System and method for establishing trust using secure transmission protocols
First Claim
1. A method comprising:
- generating a first authentication-related communication at an authentication server on behalf of a relying party the first authentication-related communication being directed to a client device having one or more authenticators;
signing the first authentication-related communication using a first key of a self-signed certificate from a decentralized public key infrastructure (PKI);
establishing a first secure communication channel with a relying party app on the client device using a trusted secure communication infrastructure;
transmitting the first authentication-related communication with the signature to the relying party app over the first secure communication channel;
establishing a second secure communication channel with an authentication client on the client device using a trusted secure communication infrastructure;
transmitting a second key of the self-signed certificate from the decentralized PKI to the authentication client over the second communication channel;
providing the first authentication-related communication from the relying party app to the authentication client; and
the authentication client using the second key to validate the signature generated over the first authentication-related communication with the first key.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, apparatus, method, and machine readable medium are described for establishing trust using secure communication protocols. For example, one embodiment of a method comprises: generating a first authentication-related communication at an authentication server on behalf of a relying party the first authentication-related communication being directed to a client device having one or more authenticators; signing the first authentication-related communication using a first key of a self-signed certificate from a decentralized public key infrastructure (PKI); establishing a first secure communication channel with a relying party app on the client device using a trusted secure communication infrastructure; transmitting the first authentication-related communication with the signature to the relying party app over the first secure communication channel; establishing a second secure communication channel with an authentication client on the client device using a trusted secure communication infrastructure; transmitting a second key of the self-signed certificate from the decentralized PKI to the authentication client over the second communication channel; providing the first authentication-related communication from the relying party app to the authentication client; and the authentication client using the second key to validate the signature generated over the first authentication-related communication with the first key.
-
Citations
24 Claims
-
1. A method comprising:
-
generating a first authentication-related communication at an authentication server on behalf of a relying party the first authentication-related communication being directed to a client device having one or more authenticators; signing the first authentication-related communication using a first key of a self-signed certificate from a decentralized public key infrastructure (PKI); establishing a first secure communication channel with a relying party app on the client device using a trusted secure communication infrastructure; transmitting the first authentication-related communication with the signature to the relying party app over the first secure communication channel; establishing a second secure communication channel with an authentication client on the client device using a trusted secure communication infrastructure; transmitting a second key of the self-signed certificate from the decentralized PKI to the authentication client over the second communication channel; providing the first authentication-related communication from the relying party app to the authentication client; and the authentication client using the second key to validate the signature generated over the first authentication-related communication with the first key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for performing authentication comprising:
-
a client device having one or more authenticators, an authentication client and a relying party app; an authentication server operated on behalf of a relying party generating a first authentication-related communication directed to the client device; the authentication server signing the first authentication-related communication using a first key of a self-signed certificate from a decentralized public key infrastructure (PKI); the authentication server establishing a first secure communication channel with a relying party app on the client device using a trusted secure communication infrastructure; the authentication server transmitting the first authentication-related communication with the signature to the relying party app over the first secure communication channel; the authentication server establishing a second secure communication channel with an authentication client on the client device using a trusted secure communication infrastructure; the authentication server transmitting a second key of the self-signed certificate from the decentralized PKI to the authentication client over the second communication channel; the relying party app providing the first authentication-related communication to the authentication client; and the authentication client using the second key to validate the signature generated over the first authentication-related communication with the first key. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification