Information security – Access control or authentication – Network
Reexamination Certificate
2009-11-17
2011-11-01
Hoffman, Brandon (Department: 2433)
Information security
Access control or authentication
Network
Reexamination Certificate
active
08051469
ABSTRACT:
A cryptographic session key is utilized to maintain security of a digital identity. The session key is valid only for a limited period of time. Additional security is provided via a bimodal credential allowing different levels of access to the digital identify. An identity token contains pertinent information associated with the digital identity. The identity token is encrypted utilizing public-key cryptography. An identifier utilized to verify the validity of the digital identity is encrypted with the cryptographic session key. The encrypted identity token and the encrypted identifier are provided to a service for example. The service decrypts the encrypted identity token utilizing public key cryptography, and decrypts, with the cryptographic session key obtained from the identity token, the encrypted identifier. If the identifier is determined to be valid, the transaction proceeds normally. If the identifier is determined to be invalid, the transaction is halted.
REFERENCES:
patent: 6292895 (2001-09-01), Baltzley
patent: 6912659 (2005-06-01), Labaton
patent: 2003/0074660 (2003-04-01), McCormack et al.
patent: 2004/0030887 (2004-02-01), Harrisville-Wolff et al.
patent: 2004/0078571 (2004-04-01), Haverinen
patent: 2004/0149820 (2004-08-01), Zuili
patent: 2005/0039016 (2005-02-01), Aissi et al.
patent: 2005/0076198 (2005-04-01), Skomra et al.
patent: 2005/0149759 (2005-07-01), Vishwanath et al.
patent: 1 542 117 (2005-06-01), None
patent: WO 03/029942 (2003-04-01), None
Entrust,Entrust TruePass, Features and Benefits, http://www.entrust.com/internet-security-software/features, retrieved Sep. 9, 2005, 3 pages.
Digital Signature Trust,Roaming Digital Certificates, A New Type of Standard Assurance Certificate for the State of Washington PKI, http://www.digsigtrust.com/state/wa/swa-offerings-standard-roaming.html, retrieved Sep. 9, 2005, 2 pages.
Betrusted,UniCERT Advanced Modules, User Roaming, http://www.betrusted.com/products/unicert/advancedmodules/roaming.asp, retrieved Sep. 9, 2005, 2 pages.
Arcot Systems, Inc.,Making Software-Only Strong Authentication a Reality, http://www.arcot.com/arcotid.html, retrieved Sep. 9, 2005, 2 pages.
USPTO Non-Final Office Action dated Feb. 25, 2009, cited in U.S. Appl. No. 11/222,912; 10 pages.
Amendment and Response to Non-Final Office Action cited in U.S. Appl. No. 11/222,912, filed May 26, 2009; 14 pages.
USPTO Notice of Allowance and Fee(s) Due dated Aug. 17, 2009, cited in U.S. Appl. No. 11/222,912; 4 pages.
Box Donald F.
Nanda Arun K.
Shewchuk John P.
Walter Douglas A.
Wilson Hervey O.
Hoffman Brandon
Merchant & Gould P.C.
Microsoft Corporation
LandOfFree
Securely roaming digital identities does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Securely roaming digital identities, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Securely roaming digital identities will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4294035