Method and system for internationally providing trusted universal identification over a global communications network

US 20030177356A1
Filed: 03/15/2002
Published: 09/18/2003
Est. Priority Date: 03/15/2002
Status: Active Grant

First Claim

Patent Images

1. A method for providing an international infrastructure for trusted universal authentication over a worldwide communications network comprising:

(a) a global authority represented by participating nations of the world (b) a local authority for each said participating nation, overseen by said global authority (c) a unique country identifier representing each said participating nation (d) at least one entity in each said participating nation whose members need to be authenticated (e) a unique identifier representing each said entity (hereinafter, the “

uID group code”

) (f) at least one official data source for each said participating nation'"'"'s said entity members comprising;

(i) a unique identifier representing each said entity member (ii) officially verified data about said entity member, mapped to said unique identifier (g) a local server system (hereinafter, “

uID server”

) set up and maintained by each of said local authorities and coupled to said worldwide communications network comprising;

(i) a database comprising a record for each one of said entity members whose said unique identifier and said officially verified data are imported from respective said official data source (ii) a conversion process for converting said imported unique identifiers to a universal format by attaching to each, their respective said unique country identifier and said uID group code, thereby creating a worldwide unique universal identifier (hereinafter, “

uID”

) representing said entity member thereby creating a uID member (iii) a mapping component for mapping to said uID at least one digital secret known only to said uID member (iv) an update component for enabling said data in said database to be in synchronization with said official data source, thereby reflecting any changes in said official data source (v) a server engine comprising at least one server component offering a particular information service to said uID members worldwide (vi) a client engine comprising at least one client component enabling the receipt of said particular information service from counterpart said server components (vii) a unique server identifier (viii) at least one digital secret mapped to said server identifier (h) a multitude of client systems (hereinafter, “

uID clients”

) coupled to said worldwide communications network, each comprising;

(i) means for accepting input comprising said uID of user (hereinafter, the “

enquirer”

) (ii) means for accepting input comprising said digital secret/s of said enquirer (iii) memory for storing said enquirer'"'"'s uID and said digital secret/s for the duration of use (iv) means for accepting input comprising said uID of any said uID member to be enquired upon (hereinafter, the “

enquired”

) (v) a routing component for resolving said uID server hosting said record of said enquired (hereinafter, the enquired'"'"'s “

Home uID Server”

) indicated by said country identifier in said enquired'"'"'s uID (vi) a request component for submitting to said enquired'"'"'s home uID server, a request for information mapped to said enquired'"'"'s uID in the form of one of said information services available from said enquired'"'"'s home uID server'"'"'s engine, authenticated by said enquirer'"'"'s uID and said digital secret/s stored in said memory.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method for providing an international infrastructure for trusted universal identification over the Internet by using existing resources. Each participating country sets up a national database and server system and imports data from local, official ID data sources which are normally indexed by a unique identifier (203). Attaching the home country'"'"'s ISO-3166 code (201) to this identifier, a worldwide unique identifier results (“universal ID” or “uID”). The binding of a group code (202)to uID widens scope to identify other entities. Each country connects its database to the Internet (101) and acts as an authentication and authorization broker to worldwide uID holders. A user, to access securely any uID compliant service (107) on the Internet, may use his/her uID (109) in conjunction with a password or biometric data. It may be used in international, security sensitive areas to produce trusted identity and to securely submit personal details without the burden of filling in forms.

81 Citations

View as Search Results

20 Claims

1. A method for providing an international infrastructure for trusted universal authentication over a worldwide communications network comprising:
- (a) a global authority represented by participating nations of the world (b) a local authority for each said participating nation, overseen by said global authority (c) a unique country identifier representing each said participating nation (d) at least one entity in each said participating nation whose members need to be authenticated (e) a unique identifier representing each said entity (hereinafter, the “
  
  uID group code”
  
  ) (f) at least one official data source for each said participating nation'"'"'s said entity members comprising;
  
  (i) a unique identifier representing each said entity member (ii) officially verified data about said entity member, mapped to said unique identifier (g) a local server system (hereinafter, “
  
  uID server”
  
  ) set up and maintained by each of said local authorities and coupled to said worldwide communications network comprising;
  
  (i) a database comprising a record for each one of said entity members whose said unique identifier and said officially verified data are imported from respective said official data source (ii) a conversion process for converting said imported unique identifiers to a universal format by attaching to each, their respective said unique country identifier and said uID group code, thereby creating a worldwide unique universal identifier (hereinafter, “
  
  uID”
  
  ) representing said entity member thereby creating a uID member (iii) a mapping component for mapping to said uID at least one digital secret known only to said uID member (iv) an update component for enabling said data in said database to be in synchronization with said official data source, thereby reflecting any changes in said official data source (v) a server engine comprising at least one server component offering a particular information service to said uID members worldwide (vi) a client engine comprising at least one client component enabling the receipt of said particular information service from counterpart said server components (vii) a unique server identifier (viii) at least one digital secret mapped to said server identifier (h) a multitude of client systems (hereinafter, “
  
  uID clients”
  
  ) coupled to said worldwide communications network, each comprising;
  
  (i) means for accepting input comprising said uID of user (hereinafter, the “
  
  enquirer”
  
  ) (ii) means for accepting input comprising said digital secret/s of said enquirer (iii) memory for storing said enquirer'"'"'s uID and said digital secret/s for the duration of use (iv) means for accepting input comprising said uID of any said uID member to be enquired upon (hereinafter, the “
  
  enquired”
  
  ) (v) a routing component for resolving said uID server hosting said record of said enquired (hereinafter, the enquired'"'"'s “
  
  Home uID Server”
  
  ) indicated by said country identifier in said enquired'"'"'s uID (vi) a request component for submitting to said enquired'"'"'s home uID server, a request for information mapped to said enquired'"'"'s uID in the form of one of said information services available from said enquired'"'"'s home uID server'"'"'s engine, authenticated by said enquirer'"'"'s uID and said digital secret/s stored in said memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The uID server system of claim 1, further including a security engine comprising:
    - (a) at least one security means for enabling said uID servers and said uID clients to establish a secure channel of communication between them, including the use of respective said uIDs and said digital secrets thereby ensuring that said information services requested, really originated from claimed said uID client and that said information services reach intended said uID client in a form of use solely to said uID client, in case delivery is intercepted (b) storage means for storing standard access rights to said data in said database as established by said global authority (c) rights update component for receiving and implementing updates to said standard access rights that may be established and sent by said global authority from time to time (d) rights customization component for enabling said uID member to create uID member-specific access rights to respective said record but within limitations set by said standard access rights (e) second storage means for storing said uID member-specific access rights.
  - 3. The security engine of claim 2 wherein said security means includes Public Key Infrastructure (PKI).
  - 4. The security engine of claim 2 wherein said security means includes Secure Sockets Layer (SSL).
  - 5. The method of claim 1 wherein said unique country identifier is a standard ISO-1366 two-letter identifier.
  - 6. The method of claim 1 wherein said information services include a single sign-on service for receiving and checking validity of a combination of said uID and said digital secret/s pertaining to said enquired from said enquirer thereby authenticating said enquired and authorizing said enquired to sign-on a service hosted by the enquirer on said worldwide communications network.
  - 7. The method of claim 1 wherein said information services include an enquiry service for allowing said enquirer to request information on enquired, if authorized according to said standard access rights and said uID member-specific access rights stored in said security engine.
  - 8. The method of claim 1 wherein said information services include a search service for searching for at least one said uID member matching a given search criteria.
  - 9. The method of claim 1 wherein one of said entities is people and wherein one of said official data sources is an official ID card database.
  - 10. The method of claim 9 wherein the absence of said uID group code in said uID implies an individual or said uID member of said people entity, thereby providing a convenient shortcut.
  - 11. The method of claim 1 wherein one of said entities is commercial organizations and wherein one of said official data sources is an official trade directory.
  - 12. The unique country identifier of claim 1 further comprising a secondary identifier representing a predetermined area in said participating nation overseen by a regional authority.
  - 13. The method of claim 1 wherein said digital secret includes a password.
  - 14. The method of claim 1 wherein said digital secret includes a digital signature.
  - 15. The method of claim 14 wherein said digital signature includes biometric data associated with said uID member.
  - 16. The method of claim 1 further including specifications comprising standard technology, established by said global authority for guiding the development and integration of said uID server and said uID clients thereby ensuring interoperability.
  - 17. The method of claim 16 wherein said standard technology includes XML (Extensible Markup Language).
  - 18. The method of claim 16 wherein said standard technology includes UDDI (Universal Description Discovery and Integration).
  - 19. The uID client of claim 1 wherein said means for accepting input of said digital secret includes a fingerprint reader.
  - 20. The uID client of claim 1 wherein said means for accepting input of said digital secret includes a face scanning and recognition device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Noel Abela
Original Assignee
Noel Abela
Inventors
Abela, Noel

Granted Patent

US 7,308,579 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06Q 20/3821   Electronic credentials

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

Method and system for internationally providing trusted universal identification over a global communications network

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

81 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for internationally providing trusted universal identification over a global communications network

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

81 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links