Digital certificate proxy

US 20050138364A1
Filed: 02/07/2005
Published: 06/23/2005
Est. Priority Date: 09/06/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising the steps of:

receiving a request to authenticate identity of a user at a communication platform;

receiving a digital certificate and a short-term proxy of said digital certificate from said platform, wherein said short-term proxy expires after a predetermined expiration time; and

comparing said digital certificate and said short-term proxy with a plurality of digital certificates issued by a central certificate authority to enable authentication of said user'"'"'s identity.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention generates a temporary digital certificate with a useful life of only a few minutes to a few hours. An expiration time is attached to such temporary digital certificate by a secure computer platform that is presented with a user'"'"'s smart-card. Expiration dates one or two years after the issuance of the smart-card are conventional. A digital certificate issued by a central authority is carried within the smart card and is used by the secure computer platform to generate temporary digital certificate. The temporary digital certificate functions as a proxy digital certificate that will allow the user to immediately pocket the smart card and thus avoid the possibility of forgetting it in a card reader.

32 Citations

View as Search Results

20 Claims

1. A method comprising the steps of:
- receiving a request to authenticate identity of a user at a communication platform;
  
  receiving a digital certificate and a short-term proxy of said digital certificate from said platform, wherein said short-term proxy expires after a predetermined expiration time; and
  
  comparing said digital certificate and said short-term proxy with a plurality of digital certificates issued by a central certificate authority to enable authentication of said user'"'"'s identity.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1, wherein said comparing step further comprises the steps of:
    - providing a time-standard input to enable testing of said expiration time of said short-term proxy.
  - 3. The method according to claim 1, wherein said comparing step further comprises the steps of:
    - providing a time-standard input to enable testing of an expiration date of said digital certificate.
  - 4. The method according to claim 1, wherein said short-term proxy is created upon physical action of said user at said communication platform to position a token containing said digital certificate proximate to said communication platform.
  - 5. The method according to claim 1, further comprising the step of:
    - using said short-term proxy as a key to encrypt and decrypt messages at said communications platform.
  - 6. The method according to claim 2, wherein said time-standard input comprises any of an electronic dock, a radio station time broadcast, and a microwave transmission from a navigation satellite.

7. A user authentication system comprising:
- a communication platform coupled to a network for securing communications for a user; and
  
  a remote platform coupled to said network, wherein said remote platform further receives a request to authenticate identity of said user at said communication platform, receives a digital certificate and a short-term proxy of said digital certificate from said communication platform, wherein said short-term proxy expires after a predetermined expiration time, and compares said digital certificate and said short-term proxy with a plurality of digital certificates issued by a central certificate authority to enable authentication of said user'"'"'s identity.
- View Dependent Claims (8, 9, 10)
- - 8. The system according to claim 7, wherein said remote platform further receives a time-standard input to enable testing of said expiration time of said short-term proxy and an expiration date of said digital certificate.
  - 9. The system according to claim 8, wherein said time-standard input comprises any of an electronic clock, a radio station time broadcast, and a microwave transmission from a navigation satellite.
  - 10. The system according to claim 7, wherein said short-term proxy is created upon physical action of said user at said communication platform to position a token containing said digital certificate proximate to said communication platform.

11. A user authentication system comprising:
- means for receiving a request to authenticate identity of a user at a communication platform;
  
  means for receiving a digital certificate and a short-term proxy of said digital certificate from said platform, wherein said short-term proxy expires after a predetermined expiration time; and
  
  means for comparing said digital certificate and said short-term proxy with a plurality of digital certificates issued by a central certificate authority to enable authentication of said user'"'"'s identity.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system according to claim 11, further comprising:
    - means for providing a time-standard input to enable testing of said expiration time of said short-term proxy and an expiration date of said digital certificate.
  - 13. The system according to claim 11, wherein said short-term proxy is created upon physical action of said user at said communication platform to position a token containing said digital certificate proximate to said communication platform.
  - 14. The system according to claim 11, further comprising:
    - means for using said short-term proxy as a key to encrypt and decrypt messages at said communications platform.
  - 15. The system according to claim 12, wherein said time-standard input comprises any of an electronic dock, a radio station time broadcast, and a microwave transmission from a navigation satellite.

16. A computer readable medium containing executable instructions, which, when executed in a processing system, cause said processing system to perform a method comprising the steps of:
- receiving a request to authenticate identity of a user at a communication platform;
  
  receiving a digital certificate and a short-term proxy of said digital certificate from said platform, wherein said short-term proxy expires after a predetermined expiration time; and
  
  comparing said digital certificate and said short-term proxy with a plurality of digital certificates issued by a central certificate authority to enable authentication of said user'"'"'s identity.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The computer readable medium according to claim 16, wherein said method further comprises the step of:
    - providing a time-standard input to enable testing of said expiration time of said short-term proxy and an expiration date of said digital certificate.
  - 18. The computer readable medium according to claim 16, wherein said short-term proxy is created upon physical action of said user at said communication platform to position a token containing said digital certificate proximate to said communication platform.
  - 19. The computer readable medium according to claim 16, wherein said method further comprises:
    - using said short-term proxy as a key to encrypt and decrypt messages at said communications platform.
  - 20. The computer readable medium according to claim 17, wherein said time-standard input comprises any of an electronic clock, a radio station time broadcast, and a microwave transmission from a navigation satellite.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
James Anthony Roskind, Robert Lord, Terry N. Hayes
Original Assignee
James Anthony Roskind, Robert Lord, Terry N. Hayes
Inventors
Hayes, Terry N., Lord, Robert, Roskind, James Anthony

Application Number

US11/053,157
Publication Number

US 20050138364A1
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

G06Q 20/367   involving electronic purses...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 2209/80   Wireless network architectu...

H04L 9/3234   involving additional secure...

H04L 9/3263   involving certificates, e.g...

Digital certificate proxy

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

32 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Digital certificate proxy

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links