System and method for expressing and evaluating signed reputation assertions

US 8,571,990 B2
Filed: 08/01/2008
Issued: 10/29/2013
Est. Priority Date: 03/06/2007
Status: Active Grant

First Claim

Patent Images

1. A method of providing reputation services over a network, implemented in a computer system associated with a trusted entity, the method comprising:

at the computer system associated with the trusted entity, receiving a request from a first party for a signed assertion concerning the reputation of a second party;

retrieving reputation-forming information (RFI) associated with the second party, the RFI comprising information that permits the trusted entity to make the requested signed assertion concerning the reputation of the second party;

creating, by the computer system, a reputation statement concerning the second party from the RFI;

binding, by the computer system, a piece of content, wherein the binding comprises generating a hash of the content;

generating, by the computer system, an assertion from the reputation statement, wherein the assertion includes the reputation statement, at least a portion of the RFI used to generate the reputation statement, said hash of the content, and an identity of the trusted entity;

signing, by the computer system, at least a portion of the assertion to produce said signed assertion to identify the trusted entity as the source of the signed assertion; and

transmitting, by the computer system, the signed assertion over the network to the first party.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for expressing and evaluating signed reputation assertions is disclosed. In one embodiment, a first entity receives a request to generate a signed assertion relating to a piece of content. The first entity generates a reputation statement about a second entity from reputation-forming information (RFI) about the second entity available to the first entity. The first entity then generates a signed assertion from the reputation statement and the piece of content at least in part by binding the piece of content to the reputation statement and signing a portion encompassing at least one of the bound piece of content and the bound reputation statement. The signed assertion is then transmitted to a receiving entity.

19 Citations

View as Search Results

20 Claims

1. A method of providing reputation services over a network, implemented in a computer system associated with a trusted entity, the method comprising:
- at the computer system associated with the trusted entity, receiving a request from a first party for a signed assertion concerning the reputation of a second party;
  
  retrieving reputation-forming information (RFI) associated with the second party, the RFI comprising information that permits the trusted entity to make the requested signed assertion concerning the reputation of the second party;
  
  creating, by the computer system, a reputation statement concerning the second party from the RFI;
  
  binding, by the computer system, a piece of content, wherein the binding comprises generating a hash of the content;
  
  generating, by the computer system, an assertion from the reputation statement, wherein the assertion includes the reputation statement, at least a portion of the RFI used to generate the reputation statement, said hash of the content, and an identity of the trusted entity;
  
  signing, by the computer system, at least a portion of the assertion to produce said signed assertion to identify the trusted entity as the source of the signed assertion; and
  
  transmitting, by the computer system, the signed assertion over the network to the first party.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 wherein the bound piece of content comprises a token that restricts the validity of the assertion based upon one or more of delivery and time.
  - 3. The method of claim 2 wherein said token restricting validity requires validating the signed assertion by a confirming authority.
  - 4. The method of claim 3 further comprising receiving compensation from the third party.
  - 5. The method of claim 1 further comprising receiving compensation from the first party.
  - 6. The method of claim 1 wherein the assertion includes a subject token that comprises at least one of an authenticated identity, Uniform Resource Identifier (“
    - URI”
      
      )-based identity, a pseudonymous identity, a revocably anonymous identity, a group identity, a confirmed identity, a cryptographic identity, a possession-based identity, and a biometric-based identity.
  - 7. The method of claim 1 wherein the generating a signed assertion comprises incorporating in the assertion at least one of additional information, a second signed assertion, a delivery restriction, a content restriction, a verification procedure, a reference, an annotation, and an ontology.
  - 8. The method of claim 1 wherein the RFI comprises RFI received from the second party and RFI retrieved from multiple sources.
  - 9. The method of claim 1 further comprising incorporating into a data structure the assertion, the reputation statement, the portion of RFI, and the piece of content, and said signing comprises signing the data structure.
  - 10. The method of claim 7 wherein the signed assertion incorporates one of a time restriction, a delivery restriction, a content restriction, a cryptographic procedure, a verification procedure, and a second reputation statement.
  - 11. The method of claim 1 further comprises encrypting by the computer system the signed assertion.

12. A reputation services system comprising:
- a computer system coupled a trusted entity to a network, the computer system comprising;
  
  a receiving module for receiving a request from a first party for a signed assertion concerning the reputation of a second party;
  
  a retrieval module adapted to retrieve over the network reputation-forming information (RFI) associated with the second party;
  
  a reputation module adapted to create a reputation statement concerning the second party, the reputation statement reflecting a calculation over the RFI and the reputation module binding a hash of a piece of content;
  
  an assertion generator module for generating an assertion about the second party from the reputation statement, at least a portion of the RFI, and said hash of said piece of content;
  
  a signing module adapted to generate the signed assertion by signing at least a portion of the assertion to identify the trusted entity as the source of the signed assertion; and
  
  a transmitter module adapted to send the signed assertion over the network to the first party.
- View Dependent Claims (13, 14, 15)
- - 13. The system of claim 12, wherein the piece of bound content to the reputation statement restricts the validity of the assertion based upon one or more of delivery and time.
  - 14. The system of claim 12, wherein the assertion generator module generates said assertion by incorporating said reputation statement, said at least a portion of the RFI, and said piece of bound content into a data structure, and wherein said signing module signs said data structure to generate said signed assertion.
  - 15. The system of claim 14 wherein the piece of bound content comprises a token that requires the signed assertion to be validated by a confirming entity.

16. A computing system associated with a trusted entity and connected to a computer network, the computer system including a non-transitory computer-readable medium embodying computer-executable instructions, which control the computer system to perform a method that comprises:
- receiving a request from a first party for a signed assertion concerning the reputation of a second party;
  
  retrieving reputation-forming information (RFI) associated with the second party, the RFI comprising information that permits the trusted entity to make the requested signed assertion concerning the reputation of the second party;
  
  creating a reputation statement concerning the second party from the RFI;
  
  binding a piece of content by generating a hash of the content;
  
  generating an assertion from the reputation statement, wherein the assertion includes the reputation statement, at least a portion of the RFI used to generate the reputation statement, said hash of the content, and an identity of the trusted entity;
  
  signing at least a portion of the assertion to produce said signed assertion to identify the trusted entity as the source of the signed assertion; and
  
  transmitting the signed assertion over the network to the first party.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The computing system of claim 16 wherein the bound piece of content comprises a token that restricts the validity of the assertion based upon one or more of delivery and time.
  - 18. The computing system of claim 16 wherein the RFI comprises RFI received from the second party and RFI retrieved from multiple sources.
  - 19. The computing system of claim 16 wherein the computer-executable instructions include instructions that, when executed, incorporate into the signed assertion one or more of a time restriction, a delivery restriction, a content restriction, a cryptographic procedure, a verification procedure, and a second reputation statement.
  - 20. The computing system of claim 16 wherein the computer-executable instructions include instructions that incorporate into a data structure the assertion, the reputation statement, the portion of RFI, and the piece of content, and said instructions for signing comprise instructions for signing the data structure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Buss, Duane
Primary Examiner(s)
Nigh, James D

Application Number

US12/184,420
Publication Number

US 20080288278A1
Time in Patent Office

1,915 Days
Field of Search

705/50
US Class Current

705/50
CPC Class Codes

G06Q 10/10   Office automation; Time man...

H04L 63/0823   using certificates cryptogr...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

System and method for expressing and evaluating signed reputation assertions

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

19 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System and method for expressing and evaluating signed reputation assertions

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others