Security framework and protocol for universal pervasive transactions
First Claim
Patent Images
1. A computer system securely transmitting and verifying a two-party agreement, said system comprising:
- a first device, operated by the first party, developing and transmitting a first view of the two-party agreement based upon first device respective non-transmitted and transmitted transaction time dependent and device dependent parameters, the first view including an encrypted part based upon the first device non-transmitted time dependent and device dependent parameters and an unencrypted plaintext part including the first device transmitted transaction time dependent and device dependent parameters,wherein the first device encrypts the encrypted part of the first view using a first device encryption key according to a deterministic algorithm based on a non-stored Private Identification Entry (PIE) input to the first device and a deterministic algorithm based on the first device non-transmitted transaction time dependent and device dependent parameters;
a second device, operated by the second party, developing and transmitting a second view of the two-party agreement, the second view including an encrypted part encrypted by a second device encryption key and an unencrypted plaintext part including second device transmitted transaction time dependent and device dependent parameters; and
a third device comprising a verification partyreceiving the first view and the second view,generating the first device encryption key based upon the first device transmitted transaction time dependent and device dependent parameters and information known by the third device about the first device PIE and the first device non-transmitted time dependent and device dependent parameters,generating the second device encryption key based upon the second device transmitted transaction time dependent and device dependent parameters,decrypting the encrypted part of the first and second views, based upon the respective first and second device encryption keys,comparing the first view with the second view, andtransmitting a signal based on the comparing,wherein the first device PIE and the first and second device encryption keys are not communicated among the first, second and third devices.
3 Assignments
0 Petitions
Accused Products
Abstract
A computer system, a method of a computer system and a computer-readable medium securely transmit and verify a multiparty agreement. The method, the computer system, and the computer readable medium include developing and transmitting views of the multi-party agreement by each party to a separate verification party. The verification party authenticates the participants and determines whether the views of the agreement are mutually consistent, and notifies the partys of the results of the comparison.
348 Citations
32 Claims
-
1. A computer system securely transmitting and verifying a two-party agreement, said system comprising:
-
a first device, operated by the first party, developing and transmitting a first view of the two-party agreement based upon first device respective non-transmitted and transmitted transaction time dependent and device dependent parameters, the first view including an encrypted part based upon the first device non-transmitted time dependent and device dependent parameters and an unencrypted plaintext part including the first device transmitted transaction time dependent and device dependent parameters, wherein the first device encrypts the encrypted part of the first view using a first device encryption key according to a deterministic algorithm based on a non-stored Private Identification Entry (PIE) input to the first device and a deterministic algorithm based on the first device non-transmitted transaction time dependent and device dependent parameters; a second device, operated by the second party, developing and transmitting a second view of the two-party agreement, the second view including an encrypted part encrypted by a second device encryption key and an unencrypted plaintext part including second device transmitted transaction time dependent and device dependent parameters; and a third device comprising a verification party receiving the first view and the second view, generating the first device encryption key based upon the first device transmitted transaction time dependent and device dependent parameters and information known by the third device about the first device PIE and the first device non-transmitted time dependent and device dependent parameters, generating the second device encryption key based upon the second device transmitted transaction time dependent and device dependent parameters, decrypting the encrypted part of the first and second views, based upon the respective first and second device encryption keys, comparing the first view with the second view, and transmitting a signal based on the comparing, wherein the first device PIE and the first and second device encryption keys are not communicated among the first, second and third devices. - View Dependent Claims (16, 17, 18)
-
- 2. The computer system as in 1, wherein either the first device transmits the first view to the third device and the second device independently transmits the second view to the third device, or the first device transmits the first view to the second device and the second device concatenates the first view and the second view and transmits the concatenated view to the third device.
-
19. A computer system securely transmitting and verifying a multi-party agreement among N parties where N is larger than or equal to two, said computer system comprising:
-
a collection of N devices, each device operated by a party to the agreement, developing and transmitting its view of the multi-party agreement based upon non-transmitted and transmitted transaction time dependent and device dependent parameters, each view including an encrypted part based upon the device non-transmitted time dependent and device dependent parameters and an unencrypted plaintext part including the device transmitted transaction time dependent and device dependent parameters, wherein each device encrypts the encrypted part of its view using a device encryption key according to a deterministic algorithm based on a respective non-stored Private Identification Entry (PIE) input to each device and the device non-transmitted transaction time dependent and device dependent parameters; and an N+1-st device comprising a verification party receiving the views from the N agreement parties, generating the device encryption keys of the N agreement parties based upon the device transmitted transaction time dependent and device dependent parameters and information known by the N+1-st device about the PIE and the device non-transmitted time dependent and device dependent parameters, decrypting the encrypted part of each view based upon the device encryption keys, comparing the views from the N agreement parties, and transmitting a response signal based on the comparing, wherein the PIE and the device encryption keys are not communicated among the N agreement. - View Dependent Claims (28)
-
- 20. The computer system as in 19, wherein either each of the N devices independently transmits its view to the N+1-st device comprising the verification party, or, each of the N devices concatenates its view to a list of views until all N views are collected so that each view appears once in the list and the list is then transmitted to the N+1-st device.
-
29. A method of securely transmitting and verifying a two-party agreement in a computer system, said method comprising:
-
developing and transmitting, by a first device operated by a first party, a first view of the two-part agreement based upon first device respective non-transmitted and transmitted transaction time dependent and device dependent parameters, the first view including an encrypted part based upon the first device non-transmitted time dependent and device dependent parameters and an unencrypted plaintext part including the first device transmitted transaction time dependent and device dependent parameters, wherein the encrypted part is encrypted using a first device encryption key according to a deterministic algorithm based on a non-stored Private Identification Entry (PIE) input to the first device and the first device non-transmitted transaction time dependent and device dependent parameters; developing and transmitting, by a second device operated by a second party, a second view of the two-party agreement, the second view including an encrypted part encrypted by a second device encryption key and an unencrypted plaintext part including second device transmitted transaction time dependent and device dependent parameters; and receiving, by a third device comprising a verification party, the first view and the second view, generating the first device encryption key based upon the first device transmitted transaction time dependent and device dependent parameters and information known by the third device about the PIE and the first device non-transmitted time dependent and device dependent parameters, generating the second device encryption key based upon the second device transmitted transaction time dependent and device dependent parameters, decrypting the encrypted part of the first and second views, based upon the respective first and second device encryption keys, comparing the first view with the second view transmitting a signal based on the comparing, wherein the PIE and the first and second device encryption keys are not communicated among the first, second and third devices.
-
-
30. A method securely transmitting and verifying a multi-party agreement among N parties where N is larger than or equal to two, in a computer system, said method comprising:
-
developing and transmitting, by a collection of N devices each device operated by a party to the agreement, its view of the multi-party agreement based upon non-transmitted and transmitted transaction time dependent and device dependent parameters, each view including an encrypted part based upon the device non-transmitted time dependent and device dependent parameters and an unencrypted plaintext part including the device transmitted transaction time dependent and device dependent parameters, wherein the encrypted part is encrypted using a device encryption key according to a deterministic algorithm based upon a respective non-stored Private Identification Entry (PIE) input to each device and the device non-transmitted transaction time dependent and device dependent parameters; and receiving, by an N+1-st device comprising a verification party, the views from the N agreement parties, generating the respective device encryption keys of the N agreement parties based upon the device transmitted transaction time dependent and device dependent parameters and information known by the N+1-st device about the PIE and the device non-transmitted time dependent and device dependent parameters, decrypting the encrypted part of each view based upon the device encryption keys, comparing the views from the N agreement parties and transmitting a response signal based on the comparing, wherein the PIE and the device encryption keys are not communicated among the N agreement parties.
-
-
31. A computer readable storage controlling a computer to securely transmit and verify a two-party agreement, by the functions comprising:
-
developing and transmitting, by a first device operated by the first party, a first view of the two-party agreement based upon first device respective non-transmitted and transmitted transaction time dependent and device dependent parameters, the first view including an encrypted part based upon the first device non-transmitted time dependent and device dependent parameters and an unencrypted plaintext part including the first device transmitted transaction time dependent and device dependent parameters, wherein the encrypted part is encrypted using a first device encryption key according to a deterministic algorithm based on a non-stored Private Identification Entry (PIE) input to the first device and the first device non-transmitted transaction time dependent and device dependent parameters; developing and transmitting, by a second device operated by the second party, a second view of the two-party agreement, the second view including an encrypted part encrypted by a second device encryption key and an unencrypted plaintext part including second device transmitted transaction time dependent and device dependent parameters; and receiving, by a third device comprising a verification party, the first view and the second view, generating the first device encryption key based upon the first device transmitted transaction time dependent and device dependent parameters and information known by the third device about the PIE and the first device non-transmitted time dependent and device dependent parameters, generating the second device encryption key based upon the second device transmitted transaction time dependent and device dependent parameters, decrypting the encrypted part of the first and second views, based upon the respective first and second device encryption keys, comparing the first view with the second view and transmitting a signal based on the comparing, wherein the PIE and the first and second device encryption keys are not communicated among the first, second and third devices.
-
-
32. A computer readable storage controlling a computer to securely transmit and verify a multi-party agreement among N parties where N is larger than or equal to two, by the functions comprising:
-
developing and transmitting, by a collection of N devices each device operated by a party to the agreement, its view of the multi-party agreement based upon non-transmitted and transmitted transaction time dependent and device dependent parameters, each view including an encrypted part based upon the device non-transmitted time dependent and device dependent parameters and an unencrypted plaintext part including the device transmitted transaction time dependent and device dependent parameters, wherein the encrypted part is encrypted using a first device encryption key according to a deterministic algorithm based on a respective non-stored Private Identification Entry (PIE) input to each device and the first device non-transmitted transaction time dependent and device dependent parameters; and receiving, by an N+1-st device comprising a verification party, the views from the N agreement parties, generating the respective device encryption keys of the N agreement parties based upon the transmitted device transaction time dependent and device dependent parameters and information known by the N+1-st device about the PIE and the device non-transmitted time dependent and device dependent parameters, decrypting the encrypted part of each view based upon the device encryption keys, comparing the views from the N agreement parties and transmitting a response signal based on the comparing, wherein the PIE and the device encryption keys are not communicated among the N agreement parties.
-
Specification