Method and system for identity authentication
First Claim
1. In a multi-entity network environment, a method for creating a first entity'"'"'s digital identification dynamically for a second entity to authenticate said first entity, comprising:
- disclosing a public key of said first entity;
receiving an electronic network request from a device of said second entity by a device of said first entity;
acquiring the network address of said second entity by a device of said first entity;
based on the acquired network address, determining the content of a character string comprising information related to said second entity;
creating a digital identification of said first entity by processing said string using a private key, said private key being the private key in a private and public key pair of said first entity'"'"'s where the public key being the disclosed public key;
transmitting a response comprising the dynamically created digital identification to said network address;
whereby said digital identification of said first entity is dynamically created for said second entity using said second entity'"'"'s information and is valid only when used by said second entity.
0 Assignments
0 Petitions
Accused Products
Abstract
Used in a communication involving Entity 1 and Entity 2 to authenticate Entity 1'"'"'s identity, a digital identification of Entity 1 comprises an encrypted character string wherein the string is related to Entity 2 and is directly or indirectly encrypted with a key in a private/public key pair of Entity 1'"'"'s. Such digital identification is dynamic and can be used as one-time or multiple-time identification. Such digital identification of an entity allows for the entity'"'"'s being authenticated by another entity without the two entities having a one-to-one communication in advance. Also such a digital identification does not rely on the syntax of other messages or data as does a digital signature do and can be verified easily. The verification of such a digital identification can be easily confirmed by both human beings and machines.
-
Citations
20 Claims
-
1. In a multi-entity network environment, a method for creating a first entity'"'"'s digital identification dynamically for a second entity to authenticate said first entity, comprising:
-
disclosing a public key of said first entity;
receiving an electronic network request from a device of said second entity by a device of said first entity;
acquiring the network address of said second entity by a device of said first entity;
based on the acquired network address, determining the content of a character string comprising information related to said second entity;
creating a digital identification of said first entity by processing said string using a private key, said private key being the private key in a private and public key pair of said first entity'"'"'s where the public key being the disclosed public key;
transmitting a response comprising the dynamically created digital identification to said network address;whereby said digital identification of said first entity is dynamically created for said second entity using said second entity'"'"'s information and is valid only when used by said second entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
8. The method as recited in claim 2 wherein processing said string using a private key of said first entity'"'"'s comprising:
encrypting said string with the private key using an asymmetric encryption method, said private key being the private key in a private and public key pair of said first entity'"'"'s where the public key being the disclosed public key.
-
9. The method as recited in claim 8 wherein said asymmetric encryption method is a RSA public key crypto algorithm.
-
10. The method as recited in claim 2 wherein transmitting a response to said network address is conducted through a secured link.
-
11. The method as recited in claim 1, wherein said content of said character string comprises said second entity'"'"'s identity information.
-
12. The method as recited in claim 1, wherein said content of said character string comprises information related to what said first entity communicates to said second entity.
-
13. The method as recited in claim 1, wherein said content of said character string comprises said first entity'"'"'s identity information.
-
14. The method as recited in claim 1, wherein said content of said character string comprises an identifier that identifies said dynamic digital identification.
-
15. The method as recited in claim 1, wherein said response comprises a webpage.
-
16. In a multi-entity network environment, a method for authenticating a first entity'"'"'s identity by a second entity, comprising:
-
sending an electronic network request by a device of said second entity to a device of said first entity;
receiving a response comprising a dynamic digital identification of said first entity at said second entity'"'"'s network address, said dynamic digital identification being created based on said network address after said network request is received and said network address is acquired by said first entity, by encrypting a character string comprising information related to said second entity using an encryption key of said first entity'"'"'s;
acquiring a public key of said first entity'"'"'s, said public key being the public key in a public and private key pair;
decrypting said dynamic digital identification to produce a result by using said public key of said first entity'"'"'s;
verifying the identity of said first entity by matching said result against the expected content including information related to said second entity,whereby said second entity authenticates said first entity with the dynamic digital identification created dynamically by said first entity for said second entity and the dynamic digital identification is valid only when used by said second entity. - View Dependent Claims (17, 18, 19, 20)
-
Specification