Fully electronic identity authentication
First Claim
Patent Images
1. An automated identity authentication and voting system comprising:
- a computer for allowing a user to access an authentication system and a central hosting facility through a network, wherein the authentication system performs identity proofing and assigns a roaming digital certificate to the user in response to the user submitting an approved credential and registers the user to vote with the central hosting facility by completing an electronic application and digitally signing the application with the assigned roaming digital certificate, and wherein the central hosting facility comprises;
a system web server for housing a home page and web pages, a data storage device, and an application processing segment including;
a ballot creation subsystem for creating a ballot definition file by an official of the local election office, transforming the ballot definition file to a standard format, validating the ballot by the local election official, and providing the ballot for use by the user, a voting subsystem for providing secure voting by identifying and authenticating a user that logs in to vote and request a ballot, retrieving the user'"'"'s identification information and digital certificate, generating a ballot from the user'"'"'s local election office ballot definition file, digitally signing the ballot, sending the ballot to the user, receiving from the user the completed ballot digitally signed with the user'"'"'s roaming digital certificate, time stamping the ballot, encrypting the ballot with a user'"'"'s symmetric key, and storing the encrypted ballot, transmitting a ballot summary to the user for confirmation, receiving confirmation, time stamping the ballot and encrypting the user'"'"'s symmetric key with the local election office'"'"'s public key, and storing the encrypted symmetric key and associated encrypted ballot, and a ballot tabulation and reconciliation subsystem and associated processes for reconciling encrypted ballots, wherein ballot tabulation includes providing the local election official with a token and a tabulation computer and requiring the election official to login to the tabulation computer and a second election official to login to the central hosting facility, separating voter identification information from the encrypted ballots and transferring the encrypted ballots to the tabulation computer, decrypting the ballots by decrypting the symmetric key associated with each ballot with the local election office'"'"'s public key and decrypting each ballot with its associated symmetric key, and tabulating the decrypted ballots.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a system and method for fully electronic identity authentication, with particular application to electronic election registration and voting. In particular, the present invention provides an authentication system that operates in conjunction with a secure server to authenticate users to provide access information as needed for the authenticated users to access the secure server.
38 Citations
24 Claims
-
1. An automated identity authentication and voting system comprising:
-
a computer for allowing a user to access an authentication system and a central hosting facility through a network, wherein the authentication system performs identity proofing and assigns a roaming digital certificate to the user in response to the user submitting an approved credential and registers the user to vote with the central hosting facility by completing an electronic application and digitally signing the application with the assigned roaming digital certificate, and wherein the central hosting facility comprises;
a system web server for housing a home page and web pages, a data storage device, and an application processing segment including;
a ballot creation subsystem for creating a ballot definition file by an official of the local election office, transforming the ballot definition file to a standard format, validating the ballot by the local election official, and providing the ballot for use by the user, a voting subsystem for providing secure voting by identifying and authenticating a user that logs in to vote and request a ballot, retrieving the user'"'"'s identification information and digital certificate, generating a ballot from the user'"'"'s local election office ballot definition file, digitally signing the ballot, sending the ballot to the user, receiving from the user the completed ballot digitally signed with the user'"'"'s roaming digital certificate, time stamping the ballot, encrypting the ballot with a user'"'"'s symmetric key, and storing the encrypted ballot, transmitting a ballot summary to the user for confirmation, receiving confirmation, time stamping the ballot and encrypting the user'"'"'s symmetric key with the local election office'"'"'s public key, and storing the encrypted symmetric key and associated encrypted ballot, and a ballot tabulation and reconciliation subsystem and associated processes for reconciling encrypted ballots, wherein ballot tabulation includes providing the local election official with a token and a tabulation computer and requiring the election official to login to the tabulation computer and a second election official to login to the central hosting facility, separating voter identification information from the encrypted ballots and transferring the encrypted ballots to the tabulation computer, decrypting the ballots by decrypting the symmetric key associated with each ballot with the local election office'"'"'s public key and decrypting each ballot with its associated symmetric key, and tabulating the decrypted ballots.
-
-
2. An automated electronic identity authentication system comprising:
-
a central hosting facility connected to a network, the central hosting facility including a home page as an access point, an application processing segment for providing election processing, and a storage segment for temporary and persistent storage of data;
a remote computing device that allows a user to connect to the network for accessing the central hosting facility; and
an authentication system connected to the central hosting facility and to the remote computing device, wherein the authentication system receives and processes identifying data from the user and assigns a roaming digital certificate to the user in response to the user submitting an approved identifying data, wherein the an authentication system completes an electronic application, digitally signs the application with the assigned roaming digital certificate, and forwards the digitally signed application to the central hosting facility. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for automated electronic identity authentication through an electronic registration system, comprising the steps of:
-
providing a computer to a user;
the computer accessing an electronic registration system and forwarding user identifying data to the electronic registration system;
the electronic registration system receiving and processing the identifying data; and
assigning a roaming digital certificate to the user in response to the identifying data, wherein the an authentication system completes an electronic application, digitally signs the application with the assigned roaming digital certificate, and forwards the digitally signed application to a remote server. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification