Information security – Access control or authentication – Network
Reexamination Certificate
2007-05-01
2007-05-01
Revak, Christopher (Department: 2131)
Information security
Access control or authentication
Network
C713S157000, C713S175000, C709S229000
Reexamination Certificate
active
09310165
ABSTRACT:
In accordance with the invention, a presenter of credentials presents to a recipient of credentials one or more chains of group credentials to prove entity membership or non-membership in a nested group in a computer network. The ability to present a chain of credentials is particularly important when a client is attempting the prove membership or non-membership in a nested group and one or more of the group servers in the family tree are off-line. A chain of group credentials includes two or more proofs of group membership and/or proofs of group non-membership Furthermore, the proofs of group membership may include one or more group membership certificates and/or one or more group membership lists; and proofs of group non-membership may include one or more group non-membership certificates and/or one or more group membership lists.
REFERENCES:
patent: 4529870 (1985-07-01), Chaum
patent: 5173939 (1992-12-01), Abadi et al.
patent: 5220604 (1993-06-01), Gasser et al.
patent: 5224163 (1993-06-01), Gasser et al.
patent: 5261002 (1993-11-01), Perlman et al.
patent: 5283830 (1994-02-01), Hinsley et al.
patent: 5311591 (1994-05-01), Fischer
patent: 5315657 (1994-05-01), Abadi et al.
patent: 5339403 (1994-08-01), Parker
patent: 5586260 (1996-12-01), Hu
patent: 5687235 (1997-11-01), Perlman et al.
patent: 5757920 (1998-05-01), Misra et al.
patent: 5764772 (1998-06-01), Kaufman et al.
patent: 5768519 (1998-06-01), Swift et al.
patent: 5815574 (1998-09-01), Fortinsky
patent: 5825891 (1998-10-01), Levesque et al.
patent: 5826012 (1998-10-01), Lettvin
patent: 5898784 (1999-04-01), Kirby et al.
patent: 5901227 (1999-05-01), Perlman
patent: 5922074 (1999-07-01), Richard et al.
patent: 5983350 (1999-11-01), Minear et al.
patent: 5991807 (1999-11-01), Schmidt et al.
patent: 6047325 (2000-04-01), Jain et al.
patent: 6079020 (2000-06-01), Liu
patent: 6088805 (2000-07-01), Davis et al.
patent: 6092191 (2000-07-01), Shimbo et al.
patent: 6101543 (2000-08-01), Alden et al.
patent: 6134550 (2000-10-01), Van Oorschot et al.
patent: 6138235 (2000-10-01), Lipkin et al.
patent: 6158011 (2000-12-01), Chen et al.
patent: 6212634 (2001-04-01), Geer et al.
patent: 6216231 (2001-04-01), Stubblebien
patent: 6219706 (2001-04-01), Fan et al.
patent: 6223291 (2001-04-01), Puhl et al.
patent: 6230266 (2001-05-01), Perlman et al.
patent: 6256741 (2001-07-01), Stubblebine
patent: 6263434 (2001-07-01), Hanna et al.
patent: 6275941 (2001-08-01), Saito et al.
patent: 6301658 (2001-10-01), Koehler
patent: 6308274 (2001-10-01), Swift
patent: 6308277 (2001-10-01), Vaeth et al.
patent: 6366913 (2002-04-01), Fitler et al.
patent: 6370648 (2002-04-01), Diep
patent: 6397329 (2002-05-01), Aiello et al.
patent: 6405313 (2002-06-01), Reiter et al.
patent: 6408336 (2002-06-01), Schneider et al.
patent: 6438690 (2002-08-01), Patel et al.
patent: 6463474 (2002-10-01), Fuh et al.
patent: 6484203 (2002-11-01), Porras et al.
patent: 6490367 (2002-12-01), Carlsson et al.
patent: 6496858 (2002-12-01), Frailong et al.
patent: 6557104 (2003-04-01), Vu et al.
patent: 6754661 (2004-06-01), Hallin et al.
patent: 6772331 (2004-08-01), Hind et al.
patent: 6801998 (2004-10-01), Hanna et al.
patent: 6883100 (2005-04-01), Elley et al.
patent: 2002/0144149 (2002-10-01), Hanna et al.
patent: 2003/0028585 (2003-02-01), Yeager et al.
patent: 2003/0041141 (2003-02-01), Abdelaziz et al.
patent: 2003/0055894 (2003-03-01), Yeager et al.
patent: 2003/0055898 (2003-03-01), Yeager et al.
patent: 2003/0056093 (2003-03-01), Huitema et al.
patent: 2004/0054899 (2004-03-01), Balfanz et al.
patent: 0779570 (1997-06-01), None
patent: 0942568 (1999-09-01), None
patent: 98/10381 (1998-03-01), None
patent: WO 99/41878 (1999-08-01), None
Woo et al, “A Framework for Distributed Authorization” Nov. 1993, ACM 1stConference Computer and Communication Security, p. 112-118.
Kaufman, Charlie et al., “Network Security, Private Communication in a Public World,” PTR Prentice Hall, 1995, chapters 5, 7 and 8 pp. 129-161, and pp. 177-222.
Kaufman, Charlie et al., “Network Security, Private Communication in a Public World,” PTR Prentice Hall, 1995, pp. 455-459.
Micali, “Enhanced Certificate Revocation System,” MIT Laboratory for Computer Science.
Micali, “Efficient Certificate Revocation,” MIT Laboratory for Computer Science (Mar. 22, 1996).
Myers et al., “X.509 Internet Public Key Infrastructure Online Certificate Status Protocol OCSP,” (Sep. 1998).
Rivest, “Can We Eliminate Certificate Revocation Lists?” MIT Laboratory for Computer Science.
Ryutov et al., “Access Control Framework for Distributed Applications,”USC/Information Sciences Institute(Aug. 7, 1998).
Gaul et al., “Mining Generalized Association Rules for Sequential and Path Data,” 2001,IEEE, pp. 593-596.
Morrissey, P., “Demystifying Crisco Access Control Lists,” Apr. 1998,Network Computing, pp. 116, 118 and 120.
International Search Report completed on Oct. 2, 2002 and mailed Oct. 9, 2002.
Kaufman, Charlie, et al,Network Security, Private Communication in a Public World,PTR Prentice Hall,1995, chapters 5,7 and 8, pp. 129-161, and pp. 177-222.
Kaufman, Charlie, et al,Network Security, Private Communication in a Public World, PTR, Prentice Hall, 1995, pp. 455-459.
Anonymous, “Boot Disk Recovery”, http://www.measureup.com/testobjects/MS—NT4W/5a8cbb2.htm, Apr. 21, 1998.
Eastlake, et al., “Domain Name System Security”, Network Working Group, Standards Track, Request for Comments 2065, RFC 2065, Jan. 1997, 1-36.
Gaul, et al., “Mining Generalized Association Rules for Sequential and Path Data”, IEEE, 2001, 593-596.
Housley, et al., “Network Working Group; Internet X.509”, Public Key Infrastructure Certificate and Profile, Jan. 1999.
ITU-Information Technology, “Open Systems Interconnection—The Directory: Authentication Framework, Recommendation X.509”, Nov. 1993.
Jerman-Blazic, et al., “A Tool for Support of Key Distribution and Validity Certificate Cherck in Global Directory Service”, Computer Networks and ISDN Systems, 1996.
Kaufman, “DASS Distributed Authentication”, Network Working Group, Request for Comments 1507, RFC 1507, Sep. 1993, 1-103.
Kent, “Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management”, Network Working Group, Request for Comments 1422, Obsoletes 1114, Feb. 1993, 1-28.
Linn, “Privacy Enhancement for Internet Electronic Mail: Part 1: Message Encryption and Authentication Proc”, Network Working Group, Request for Comments 1421, Obsoletes 1113, Feb. 1993, 1-37.
Morrissey, “Demystifying Cisco Access Control Lists, pp. 116, 118 and 120”, Network Computing, Apr. 1998.
Myers, et al., “Network Working Group; Internet X.509 Certificate Request Message Format”, Mar. 1999.
Spinellis, et al., “Trusted Third Party Services for Deploying Secure Telemedical Applications Over the WWW”, Computers & Security, 1999, vol. 18.
Verisign, “Verisign Certification Practice Statement”, Verisign CPS, May 15, 1997, Version1.2.
Woo, et al., “A Framework for Distributed Authorization”, ACM 1st Conference Computer and Communication Security, Nov. 1993, p. 112-118.
Anderson Anne H.
Elley Yassir K.
Hanna Stephen R.
Mullan Sean J.
Perlman Radia J.
Chapin IP Law LLC
Chapin, Esq. Barry W.
Revak Christopher
Sun Microsystems Inc.
LandOfFree
Method and system for proving membership in a nested group... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for proving membership in a nested group..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for proving membership in a nested group... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3729426