US2023026642A1PendingUtilityA1

System and method for autonomous mapping of enterprise identity

Assignee: PROVIDE TECH INCPriority: Nov 3, 2020Filed: Sep 27, 2022Published: Jan 26, 2023
Est. expiryNov 3, 2040(~14.3 yrs left)· nominal 20-yr term from priority
H04L 9/30G06Q 50/28G06Q 10/105H04L 9/3213H04L 9/085G06Q 2220/00H04L 9/0861G06Q 30/0185H04L 9/0841G06Q 10/0631H04L 9/50G06Q 10/08
56
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

The present disclosure may provide methods, systems, and computer-readable instructions for enabling the following operations: generating a secret key based on, at least in part, a target party's public key; encrypting a payload with the secret key, the payload comprising an auth token with a limited time to live (TTL); broadcasting, to a public blockchain, a message comprising the encrypted payload; receiving a request to establish a channel of communication outside of the public blockchain; receiving, with the request, the auth token within the TTL; validating the auth token within the TTL; establishing the channel of communication upon a validation of the auth token; engaging in a data-exchange over the channel of communication; verifying matching properties of the exchanged data with at least one internal system of record; and mapping an internal identifier within the at least one system of record to a decentralized identifier associated with the target party.

Claims

exact text as granted — not AI-modified
The following is claimed: 
     
         1 . A method comprising:
 generating a private key by a first organization communicating with a second organization over a blockchain;   establishing a decentralized identifier (DID) between the first organization and the second organization;   generating, by the first organization, a mapping solicitation message encrypted by the private key, wherein the mapping solicitation message comprises an authentication token with a limited time to live (TTL);   decrypting, by the second organization, the mapping solicitation message by the second organization's public key;   extracting the authentication token from the decrypted mapping solicitation message;   validating the authentication token within the TTL by the second organization using a blockchain validation mechanism;   responsive to the validation, establishing a secure communication channel off the blockchain between the second organization and a first organization's message end point; and   mapping an internal identifier associated with an entity connected to the first organization's message end point to the DID over the secure communication channel.   
     
     
         2 . The method of  claim 1 , further comprising executing a smart contract to broadcast the mapping solicitation message over the blockchain. 
     
     
         3 . The method of  claim 1 , further comprising:
 detecting the mapping solicitation message by the second organization;   decrypting the mapping solicitation message using a secret key based on the public key of the second organization;   determining a first organization's message end point address; and   presenting the authentication token for establishing the secure channel of communication at the first organization's message end point address within the TTL.   
     
     
         4 . The method of  claim 3 , wherein the determining of the first organization's message end point address comprises retrieving the first organization's message end point address from a blockchain ledger. 
     
     
         5 . The method of  claim 4 , wherein determining the first organization's message end point address comprises extracting the first organization's message end point address from the decrypted mapping solicitation message. 
     
     
         6 . The method of  claim 1 , further comprising:
 maintaining a ledger on the blockchain; and   executing one or more smart contracts on the blockchain to:
 publish a public key of the first organization on the ledger; 
 publish a public key associated with the second organization on the ledger; 
 publish the first organization's message end point address on the ledger; and 
 publish a message endpoint address of the second organization on the ledger. 
   
     
     
         7 . The method of  claim 6 , further comprising associating the second organization with the decentralized identifier retrieved from the ledger. 
     
     
         8 . The method of  claim 1 , further comprising:
 communicating, by the first organization, a message comprising at least one instruction on how to derive a secret key from the public key of the second organization;   receiving the message containing the confirmation of receipt; and   responsive to receiving a conformation of receipt of the at least one instruction, broadcasting the encrypted mapping solicitation message.   
     
     
         9 . A method comprising:
 retrieving by a requesting party a target public key associated with a target party based on a decentralized identifier (DID) associated with the target party and the requesting party;   generating a secret key based on the target public key and a private key of the requesting party;   generating a payload for establishing a direct private channel of communication between the requesting party and the target party, wherein the payload comprises an authentication token with a time to live (TTL);   encrypting the payload using the secret key;   broadcasting the encrypted payload to a blockchain;   validating the target party based on the DID and the authentication token used to retrieve the target party's public key; and   mapping an internal identifier associated with an entity connected to the requesting party to the DID over the direct private channel.   
     
     
         10 . The method of  claim 9 , further comprising:
 scanning the blockchain for the encrypted payload that can be decrypted by a key derived from the requesting party's public key;   decrypting the payload to extract the authentication token with the limited TTL; and   requesting to establish the direct private channel of communication at an endpoint associated with the requesting party based on the authentication token.   
     
     
         11 . The method of  claim 10 , further comprising:
 establishing a connection when the requesting party accepts the direct private channel of communication request; and   exchanging, over the direct private channel of communication between the requesting party and the target party, validation data used to validate the identity of the target party and the requesting party.   
     
     
         12 . The method of  claim 11 , further comprising:
 validating an identity of the requesting party based on the validation data; and   mapping an internal identifier of the target party to the DID.   
     
     
         13 . The method of  claim 9 , further comprising:
 receiving, from the target party, a request to establish the direct private channel of communication at an endpoint address associated with the requesting party, wherein receiving the request comprises receiving the authentication token with the request; and   accepting a connection if the request comprises the authentication token within the TTL.   
     
     
         14 . The method of  claim 13 , further comprising:
 exchanging, over the direct channel of communication between the requesting party and the target party, data used to validate an identity of at least one party;   validating the identity of the at least one party based on the data; and   responsive to the validation, mapping a private key of the first party with a public key of the target party.   
     
     
         15 . The method of  claim 14 , wherein receiving the request comprises receiving a request signed by the target party's public key. 
     
     
         16 . The method of  claim 14 , further comprising receiving the request within the TTL. 
     
     
         17 . The method of  claim 14 , wherein the data comprises hashes associated with underlying data corresponding to at least one record retrieved from a blockchain ledger. 
     
     
         18 . The method of  claim 9 , wherein the authentication token is embedded into the encrypted payload. 
     
     
         19 . The method of  claim 9 , further comprising:
 maintaining a blockchain ledger; and   executing one or more smart contracts on the blockchain to:
 publish the public key associated with the requesting party, 
 publish the public key associated with the target party, 
 publish a first endpoint address associated with the requesting party, and 
 publish a second endpoint address associated with the target party. 
   
     
     
         20 . The method of  claim 9 , wherein the mapping of the internal identifier associated with the entity connected to the requesting party to the decentralized identifier over the direct private channel comprises linking the private key of the requesting party to the target public key based on the authentication token.

Join the waitlist — get patent alerts

Track US2023026642A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.