公开(公告)号：US20070220134A1

公开(公告)日：2007-09-20

申请号：US11276798

申请日：2006-03-15

申请人： Kim Cameron ,  Arun Nanda ,  Christian Huitema ,  Carl Ellison

发明人： Kim Cameron ,  Arun Nanda ,  Christian Huitema ,  Carl Ellison

IPC分类号： G06F15/173

CPC分类号： H04L63/1441 ,  G06F21/31 ,  G06F2221/2119 ,  H04L63/126 ,  H04L63/1483 ,  H04L67/02

摘要： A computer system is configured to verify a connection to a web site. The computer system includes a user interface programmed to receive a uniform resource locator and a call sign associated with the web site. The computer system also includes a validator module programmed to calculate a hash value based on the uniform resource locator, a public key associated with the web site, and a salt, and the validator being programmed to compare the hash value to the call sign to verify the connection to the web site.

摘要翻译： 计算机系统被配置为验证到网站的连接。 计算机系统包括被编程为接收统一资源定位符的用户界面和与该网站相关联的呼号。 该计算机系统还包括一个验证器模块，该验证器模块被编程为基于统一资源定位器计算散列值，与该网站相关联的公共密钥和一个盐，并且该验证器被编程为将散列值与呼号进行比较以验证 与网站的连接。

公开(公告)号：US20070203848A1

公开(公告)日：2007-08-30

申请号：US11361780

申请日：2006-02-24

申请人： Kim Cameron ,  Arun Nanda

发明人： Kim Cameron ,  Arun Nanda

IPC分类号： G06Q99/00

CPC分类号： G06F21/6263 ,  G06Q20/3674 ,  G06Q20/382

摘要： A computer system includes a security module programmed to generate a first privacy key for use with secure communications with a first web site, and a second privacy key for use with secure communications with a second web site, the first and second keys being different. The computer system also includes an identity module programmed to receive a request from the first web site for linking a first user account associated with the first web site with a second user account associated with the second web site, and the identity module being programmed to present a user with an option to link the first and second user accounts.

摘要翻译： 计算机系统包括被编程为生成用于与第一网站的安全通信的第一隐私密钥的安全模块和用于与第二网站的安全通信一起使用的第二隐私密钥，所述第一和第二密钥是不同的。 计算机系统还包括一个身份模块，该身份模块被编程为接收来自第一网站的请求，用于将与第一网站相关联的第一用户帐户与与第二网站相关联的第二用户帐户链接，并且身份模块被编程为呈现 具有链接第一和第二用户帐户的选项的用户。

公开(公告)号：US07822988B2

公开(公告)日：2010-10-26

申请号：US10693172

申请日：2003-10-23

申请人： Kim Cameron ,  Arun Nanda ,  Don Hacherl ,  Murli Satagopan ,  Stuart Kwan ,  Colin Brace ,  Walter Smith ,  Melissa Dunn

发明人： Kim Cameron ,  Arun Nanda ,  Don Hacherl ,  Murli Satagopan ,  Stuart Kwan ,  Colin Brace ,  Walter Smith ,  Melissa Dunn

IPC分类号： H04L9/32

CPC分类号： H04L63/102 ,  G06F21/31 ,  G06F21/64 ,  H04L63/126

摘要： In accordance with various aspects, the present invention relates to methods and systems for sending an identity information document comprising selecting identity information from a self-identity information store for inclusion in the identity information document. The selected identity information is read from a self-identity information store. The identity information document is generated to include the selected identity information and one or more keys, and signed using a key associated with one of the keys included in the identity information document. The identity information document is then sent to a recipient. Receiving an identity information document comprises receiving a signed identity information document from an originator. A determination is made as to whether identity information in the identity information document is reliable. The identity information is saved in a recognized identity information store if the identity information is determined to be reliable. If the identity information is determined to be unreliable, an identity recognition number retrieved from the sender is compared to an identity recognition number generated by the recipient based on information in the received identity information document. If the identity recognition number is verified, the identity information is saved in the recognized identity information store.

摘要翻译： 根据各方面，本发明涉及用于发送身份信息文档的方法和系统，包括从自身身份信息存储中选择身份信息以包括在身份信息文档中。 所选择的身份信息从自身身份信息存储器读取。 生成身份信息文档以包括所选择的身份信息和一个或多个密钥，并且使用与包括在身份信息文档中的密钥之一相关联的密钥进行签名。 然后将身份信息文档发送给收件人。 接收身份信息文档包括从发起者接收签名的身份信息文档。 确定身份信息文档中的身份信息是否可靠。 如果身份信息被确定为可靠，则身份信息被保存在识别的身份信息存储器中。 如果身份信息被确定为不可靠，则根据接收到的身份信息文档中的信息，将从发送者检索到的身份识别号码与由接收者产生的身份识别号码进行比较。 如果身份识别号码被验证，身份信息被保存在识别的身份信息存储中。

公开(公告)号：US20060200866A1

公开(公告)日：2006-09-07

申请号：US11073404

申请日：2005-03-04

申请人： Kim Cameron ,  Arun Nanda ,  Andy Harjanto ,  Stuart Kwan ,  John Shewchuk ,  Bill Barnes ,  Khushru Irani ,  Charles Reeves

发明人： Kim Cameron ,  Arun Nanda ,  Andy Harjanto ,  Stuart Kwan ,  John Shewchuk ,  Bill Barnes ,  Khushru Irani ,  Charles Reeves

IPC分类号： H04L9/32

CPC分类号： H04L63/126 ,  H04L63/1483

摘要： Exemplary embodiments disclosed herein may include a method and system for providing information to a user and safely disclosing identity information over the Internet comprising receiving information from a server, analyzing the information, presenting the analyzed information to a user for validation in a finite number of configurations controlled by a client, and validating of the information by the user.

摘要翻译： 本文公开的示例性实施例可以包括用于向用户提供信息并且通过因特网安全地公开身份信息的方法和系统，包括从服务器接收信息，分析信息，将分析的信息呈现给用户以在有限数量的配置中进行验证 由客户控制，并由用户验证信息。

公开(公告)号：US20070203849A1

公开(公告)日：2007-08-30

申请号：US11361110

申请日：2006-02-24

申请人： Kim Cameron ,  Arun Nanda

发明人： Kim Cameron ,  Arun Nanda

IPC分类号： G06Q99/00

CPC分类号： G06F21/41 ,  G06Q20/3674

摘要： A system for endpoint verification includes a computer system programmed to access one web site of a plurality of web sites associated with an organization. The computer system is programmed to receive a digital certificate of the web site and to display an attribute from the digital certificate to the user for endpoint verification. The attribute is common across two or more of the web sites of the organization.

摘要翻译： 用于端点验证的系统包括被编程为访问与组织相关联的多个网站的一个网站的计算机系统。 计算机系统被编程为接收网站的数字证书，并且从数字证书向用户显示属性以进行端点验证。 该属性在组织的两个或多个网站中是常见的。

公开(公告)号：US20060198517A1

公开(公告)日：2006-09-07

申请号：US11074885

申请日：2005-03-07

申请人： Kim Cameron ,  Arun Nanda ,  Josh Benaloh ,  John Shewchuk ,  Daniel Simon ,  Andrew Bortz

发明人： Kim Cameron ,  Arun Nanda ,  Josh Benaloh ,  John Shewchuk ,  Daniel Simon ,  Andrew Bortz

IPC分类号： H04L9/00

CPC分类号： H04L63/0442 ,  G06F21/445 ,  G06F2221/2129 ,  H04L9/0869 ,  H04L9/3218 ,  H04L63/06 ,  H04L2463/061

摘要： Exemplary embodiments disclosed herein may include a method and system for creating pair-wise security keys, comprising receiving an identity key from a website, generating a master key, creating a pair-wise symmetric key or asymmetric key pair by utilizing an encryption function of the identity key and the master key, and storing the pair-wise public or symmetric key at the client and the website.

摘要翻译： 本文公开的示例性实施例可以包括用于创建成对安全密钥的方法和系统，包括从网站接收身份密钥，生成主密钥，通过利用所述密钥对的加密功能创建成对对称密钥或非对称密钥对 身份密钥和主密钥，并将成对的公有或对称密钥存储在客户端和网站上。

公开(公告)号：US08689296B2

公开(公告)日：2014-04-01

申请号：US11952890

申请日：2007-12-07

申请人： John Shewchuk ,  Kim Cameron ,  Arun Nanda ,  Xiao Xie

发明人： John Shewchuk ,  Kim Cameron ,  Arun Nanda ,  Xiao Xie

IPC分类号： G06F7/04

CPC分类号： H04L63/08 ,  G06F21/33 ,  G06F21/41 ,  H04L63/0853

摘要： A system and method for controlling distribution and use of digital identity representations (“DIRs”) increases security, usability, and oversight of DIR use. A DIR stored on a first device may be obtained by a second device for use in satisfying the security policy of a relying party. Release of the DIR to the second device requires permission from a device or entity that may be different from the device or entity attempting to access the relying party. Further, the use of the DIR to obtain an identity token may separately require permission of even a different person or entity and may be conditioned upon receiving satisfactory information relating to the intended use of the DIR (e.g., the name of the relying party, type of operation being attempted, etc.). By controlling the distribution and use of DIRs, security of the principal's identity and supervisory control over a principal's activities are enhanced.

摘要翻译： 用于控制数字身份表示（“DIR”）分发和使用的系统和方法提高了DIR使用的安全性，可用性和监督性。 可以通过第二设备获得存储在第一设备上的DIR，以用于满足依赖方的安全策略。 将DIR发布到第二设备需要来自可能与尝试访问依赖方的设备或实体不同的设备或实体的许可。 此外，使用DIR获得身份令牌可以单独要求甚至不同的人或实体的许可，并且可以在接收到与DIR的预期用途有关的令人满意的信息的条件下（例如，依赖方的名称，类型 正在尝试操作等）。 通过控制DIR的分配和使用，主体的身份安全性和对委托人活动的监督控制得到加强。

公开(公告)号：US20070204168A1

公开(公告)日：2007-08-30

申请号：US11361281

申请日：2006-02-24

申请人： Kim Cameron ,  Arun Nanda

发明人： Kim Cameron ,  Arun Nanda

IPC分类号： H04L9/00

CPC分类号： G06F21/33 ,  G06F2221/2115

摘要： A digital identity system includes a principal including an identity selector programmed to receive a security policy from a relying party, review a plurality of digital identities associated with the principal, and request one or more claims related to an identity of the principal from an identity provider. The principal is further programmed to receive one or more security tokens including the claims from the identity provider, and to forward the security tokens to the relying party.

摘要翻译： 一种数字身份识别系统包括一个主体，包括被编程为从依赖方接收安全策略的身份选择器，审查与主体相关联的多个数字身份，并从身份提供者请求与主体的身份有关的一个或多个权利要求 。 校长进一步被编程为接收一个或多个安全令牌，包括来自身份提供者的权利要求，并将安全令牌转发给依赖方。

公开(公告)号：US20070203852A1

公开(公告)日：2007-08-30

申请号：US11361857

申请日：2006-02-24

申请人： Kim Cameron ,  Arun Nanda

发明人： Kim Cameron ,  Arun Nanda

IPC分类号： G06Q99/00 ,  H04L9/00

CPC分类号： G06Q30/06 ,  G06Q20/367 ,  G06Q20/401 ,  G06Q30/02

摘要： A system for providing reputation information includes a relying party programmed to receive a security token including a claim with reputation information associated with a party, and the relying party is further programmed to utilize the reputation information when deciding whether to transact with the party. A method of providing reputation information includes receiving a request for information from a party, requiring the party to provide reputation information, receiving the reputation information in a claim of a security token, and using the reputation information to decide whether to transact with the party. Another method of providing reputation information includes requesting reputation information associated with a online service from a claims authority, receiving the reputation information in a claim of a security token, and using the reputation information to decide whether to transact with the online service.

摘要翻译： 用于提供信誉信息的系统包括被编程为接收包括具有与一方相关联的信誉信息的声明的安全令牌的依赖方，并且依赖方进一步被编程为在决定是否与该方进行交易时利用该信誉信息。 提供信誉信息的方法包括从一方接收对信息的请求，要求该方提供信誉信息，在安全令牌的权利要求中接收信誉信息，并使用信誉信息来决定是否与该方进行交易。 提供信誉信息的另一种方法包括从权利要求权限请求与在线服务相关联的信誉信息，在安全令牌的权利要求中接收信誉信息，以及使用信誉信息来决定是否与在线服务进行交易。

公开(公告)号：US20060200667A1

公开(公告)日：2006-09-07

申请号：US11074972

申请日：2005-03-07

申请人： Kim Cameron ,  Arun Nanda ,  Andy Harjanto ,  Stuart Kwan

发明人： Kim Cameron ,  Arun Nanda ,  Andy Harjanto ,  Stuart Kwan

IPC分类号： H04L9/00

CPC分类号： H04L63/0823 ,  H04L9/3263 ,  H04L2209/56

摘要： Exemplary embodiments disclosed herein may include a method and system for creating an attendance marker and establishing consistent recognition of an ongoing digital relationship, including receiving an identity key about a server, creating an attendance marker, associating the attendance marker with the server. Other embodiments relate to systems and methods for recognizing a server, website, and/or other system for a client, such as a computer system for a user. Such authentication involves receiving an identity key about a web server or other system, creating an attendance marker, associating the attendance marker with the server, requesting an attendance marker associated with a server, and recognizing the server based at least in part on the attendance marker.

摘要翻译： 本文公开的示例性实施例可以包括用于创建考勤标记并建立持续数字关系的一致性识别的方法和系统，包括接收关于服务器的身份密钥，创建考勤标记，将考勤标记与服务器相关联。 其他实施例涉及用于识别用于客户端的服务器，网站和/或其他系统的系统和方法，诸如用于用户的计算机系统。 这种认证涉及接收关于web服务器或其他系统的身份密钥，创建考勤标记，将考勤标记与服务器相关联，请求与服务器相关联的考勤标记，以及至少部分地基于考勤标记识别服务器 。