Electronic signature validation systems and methods for asynchronous environments
First Claim
1. An electronic signature validation system, said system comprising:
- at least one onboard computer system (OCS), wherein the OCS is a subsystem removable from at least one control system configured as part of a mobile vehicle the OCS including;
a signature generator module configured to assist in generating a digital signature for a communication being sent by the OCS to at least one central computer system (CCS) located remotely from the at least one OCS, wherein the signature generator module receives user information;
a cryptographic module in communication with the signature generator module configured to;
receive the user information from the signature generator module;
generate a cryptographic hash;
create the digital signature by signing the cryptographic hash based on the user information received from the signature generator module; and
receive a dynamic certificate that is supplied to the OCS by an entity remote from the OCS that is operating the system, and that uniquely identifies the OCS that has generated the communication and the mobile vehicle that the OCS is located on;
the at least one remote CCS configured to receive the signed cryptographic hash that forms the digital signature, and to receive the dynamic certificate from the at least one OCS via a wireless, asynchronous communications link, the at least one CCS comprising;
a user database having stored thereon user account information for all users authorized to digitally sign messages transmitted from the at least one OCS to the at least one CCS, via the asynchronous communications link; and
a signature validator module configured to check the dynamic certificate against a certificate authority to validate the dynamic certificate and to validate the digital signature against all authorized users stored in the user database.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for non-real-time validation of an electronically signed message transmitted via an asynchronous communications link is provided. The method includes creating an electronic message comprising an electronically signed data entry created by executing a secure data application first portion (SDA1) module hosted by a mobile system. The method additionally includes passing the message to a communications management function first portion (CMF1) module via a synchronous interface. The CMF1 module is hosted by the mobile system. The method further includes transmitting the message from the CMF1 module to a communications management function second portion (CMF2) module in a temporally delayed manner using an asynchronous communications link. The CMF2 module is hosted by a central computer system (CCS) located remotely from the mobile system. The method further yet includes validating the electronically signed entry in a temporally delayed manner utilizing a user database. The user database is hosted by the CCS and has stored thereon user account information for all users authorized to electronically sign entries transmitted from the mobile system to the CCS. The user account information includes user information and/or user personal identification numbers (PINs) for each authorized user.
12 Citations
24 Claims
-
1. An electronic signature validation system, said system comprising:
-
at least one onboard computer system (OCS), wherein the OCS is a subsystem removable from at least one control system configured as part of a mobile vehicle the OCS including; a signature generator module configured to assist in generating a digital signature for a communication being sent by the OCS to at least one central computer system (CCS) located remotely from the at least one OCS, wherein the signature generator module receives user information; a cryptographic module in communication with the signature generator module configured to; receive the user information from the signature generator module; generate a cryptographic hash; create the digital signature by signing the cryptographic hash based on the user information received from the signature generator module; and receive a dynamic certificate that is supplied to the OCS by an entity remote from the OCS that is operating the system, and that uniquely identifies the OCS that has generated the communication and the mobile vehicle that the OCS is located on; the at least one remote CCS configured to receive the signed cryptographic hash that forms the digital signature, and to receive the dynamic certificate from the at least one OCS via a wireless, asynchronous communications link, the at least one CCS comprising; a user database having stored thereon user account information for all users authorized to digitally sign messages transmitted from the at least one OCS to the at least one CCS, via the asynchronous communications link; and a signature validator module configured to check the dynamic certificate against a certificate authority to validate the dynamic certificate and to validate the digital signature against all authorized users stored in the user database. - View Dependent Claims (2, 3, 4)
-
-
5. A method for validation of a digitally signed message transmitted via an asynchronous communications link, said method comprising:
-
in a mobile vehicle, creating an electronic message comprising a digitally signed data entry by executing a secure data application first portion (SDA1) module configured in an onboard computer system (OCS) being a removable subsystem of a control system configured as part of the mobile vehicle, the digitally signed data entry forming a digital signature on the data entry using user information and including a hardware electronic certificate supplied by a remote operator of the mobile vehicle, where the hardware certificate uniquely identifies the mobile vehicle and the OCS being operated from the control system configured as part of the mobile vehicle; a remotely located central computer system (CCS), where the electronic message is communicated from the mobile vehicle to the CCS; passing the electronic message, comprising the digitally signed data entry and hardware certificate, to a communications management function first portion (CMF1) module via a synchronous interface, the CMF1 module configured in the OCS; transmitting the electronic message, comprising the digitally signed data entry and the hardware certificate, from the CMF1 module to a communications management function second portion (CMF2) module in a time delayed manner using an asynchronous communications link, the CMF2 module configured in the CCS located remotely from the OCS; and validating the electronic message, wherein validating the electronic message comprises; validating the digitally signed data entry in a time delayed manner utilizing a user database to compare the digitally signed data entry, wherein the user database is stored in the CCS, and wherein the user database stores user account information for all users authorized to digitally sign data entries transmitted from the OCS to the CCS, the user account information comprising at least one of user information and a user personal identification number (PIN) for each authorized user of the OCS; and validating the hardware certificate against a certificate authority to validate the hardware certificate. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for temporally delayed validation of an digitally signed message transmitted from an onboard computer system (OCS) being operated on an aircraft to a remotely located central computer system (CCS) via an asynchronous communications link, said method comprising:
-
creating an electronic message comprising digitally signed data entry, wherein the digitally signed data entry forms a digital signature on the data entry using user information and including a hardware electronic certificate supplied by a remote operator of the aircraft, wherein the hardware electronic certificate uniquely identifies both the aircraft and the OCS operated from the aircraft and the digitally signed data entry further being created by executing a secure data application first portion (SDA1) module configured in the OCS operating in the aircraft, wherein the OCS is a removable subsystem of a control system configured as part of the aircraft, and the electronic message comprising the electronically digitally signed data entry and the hardware electronic certificate being communicated from the aircraft to the remotely located CCS; passing the electronic message, comprising the digitally signed data entry and electronic certificate, to a communications management function first portion (CMF1) module via a synchronous interface, the CMF1 module configured in the OCS operating on the aircraft; transmitting the electronic message, comprising the digitally signed data entry and the hardware electronic certificate from the CMF1 module to a communications management function second portion (CMF2) module in a time delayed manner using an asynchronous communications link, the CMF2 module configured in the CCS located remotely from the aircraft; validating the electronic message, wherein validating the electronic message comprises; validating the digitally signed data entry in a time delayed manner utilizing a user database to compare the digitally signed data entry, wherein the user database is stored in the CCS, and wherein the user database stores user account information for all users authorized to digitally sign entries transmitted from the aircraft to the CCS, the user account information comprising at least one of user information and a user personal identification number (PIN) for each one of a plurality of authorized users of the OCS; and validating the electronic certificate against a certificate authority to validate the hardware electronic certificate. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification