System and method for confirming identity and authority by a patient medical device
First Claim
1. A system for confirming identity and authority by a patient medical device, comprising:
- master credentials issued to a requesting device and an implantable medical device from an authorizing agent comprising a public key of the authorizing agent, a public key of a verification agent, and a digital signature of a root certification authority;
device credentials issued to the requesting device from the authorizing agent comprising a public key of the requesting device and a digital signature of the authorizing agent;
short-term authorization credentials issued to the requesting device from the verification agent comprising a digital signature of the verification agent, the short-term authorization credentials including an expiration date;
access credentials provided to the implantable medical device, the access credentials comprising the device credentials, the short-term authorization credentials, and a digital signature of the requesting device; and
an authentication module configured to authenticate the requesting device, comprising;
a device credential module configured to check the digital signature of the authorizing agent in the device credentials using the public key of the authorizing agent in the master credentials of the implantable medical device; and
an identification credential module configured to check the digital signature of the requesting device in the access credentials using the public key of the requesting device in the device credentials; and
an authorization credentials module configured to check the digital signature of the verification agent in the short term authorization credentials using the public key of the verification agent in the master credentials of the implantable medical device and verify that the expiration date has not passed; and
a reauthorization module to get updated short term authorization credentials from the verification agent with an updated expiration date.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for confirming identity and authority by a patient medical device is provided. Master credentials are issued to a requesting device and a receiving device from an authorizing agent. The master credentials include the authorizing agent'"'"'s public key and a digital signature of a root certification authority. Device credentials are issued to the requesting device from the authorizing agent. The device credentials include the requesting device'"'"'s public key and the authorizing agent'"'"'s digital, signature. Identification credentials are provided to the receiving device and include the device credentials and the requesting device'"'"'s digital signature. The requesting device is authenticated. The authorizing agent'"'"'s digital signature in the device credentials is checked using the authorizing agent'"'"'s public key in the master credentials of the receiving device. The requesting device'"'"'s digital signature in the identification credentials is checked using the requesting device'"'"'s public key in the device credentials.
18 Citations
20 Claims
-
1. A system for confirming identity and authority by a patient medical device, comprising:
-
master credentials issued to a requesting device and an implantable medical device from an authorizing agent comprising a public key of the authorizing agent, a public key of a verification agent, and a digital signature of a root certification authority; device credentials issued to the requesting device from the authorizing agent comprising a public key of the requesting device and a digital signature of the authorizing agent; short-term authorization credentials issued to the requesting device from the verification agent comprising a digital signature of the verification agent, the short-term authorization credentials including an expiration date; access credentials provided to the implantable medical device, the access credentials comprising the device credentials, the short-term authorization credentials, and a digital signature of the requesting device; and an authentication module configured to authenticate the requesting device, comprising; a device credential module configured to check the digital signature of the authorizing agent in the device credentials using the public key of the authorizing agent in the master credentials of the implantable medical device; and an identification credential module configured to check the digital signature of the requesting device in the access credentials using the public key of the requesting device in the device credentials; and an authorization credentials module configured to check the digital signature of the verification agent in the short term authorization credentials using the public key of the verification agent in the master credentials of the implantable medical device and verify that the expiration date has not passed; and a reauthorization module to get updated short term authorization credentials from the verification agent with an updated expiration date. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for confirming identity and authority by a patient medical device, comprising:
-
issuing master credentials to a requesting device and a implantable medical device from an authorizing agent comprising a public key of the authorizing agent, a public key of a verification agent, and a digital signature of a root certification authority; issuing device credentials to the requesting device from the authorizing agent comprising a public key of the requesting device and a digital signature of the authorizing agent; issuing short-term authorization credentials to the requesting device from the verification agent comprising a digital signature of the verification agent, the short-term authorization credentials including an expiration date; providing access credentials to the implantable medical device, the access credentials comprising the device credentials, the short-term authorization credentials, and a digital signature of the requesting device; and authenticating the requesting device, comprising; checking the digital signature of the authorizing agent in the device credentials using the public key of the authorizing agent in the master credentials of the implantable medical device checking the digital signature of the requesting device in the access credentials using the public key of the requesting device in the device credentials; checking the digital signature of the verification agent in the short-term authorization credentials using the public key of the verification agent in the master credentials of the implantable medical device and verifying that the expiration date has not passed; and getting updated short-term authorization credentials from the verification agent with an updated expiration date. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification