Method for issuing authentication information and blockchain-based server using the same
US-2017330179-A1 · Nov 16, 2017 · US
Self certification of devices for secure transactions
US11290269B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11290269-B2 |
| Application number | US-201716772720-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 13, 2017 |
| Priority date | Dec 13, 2017 |
| Publication date | Mar 29, 2022 |
| Grant date | Mar 29, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments of the invention are directed to techniques for enabling self-certification of an electronic device to result in the issuance of a security certificate that the electronic device may use to authenticate itself to another entity. In some embodiments, the device is caused to initiate the self-certification process upon determining that a status of a current security certificate is no longer valid. In some embodiments, an electronic device may communicate with a certificate authority, which may generate a set of policy data that indicates permissions for the electronic device. The electronic device may then generate an electronic record to be associated with the security certificate, which it may sign using a private key. The certificate authority may then verify the authenticity of the signed electronic record using a public key associated with the electronic device. The electronic record may be appended to some collection of records.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: in response to determining that a security certificate is necessary, transmitting a request to a certificate authority, the request including an electronic identifier of an electronic device, the certificate authority comprising a certification authority network, the certification authority network storing an electronic record of electronic records, the electronic record comprising a blockchain record; receiving, from the certificate authority, information to be used in generating the electronic record of the electronic records, the information including device-specific information and user-specific information, and the information being identified by the certificate authority using the electronic identifier of the electronic device, the electronic identifier comprising a hash of the user-specific information generated by a hashing algorithm; generating the electronic record to comprise at least the electronic identifier and the information to be used in generating the electronic record, the electronic identifier generated according to a specified format based on the information, the specified format being particular to the device-specific information or the user-specific information; signing at least a portion of the electronic record using a private key; transmitting the electronic record to the certificate authority; and receiving access to the security certificate upon verification of the electronic record by the certificate authority. 2. The method of claim 1 , wherein the security certificate is determined to be necessary upon detecting that a current security certificate has expired. 3. The method of claim 1 , wherein the information to be used in generating the electronic record comprises at least a token. 4. The method of claim 3 , wherein the token is mapped to account information for the electronic record. 5. The method of claim 1 , wherein the security certificate is determined to be necessary upon detecting a change to an ownership status. 6. The method of claim 1 , wherein the security certificate is a secure sockets layer certificate. 7. The method of claim 1 , wherein the method is performed by a webserver that hosts a website, and wherein the security certificate is associated with the website. 8. The method of claim 1 , further comprising initiating a transaction by sending a transaction request to a resource provider that includes an indication of the security certificate and a request for a resource. 9. The method of claim 8 , wherein the security certificate is associated with policy data that includes permissions for the transaction. 10. The method of claim 1 , wherein receiving access to the security certificate comprises receiving a link or reference to the security certificate. 11. An electronic device comprising, a processor, and a memory coupled to the processor, the memory comprising code that, when executed by the processor, causes the electronic device to: transmit a request to a certificate authority, the request including an electronic identifier of the electronic device, the certificate authority comprising a certification authority network, the certification authority network storing an electronic record of electronic records, the electronic record comprising a blockchain record; receive, from the certificate authority, information to be used in generating the electronic record of the electronic records, the information including device-specific information and user-specific information, and the information being identified by the certificate authority using the electronic identifier of the electronic device, the electronic identifier comprising a hash of the user-specific information generated by a hashing algorithm; generate the electronic record to comprise at least the electronic identifier and the information to be used in generating the electronic record, the electronic identifier generated according to a specified format based on the information, the specified format being particular to the device specific information or the user-specific information; sign at least a portion of the electronic record using a private key; transmit the electronic record to the certificate authority; and receive a security certificate upon verification of the electronic record by the certificate authority. 12. The electronic device of claim 11 , wherein the electronic device is a machine-to-machine device. 13. The electronic device of claim 12 , wherein the code further causes the electronic device to, upon detecting that a resource used in a primary function of the machine-to-machine device is required, transmit a request for the resource to a resource provider that offers the resource, the request comprising the security certificate. 14. The electronic device of claim 11 , wherein verification of the electronic record by the certificate authority comprises using a public key associated with the electronic device. 15. The electronic device of claim 11 , wherein the request is transmitted to the certificate authority at an address stored in the memory. 16. The electronic device of claim 11 , wherein the code is executed by the processor without user interaction. 17. The electronic device of claim 11 , wherein the processor and the memory are included on an integrated circuit. 18. A certification authority network comprising: an electronic record of electronic records, the electronic record comprising a blockchain record; and a plurality of nodes, each of the plurality of nodes including instructions that, when executed, cause the node to: receive a request for a security certificate from an electronic device, the request including an electronic identifier of the electronic device; provide, to the electronic device, information to be used in generating the electronic record of the electronic records, the information including device-specific information and user-specific information, the generated electronic record comprising at least an electronic identifier, the electronic identifier generated according to a specified format based on the information, the specified format being particular to the device-specific information or the user-specific information, the information being identified using the electronic identifier of the electronic device, the electronic identifier comprising a hash of the user specific information generated by a hashing algorithm; receive, from the electronic device, the generated electronic record including at least a signature portion; identify a public key associated with the electronic device; verify the signature portion of the generated electronic record using the public key; and upon verifying the signature portion of the generated electronic record, appending the generated electronic record to the record of electronic records. 19. The certification authority network of claim 18 , wherein the certification authority network is a blockchain network that is distributed to each of the plurality of nodes.
Assignees
Inventors
Classifications
using hash chains, e.g. blockchains or hash trees · CPC title
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
- H04L9/3263Primary
involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements (network architectures or network communication protocols for supporting authentication of entities using certificates in a packet data network H04L63/0823) · CPC title
for key distribution, e.g. centrally by trusted party (cryptographic mechanisms or cryptographic arrangements for key distribution involving a central third party H04L9/0819) · CPC title
involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11290269B2 cover?
- Embodiments of the invention are directed to techniques for enabling self-certification of an electronic device to result in the issuance of a security certificate that the electronic device may use to authenticate itself to another entity. In some embodiments, the device is caused to initiate the self-certification process upon determining that a status of a current security certificate is no …
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3263. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 29 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).