Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System and method to enable PKI- and PMI-based distributed locking of content and distributed unlocking of protected content and/or scoring of users and/or scoring of end-entity access means—added

a distributed locking and content technology, applied in the field of security based communication lines, can solve the problems of security being compromised, the identity of the other party's pubic key being challenged, and the difficulty of authenticating the identity of the other party's pubic key

Active Publication Date: 2016-02-23
T CENT
View PDF5 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This solution enables secure, user-friendly, and efficient exchange of sensitive documents between enterprises and third parties, reducing the need for manual retrieval and minimizing security risks, while maintaining high-grade assurance levels for end-to-end communication.

Problems solved by technology

In establishing and achieving secure communications between individuals and other individuals and / or businesses and / or with other businesses, authentication of identities of the other parties has been a challenge.
In the field of secure communications using public key cryptography, authenticating the pubic key of a remote party has been a challenge.
A third party has been know to impersonate the intended party and provide a public key purported to be from the desired remote party, but it is not, thus security can be compromised.
While helpful, such tools are cumbersome and less than absolute.
Symmetric key cryptography presents challenges not only in protecting the key in its owner's possession, but more critically in transmitting the key securely to a third party to whom the owner of the asset would like to provide access to the asset.
This is can be difficult to accomplish.
As a result the addition of new users, the establishment of user relationships, and the efficient flow of data between users are slowed by such a centrally managed bottleneck.
Additionally, it is difficult for businesses to efficiently manage (with good security of data and keys) the encryption of digital assets so that they are protected both in transit and at rest.
Such limitations result in a business' difficulty or inability to securely transmit a digital asset to such a third party.
For example, email is widely considered insecure for such uses.
Such mail / shipping options are both expensive and inconvenient for a business to provide.
The result of these limitations is that many businesses require their off-network third parties to login to a secure website and from there, then can access and download desired digital assets that are stored behind the business' firewall.
Such practices are not favorable for the third party users (e.g., customers).
Customers should maintain multiple unique, secure logins for each such business visited and they generally take the time and trouble to manually retrieve, download and save such digital assets.
It is noteworthy that once downloaded from such a business' secure website and saved to the third party user's computer, the digital assets are no longer secure.
They are typically save in plain text and thus are not secure at rest.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method to enable PKI- and PMI-based distributed locking of content and distributed unlocking of protected content and/or scoring of users and/or scoring of end-entity access means—added
  • System and method to enable PKI- and PMI-based distributed locking of content and distributed unlocking of protected content and/or scoring of users and/or scoring of end-entity access means—added
  • System and method to enable PKI- and PMI-based distributed locking of content and distributed unlocking of protected content and/or scoring of users and/or scoring of end-entity access means—added

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0004]The present descriptions generally relate to the field of enabling security based communication lines established between users when using X.509-compatible PKI and PMI and related tools (see FIG. 1“High-Level Depiction of Component- and Functional-Relationships in Combined Service Provider Model”). Rather than a centrally managed system of identity and relationship recognition and authorization, these functions are transferred to users through an Inviter-Invitee protocol suite, through which Inviters vouch for the identity of Invitees who successfully complete the protocol establishing communication lines. The Security Ecosystem includes an Attribute Authority which acts as a Trusted Third Party mediating service provider for users that can: securely set up identities, uniquely associate keys to identities and their invitees, thereby securing each communication line. The system delegates authorizations to inviters and invitees for each communication line, and then proceeds to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A central server configured with an Attribute Authority (“AA”) acting as a Trusted Third Party mediating service provider and using X.509-compatible PKI and PMI, VPN technology, device-side thin client applications, security hardware (HSM, Network), cloud hosting, authentication, Active Directory and other solutions. This ecosystem results in real time management of credentials, identity profiles, communication lines, and keys. It is not centrally managed, rather distributes rights to users. Using its Inviter-Invitee protocol suite, Inviters vouch for the identity of Invitees who successfully complete the protocol establishing communication lines. Users establish and respond to authorization requests and other real-time verifications pertaining to accessing each communication line (not end point) and sharing encrypted digital files. These are auditable, brokered, trusted-relationships where such relationships / digital agreements can each stand-alone (for privacy) or can leverage build-up of identity confidence levels across relationships. The service is agnostic to how encrypted user content is transported or stored.

Description

CROSS REFERENCE TO RELATED APPLICATIONS[0001]This application claims priority under 35 U.S.C. §119(e) from U.S. Provisional Patent Application No. 61 / 792,927, filed Mar. 15, 2013, titled “SYSTEM AND METHOD TO ENABLE PM- AND PMI-BASED DISTRIBUTED LOCKING OF CONTENT AND DISTRIBUTED UNLOCKING OF PROTECTED CONTENT AND / OR SCORING OF USERS AND / OR SCORING OF END-ENTITY ACCESS MEANS,” which is incorporated herein by reference and for all purposes.[0002]This application is a continuation-in-part and claims priority under 35 U.S.C. §120 from U.S. patent application Ser. No. 13 / 481,553, tilted “METHODS AND APPARATUS FOR PREVENTING CRIMEWARE ATTACKS,” filed May 25, 2012, by Kravitz, et al, which claimed priority under 35 U.S.C. §119(e) from U.S. Provisional Patent Application No. 61 / 650,866, filed May 23, 2012, entitled “METHOD AND APPARATUS FOR A CYBERSECURITY ECOSYSTEM,” by Kravitz et al., which is incorporated herein by reference and for all purposes and which also claimed priority under 35 ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(United States)
IPC IPC(8): H04L9/32H04L29/06H04L9/08
CPCH04L63/08H04L9/0822H04L9/0894H04L9/3247H04L63/061H04L9/006H04L9/0825H04L67/125H04L67/10H04L67/53H04L63/0435
Inventor KRAVITZ, DAVID W.GRAHAM, III, DONALD HOUSTONBOUDETT, JOSSELYN L.DIETZ, RUSSELL S.
Owner T CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products