Trusted identities on a trusted computing platform

US 8,370,631 B2
Filed: 07/29/2002
Issued: 02/05/2013
Est. Priority Date: 07/30/2001
Status: Active Grant

First Claim

Patent Images

1. A method of producing a trusted identity for a user of a trusted computing platform adapted to assure third parties interacting with the computer platform that the computer platform operates according to an indicated specification comprising:

sending at least one existing identity certificate of the trusted computing platform and personal data of the user to a certification authority,the certification authority then verifying the at least one existing identity certificate and the personal data,on successful verification the certification authority producing at least one new identity certificate incorporating at least some of the personal data and sends the at least one new identity certificate to the user.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A trusted certification authority service allows a user to control a combination or a subset of personal credentials associated with different trusted identities of the user to create a new identity that may be used by the user to entitle him to access or obtain a third party service. The copying and/or transfer of trust values (such as bank balances or loyalty points) between different trusted identities in order can maintain the anonymity of a person having one or more of said identities.

25 Citations

View as Search Results

20 Claims

1. A method of producing a trusted identity for a user of a trusted computing platform adapted to assure third parties interacting with the computer platform that the computer platform operates according to an indicated specification comprising:
- sending at least one existing identity certificate of the trusted computing platform and personal data of the user to a certification authority,the certification authority then verifying the at least one existing identity certificate and the personal data,on successful verification the certification authority producing at least one new identity certificate incorporating at least some of the personal data and sends the at least one new identity certificate to the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. A method as claimed in claim 1, in which the personal data is included in the at least one existing identity certificate sent to the certification authority.
  - 3. A method as claimed in claim 1, in which the new certificate is all amended existing certificate.
  - 4. A method as claimed in claim 1, in which the new certificate is sent to the user with a new private key.
  - 5. A method as claimed in claim 1, in which the new identity certificate includes a label and a public key, together with the personal data.
  - 6. A method as claimed in claim 1, in which the at least one existing identity is signed by a trusted device, being a hardware trusted component physically and logically resistant to unauthorised modification, of the trusted computing platform.
  - 7. A method as claimed in claim 1, in which the new identity certificate is anonymous, in that the personal data is vouched for by the certification authority, the public/private key pair is derived from random numbers and the label is chosen by the user.
  - 8. A method as claimed in claim 1, in which the personal data is at least one personal credential of the user.
  - 9. A method as claimed in claim 8, in which the at least one personal credential includes personal details or information relating to the user.
  - 10. A method as claimed in claim 9, in which the personal data is used to allow a user to obtain benefits in the form of discounts from third parties, credit points and/or preferred status.
  - 11. A method as claimed in claim 1, in which the personal data is one or more trust values.
  - 12. A method as claimed in claim 11, in which the trust values include numerical values, credits, points, or a combination thereof which may be a bank balance, loyalty card points, a credit worthiness score, or a level of credit worthiness.
  - 13. A method as claimed in claim 11, in which the personal data is copyable.
  - 14. A method as claimed in claim 13, in which the copyable personal data is copied from an existing identity of the user to the new identity by the certification authority.
  - 15. A method as claimed in claim 13, wherein the personal data is credit worthiness.
  - 16. A method as claimed in claim 11, in which the personal data is non-copyable.
  - 17. A method as claimed in claim 16, in which the non-copyable personal data is transferred, collated, divided, or a combination thereof by the certification authority between identities or into one or more new identity certificates.
  - 18. A method as claimed in claim 16, wherein the personal data is a number of credit points or a bank balance.

19. A trusted computing platform, including a processor and a memory, adapted to assure third parties interacting with the trusted computing platform that the trusted computing platform operates according to an indicated specification and having at least one existing identity certificate and being operable to send said at least one identity certificate and personal data of a user to a certification authority for verification, and in which the trusted computing platform is operable to receive from the certification authority a new identity certificate incorporating at least some of the personal data.

20. A certification authority, including a processor and a memory, for providing a trusted identity for a user of a trusted computing platform adapted to assure third parties interacting with the computer platform that the computer platform operates according to an indicated specification, wherein the certification authority is adapted to receive at least one existing identity certificate of the trusted computing platform and personal data of the user, to verify the at least one existing identity certificate and the personal data, and on successful verification, to produce at least one new identity certificate incorporating at least some of the personal data and sends the at least one new identity certificate to the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Pearson, Siani
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US10/208,716
Publication Number

US 20030037233A1
Time in Patent Office

3,844 Days
Field of Search

726/5, 726/10, 726 18- 19, 713155-157
US Class Current

713/175
CPC Class Codes

G06F 21/33 using certificates

Trusted identities on a trusted computing platform

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted identities on a trusted computing platform

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links