of said information providers, text specific to a respective one of said information providers, and a sound specific to a respective one of said information providers.
  - 12. The registry of claim 10 wherein said identification information includes at least one of a protected name of a respective one of said information providers, a protected image of a respective one of said information providers, protected text of a respective one of said information providers, and protected sound of a respective one of said information providers.

13. A certificate registry system configured to:
- issue authentication certificates issued to each one of a plurality of information providers and maintain a root certificate corresponding to all of said authentication certificates, wherein each one of said authentication certificates links respective authentication information thereof to identification information of a corresponding one of said information providers, wherein each one of said authentication certificates is devoid of linkage between the corresponding one of said information providers and domain name information thereof, and wherein said authentication certificates of the certificate registry system which is stored on a tangible computer readable storage medium are associated in a manner at least partially dependent upon at least one of a particular type of information that said information providers provide, a particular organization that said information providers are associated with, a particular type profession in which said information providers are engaged and a particular geographical region in which said information providers are located.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 14. The certificate registry system of claim 13 wherein said identification information includes at least one of a name by which a respective one of said information providers is recognized, an image specific to a respective one of said information providers, text specific to a respective one of said information providers, and a sound specific to a respective one of said information providers.
  - 15. The certificate registry system of claim 13 wherein said identification information includes at least one of a protected name of a respective one of said information providers, a protected image of a respective one of said information providers, protected text of a respective one of said information providers, and protected sound of a respective one of said information providers.
  - 16. The certificate registry system of claim 13 further configured to provide the root certificate to an information recipient in response to the information recipient expressly requesting the root certificate, wherein the root certificate corresponds to at least one of a particular type of information, a particular organization, a particular type profession and a particular geographical region.
  - 17. The certificate registry system of claim 16 wherein said identification information includes at least one of a protected name of a respective one of said information providers, a protected image of a respective one of said information providers, protected text of a respective one of said information providers, and protected sound of a respective one of said information providers.
  - 18. The certificate registry system of claim 17 further configured to facilitating verification of a webpage accessed by the information recipient and having an authentication certificate associated therewith, wherein said verification includes successfully verifying authenticity of said associated authentication certificate using authentication information contained in the root certificate thereby verifying that said associated authentication certificate belongs to the certificate registry and, after said successfully verifying authenticity of said associated authentication certificate, successfully verifying identity of a designated owner of the webpage using authentication information contained in said associated authentication certificate.
  - 19. The certificate registry system of claim 18 wherein facilitating verification of the webpage accessed by the information recipient includes:
    - retrieving said associated authentication certificate from a web server;
      
      verifying that the web server has a matching key to the authentication certificate; and
      
      acknowledging authenticity of the webpage in response to determining that the authentication certificate is valid and that, the web server has the matching key thereby verifying that a web page communicating channel between the web server and the information recipient is authentic.
  - 20. The certificate registry system of claim 18 wherein:
    - facilitating verification of the webpage accessed by the information recipient includes retrieving a file representing the webpage from a web server,the file includes a serial number of the webpage and said associated authentication certificate;
      
      verifying that the file was sent from the web server and that the web server has a matching key to the authentication certificate includes sending the serial number to the server, receiving a checksum of the file from the server that is signed with a private key of the authentication certificate, determining if the confirmation checksum received from the server matches that of a checksum created using the received file, and determining if the authentication certificate is signed by the private key of the root certificate.
  - 21. The certificate registry system of claim 20 wherein the file designates an authentication certificate associated with the webpage.
  - 22. The certificate registry system of claim 20 further configured to cache said associated authentication certificate after retrieving said associated authentication certificate, thereby precluding repeated retrieval of said authentication certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Piece Future Pte., Ltd.
Original Assignee
Alcatel-Lucent SA (Nokia Corporation)
Inventors
Chow, Stanley, Smith, Jeff, Gustave, Christophe
Primary Examiner(s)
Song, Hosuk

Application Number

US11/811,235
Publication Number

US 20080307222A1
Time in Patent Office

1,328 Days
Field of Search

713155-157, 713168-170, 713/173, 713/175, 713/161, 726 1- 5, 726/10
US Class Current

726/2
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

H04L 63/168   above the transport layer

Verifying authenticity of webpages

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

153 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Verifying authenticity of webpages

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

153 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others