Methods for operating infrastructure and applications for cryptographically-supported services
Abstract
In an infrastructure in which some of a plurality of entities provide cryptographically supported services, a method of registering a subscriber entity of a plurality of entities at a principal entity of a plurality of entities, the method comprising the subscriber entity requesting service from the principal entity by sending a request message to a registrar entity of the plurality of entities; the registrar entity verifying the subscriber entity and forwarding the request for service to the principal entity; the principal entity storing the forwarded request and transmitting an acknowledgement message to the registrar entity, the acknowledgement stating acceptance and authentication/authorization information that the subscriber entity requires for the requested service; and the registrar entity verifying the authenticity of the received acknowledgement message, and, if correct, forwarding the acknowledgement message to the subscriber entity.
Claims
exact text as granted — not AI-modified1 . A computer program product, comprising instructions that when executed cause a computer to perform a method of registering a subscriber entity of a plurality of entities at a principal entity of a plurality of entities, the method comprising:
the subscriber entity requesting service from the principal entity by sending a request message to a registrar entity of the plurality of entities; the registrar entity verifying the subscriber entity and forwarding the request for service to the principal entity; the principal entity storing the forwarded request and transmitting an acknowledgement message to the registrar entity, the acknowledgement stating acceptance and authentication/authorization information that the subscriber entity requires to obtain or access the requested service; and the registrar entity verifying the authenticity of the received acknowledgement message, and, if correct, forwarding the acknowledgement message to the subscriber entity.
2 . The computer product of claim 1 , wherein the request message contains an indication of a type of service requested by the subscriber entity.
3 . The computer product of claim 2 , wherein the request message contains one or more selected from the following:
(a) a unique reference to the subscriber entity; (b) attributes about the subscriber entity; (c) authentication information to be used to authenticate use of the service; (d) transactional verification information; (e) a representation by the subscriber entity agreeing to what the entity subscriber accepts; (f) a preferred service relationship; and (g) a subscriber entity's authenticator.
4 . The computer product of claim 3 , wherein the unique reference to the subscriber entity is at least one selected from (a) the subscriber entity's identity, (b) a pseudonym for one-time service, or (c) a pseudonym for continued use of the service
5 . The computer product of claim 3 , wherein a session identifier links future responses to this particular request.
6 . The computer product of claim 3 , wherein the attributes about the subscriber entity include:
(a) a self-representation; and (b) a third-party representation asserting attributes.
7 . The computer product of claim 6 , wherein the representation and attribute include at least some selected from:
(a) an address; (b) employment information; (c) information from one or more other entities needed for service provisioning; or (d) an authorization from another party.
8 . The computer product of claim 1 , wherein the method further comprises moving the registration for service from the principal entity to another entity of the plurality of entities.
9 . The computer product of claim 8 , wherein moving the registration of services is supervised by one or more authorities.
10 . The computer product of claim 1 , wherein the service includes operating a cryptographically-supported transaction involving the subscriber entity, the principal entity and possibly one or more additional entities.
11 . The computer product of claim 1 , wherein the service is a subset of a totality of services.
12 . The computer product of claim 11 , wherein another subset of the totality of services to the subscriber entity is provided by an entity different from the principal entity.
13 . The computer product of claim 12 , wherein the subscriber entity can modify the subset of totality of services between entities.
14 . The computer product of claim 1 , wherein provision of service may involve an additional entity from the plurality of entities.
15 . The computer product of claim 14 , wherein provision of service is split between the principal entity and the additional entity.
16 . The computer product of claim 1 , wherein provision of service by the principal entity on behalf of the subscriber entity is given by the operating infrastructure to an entity within the plurality of entities.
17 . The computer product of claim 1 , wherein the provision of service by the principal entity involves other entities within the plurality of entities.
18 . The computer product of claim 1 , wherein the service is a warranty service.
19 . The computer product of claim 18 , wherein the warranty service involves correctness of representation of information.
20 . The computer product of claim 19 , wherein the representation of information is at least one selected from: (a) identity information, (b) financial information; or (c) information derived from provision of service within the infrastructure.
21 . The computer product of claim 18 , wherein the infrastructure includes a mechanism to initiate claims against failed warranty.
22 . The computer product of claim 1 , wherein provision of service involves control of access.
23 . The computer product of claim 1 , wherein at least one of the plurality of entities is an enterprise.
24 . The computer product of claim 1 , wherein at least one of the plurality of entities is a financial institute.
25 . The computer product of claim 1 , wherein provision of service by the principal entity is directed by the subscriber entity.
26 . The computer product of claim 1 , wherein some of the plurality of entities are supervised by one or more other entities in at least one transaction.
27 . The computer product of claim 1 , wherein service involves a fee based on a service agreement and contract.
28 . The computer product of claim 1 , wherein added management and one or more additional entities assure integrity of transactions within the infrastructure.
29 . The computer product of claim 28 , wherein integrity of the management function is enhanced by providing two or more independent reports.
30 . The computer product of claim 28 , wherein the management function controls actions of assurance offering entities on a per transaction basis.
31 . A computer program product, comprising instructions that when executed cause a computer to perform a method of registering a subscriber entity of a plurality of entities at a principal entity of a plurality of entities, the method comprising:
a registrar entity of the plurality of entities receiving a request message from the subscriber entity requesting service from the principal entity; the registrar entity verifying the subscriber entity and forwarding the request for service to the principal entity for storage by the principal entity; and the registrar entity receiving from the principal entity an acknowledgement message, the acknowledgement stating acceptance and authentication/authorization information that the subscriber entity requires to obtain or access the requested service, verifying the authenticity of the received acknowledgement message, and, if correct, forwarding the acknowledgement message to the subscriber entity.
32 . The computer product of claim 31 , wherein the service includes:
operating a cryptographically-supported transaction involving the subscriber entity, the principal entity and possibly one or more additional entities.
33 . The computer product of claim 31 , further comprising:
moving the registration for service from the principal entity to another entity of the plurality of entities.
34 . A computer program product, comprising instructions that when executed cause a computer to perform a method of registering a subscriber entity of a plurality of entities at a principal entity of a plurality of entities, the method comprising:
the principal entity receiving from a registrar entity of the plurality of entities a forwarded request by the subscriber entity for service from the principal entity, the request for service sent to the registrar entity by the subscriber entity and the subscriber entity being verified by the registrar entity; and the principal entity storing the forwarded request and transmitting an acknowledgement message, the acknowledgement stating acceptance and authentication/authorization information that the subscriber entity requires to obtain or access the requested service, to the registrar entity for verification by the registrar entity of the authenticity of the received acknowledgement message, and, if correct, forwarding the acknowledgement message by the registrar entity to the subscriber entity.
35 . The computer product of claim 34 , wherein the service includes operating a cryptographically-supported transaction involving the subscriber entity, the principal entity and possibly one or more additional entities.
36 . The computer product of claim 34 , wherein the method further comprises moving the registration for service from the principal entity to another entity of the plurality of entities.
37 . The computer product of claim 34 , wherein the method further comprises providing, by the principal entity, at least one of a set of various service transactions to the subscriber entity.
38 . The computer product of claim 37 , wherein the providing involves the certification of digital identities.
39 . The computer product of claim 37 , wherein at least one of the service transactions involves assuring an entity's state.
40 . The computer product of claim 37 , wherein at least one of the service transactions involves assuring financial information.
41 . The computer product of claim 37 , wherein at least one of the service transactions involves assurance of identity and assurance of entity's state.
42 . The computer product of claim 37 , further comprising modifying the registration of the subscriber entity at the principal entity.
43 . The computer product of claim 42 , wherein modification is supervised by one or more authorities.
44 . The computer product of claim 42 , wherein registration modification transactions involve managing capabilities.
45 . The computer product of claim 42 , wherein registration modification transactions involve cryptographic key management.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.