Domain ID service
First Claim
Patent Images
1. A domain identification system comprising at least one processor, the system comprising:
- a principal from a plurality of principals;
an identifier generation component that generates, with the at least one processor, a mnemonically meaningless persistent identifier and assigns the mnemonically meaningless persistent identifier to the principal, wherein the principal is a member of a neighborhood comprising the plurality of principals;
a binding component that binds the mnemonically meaningless persistent identifier to a public key by a binding, the public key is used to authenticate the principal in a networked environment; and
a sharing component that shares the mnemonically meaningless persistent identifier and the binding with at least one another principal from the plurality of principals, wherein;
the principal is configured to receive an authentication request and query the plurality of principals in the neighborhood to determine whether at least one principal from the plurality of principals is familiar with a binding that can authenticate a source of the authentication request, andthe principal is further configured to, when the principal is a member of at least one other neighborhood and when it is determined that none of the plurality of principals in the neighborhood is familiar with the binding that can authenticate the source of the authentication request, forward the authentication request to at least one other principal in the at least one other neighborhood.
2 Assignments
0 Petitions
Accused Products
Abstract
The subject disclosure pertains to a domain identification system, comprising a principal that has a key and a mnemonically meaningless identifier, the mnemonically meaningless identifier is used to identify the component in a networked environment. The mnemonically meaningless identifier can be bound to the public key by a binding. The component may be part of a neighborhood of components, and each member component knows the members'"'"' binding.
-
Citations
18 Claims
-
1. A domain identification system comprising at least one processor, the system comprising:
-
a principal from a plurality of principals; an identifier generation component that generates, with the at least one processor, a mnemonically meaningless persistent identifier and assigns the mnemonically meaningless persistent identifier to the principal, wherein the principal is a member of a neighborhood comprising the plurality of principals; a binding component that binds the mnemonically meaningless persistent identifier to a public key by a binding, the public key is used to authenticate the principal in a networked environment; and a sharing component that shares the mnemonically meaningless persistent identifier and the binding with at least one another principal from the plurality of principals, wherein; the principal is configured to receive an authentication request and query the plurality of principals in the neighborhood to determine whether at least one principal from the plurality of principals is familiar with a binding that can authenticate a source of the authentication request, and the principal is further configured to, when the principal is a member of at least one other neighborhood and when it is determined that none of the plurality of principals in the neighborhood is familiar with the binding that can authenticate the source of the authentication request, forward the authentication request to at least one other principal in the at least one other neighborhood. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for utilizing an identifier for a principal from a plurality of principals that is a member of a neighborhood comprising the plurality of principals, the method comprising:
with at least one processor; generating a mnemonically meaningless persistent identifier for the principal; binding the mnemonically meaningless persistent identifier to a key by a binding; verifying that the mnemonically meaningless persistent identifier is different from each of a plurality of mnemonically meaningless persistent identifiers assigned to the plurality of principals in the neighborhood; when it is verified that the mnemonically meaningless persistent identifier is different from each of the plurality of mnemonically meaningless persistent identifiers, assigning the mnemonically meaningless persistent identifier and the binding to the principal; receiving an authentication request and, when the principal is not familiar with a binding that can authenticate a source of the authentication request, querying the plurality of principals in the neighborhood to determine whether at least one principal from the plurality of principals is familiar with the binding that can authenticate the source of the authentication request; and when the principal is a member of at least one other neighborhood and when it is determined that none of the plurality of principals in the neighborhood is familiar with the binding that can authenticate the source of the authentication request, forwarding the authentication request to at least one other principal in the at least one other neighborhood. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
18. A computer system for domain identification comprising at least one processor, the computer system comprising:
-
means for generating, with the at least one processor, a mnemonically meaningless persistent identifier; means for verifying, with the at least one processor, that the mnemonically meaningless persistent identifier is different from each of a plurality of mnemonically meaningless persistent identifiers assigned to a plurality of principals in a neighborhood; means for assigning the generated mnemonically meaningless persistent identifier to a principal from the plurality of principals when it is verified that the mnemonically meaningless persistent identifier is different from each of the plurality of mnemonically meaningless persistent identifiers; means for binding the generated mnemonically meaningless persistent identifier to a key held by the principal; means for receiving an authentication request and querying the plurality of principals in the neighborhood to determine whether at least one principal from the plurality of principals is familiar with a binding between a key and an identifier of a source of the authentication request; and means for, when the principal is a member of at least one other neighborhood and when it is determined that none of the plurality of principals in the neighborhood is familiar with the binding between the key and the identifier of the source of the authentication request, forwarding the authentication request to at least one other principal in the at least one other neighborhood.
-
Specification