Establishing trust via aggregate peer ranking

US 8,214,634 B1
Filed: 02/21/2006
Issued: 07/03/2012
Est. Priority Date: 02/21/2006
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

determining whether a certificate is associated with a trust anchor;

in the event that it is determined that the certificate is associated with the trust anchor, determining that the certificate is valid;

in the event that it is determined that the certificate is not associated with the trust anchor;

determining whether the certificate was previously determined to be valid by one or more peer entities, including;

sending data associated with the certificate;

receiving feedback data associated with one or more previous certificate validity determinations made by one or more peer entities; and

validating the certificate based at least in part on the determination;

wherein the feedback data is obtained from a trust server that stores information regarding two or more previous certificate validity determinations made by two or more peer entities.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Validating a certificate is disclosed. Whether the certificate was previously determined to be valid by one or more peer entities is determined. The certificate is validated based at least in part on the determination.

Citations

31 Claims

1. A method, comprising:
- determining whether a certificate is associated with a trust anchor;
  
  in the event that it is determined that the certificate is associated with the trust anchor, determining that the certificate is valid;
  
  in the event that it is determined that the certificate is not associated with the trust anchor;
  
  determining whether the certificate was previously determined to be valid by one or more peer entities, including;
  
  sending data associated with the certificate;
  
  receiving feedback data associated with one or more previous certificate validity determinations made by one or more peer entities; and
  
  validating the certificate based at least in part on the determination;
  
  wherein the feedback data is obtained from a trust server that stores information regarding two or more previous certificate validity determinations made by two or more peer entities.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. A method as recited in claim 1, wherein the one or more peer entities is one or more entities other than a validating entity attempting to validate the certificate.
  - 3. A method as recited in claim 1, wherein the certificate is associated with public key cryptography.
  - 4. A method as recited in claim 1, wherein the one or more peer entities includes one or more entities included in a peer-to-peer network.
  - 5. A method as recited in claim 1, wherein the one or more peer entities includes one or more entities included in one or more of the following:
    - an instant message network, a social network service, a chat service, a newsgroup, and a mailing list.
  - 6. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes querying one or more peer network nodes.
  - 7. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes querying a server associated with certificate validation.
  - 8. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes computing a hash value of at least a portion of the certificate used to identify the certificate.
  - 9. A method as recited in claim 8, wherein validating the certificate includes presenting data associated with the responses to a user and prompting the user for an input associated with the validity of the certificate.
  - 10. A method as recited in claim 1, wherein a statistical value based at least in part on the responses is at least in part used to validate the certificate.
  - 11. A method as recited in claim 10, wherein the statistical value is calculated using one or more weight values associated the responses.
  - 12. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes receiving one or more reasons for a previous validity decision by the peer entities.
  - 13. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes receiving number of peer entities that previously determined the certificate to be valid.
  - 14. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes receiving number of peer entities that previously determined the certificate issuer to be valid.
  - 15. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes receiving one or more confidence levels of the previous validity determination made by the peer entities.
  - 16. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes receiving reliability information of the peer entities.
  - 17. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid includes receiving a profile of the peer entities.
  - 18. A method as recited in claim 1, further comprising indicating information associated with the validity of the certificate to a trust server or a peer network node.
  - 19. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid is performed only after verifying a signature included in the certificate is valid.
  - 20. A method as recited in claim 1, wherein validating the certificate is based at least in part on one or more previous certificate validity determinations of a validating entity.
  - 21. A method as recited in claim 1, wherein determining whether the certificate was previously determined to be valid is performed when attempting to access encrypted data associated with a cryptographic key included in the certificate.
  - 22. A method as recited in claim 21, wherein the encrypted data includes one or more of the following:
    - a Portable Document Format file, a word processing document, a spread sheet, a presentation, visual graphic content, audio content, multimedia content, Extensible Markup Language content, Hyper Text Mark-Up Language content, web based content, script content, and database content.
  - 23. A method as recited in claim 1, wherein the feedback data includes an indication of one or more groups to which one or more of the peer entities belongs.
  - 24. A method as recited in claim 1, wherein the feedback data includes trust level data associated with one or more of the peer entities.
  - 25. A method as recited in claim 1, wherein the feedback data includes an indication of whether or not the certificate was previously determined to be valid by one or more of the peer entities.

26. A system, comprising:
- a processor; and
  
  a memory coupled with the processor, wherein the memory is configured to provide the processor with instructions which when executed cause the processor to;
  
  determine whether a certificate is associated with a trust anchor;
  
  in the event that it is determined that the certificate is associated with the trust anchor, determine that the certificate is valid;
  
  in the event that it is determined that the certificate is not associated with the trust anchor;
  
  determine whether the certificate was previously determined to be valid by one or more peer entities, including;
  
  send data associated with the certificate;
  
  receive feedback data associated with one or more previous certificate validity determinations made by one or more peer entities; and
  
  validate the certificate based at least in part on the determination;
  
  wherein the feedback data is obtained from a trust server that stores information regarding two or more previous certificate validity determinations made by two or more peer entities.
- View Dependent Claims (27, 28)
- - 27. A system as recited in claim 26, wherein the one or more peer entities is one or more entities other than a validating entity attempting to validate the certificate.
  - 28. A system as recited in claim 26, wherein the memory is configured to determine whether the certificate was previously determined to be valid including by querying one or more peer network nodes.

29. A computer program product, the computer program product being embodied in a non-transitory computer readable medium and comprising computer instructions for:
- determining whether a certificate is associated with a trust anchor;
  
  in the event that it is determined that the certificate is associated with the trust anchor, determining that the certificate is valid;
  
  in the event that it is determined that the certificate is not associated with the trust anchor;
  
  determining whether the certificate was previously determined to be valid by one or more peer entities, including;
  
  sending data associated with the certificate;
  
  receiving feedback data associated with one or more previous certificate validity determinations made by one or more peer entities; and
  
  validating the certificate based at least in part on the determination=wherein the feedback data is obtained from a trust server that stores information regarding two or more previous certificate validity determinations made by two or more peer entities.
- View Dependent Claims (30, 31)
- - 30. A computer program product as recited in claim 29, wherein the one or more peer entities is one or more entities other than a validating entity attempting to validate the certificate.
  - 31. A computer program product as recited in claim 29, wherein determining whether the certificate was previously determined to be valid includes querying one or more peer network nodes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Systems Incorporated (Adobe Inc.)
Inventors
Steele, Joseph, Agrawal, Sunil
Primary Examiner(s)
Parthasarathy, Pramila

Application Number

US11/359,238
Time in Patent Office

2,324 Days
Field of Search

713/156, 713/155, 713/178, 380/229, 380/232, 380/247, 380/250, 380/258, 705/67
US Class Current

713/152
CPC Class Codes

H04L 63/105 Multiple levels of security

H04L 9/3268 using certificate validatio...

Establishing trust via aggregate peer ranking

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Establishing trust via aggregate peer ranking

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links