147 results about "Registration authority" patented technology

A secure end-to-end communications system includes a vault controller based registration application for managing the issuance and administration of digital certificates for use in conducting electronic commerce in the system. The system includes an end user terminal and a registration authority terminal coupled to a vault controller through the system. A registration application executable in the controller utilizes SSL and dedicated vaults to process requests for digital certificates from end users on an automated or manual basis. The registration application includes an enrollment module which implements the process of applying for and receiving certificates; an RA desk top module which allows an administrator to review certificate requests and manage certificates; a master Registration Authority (RA) module which conducts the processing of requests and the generation of certificates; and an RA (Registration Authority) database serves as a repository of information about applicants, certificate requests, and their processing history.

A system and method are provided for preventing unauthorized access to electronic data stored on an electronic device. A portable licensing medium is configured to communicate with the electronic device for storing license data. The license data is used to determine whether to allow access to the electronic data. A registration authority communicates with the electronic device. The registration authority has a database of verification data for verifying the license data stored on the licensing medium and provides updated license data to the licensing medium.

Caller name is authenticated using authentication certificates issued by a registration authority that registers callers who wish to terminate calls to callers subscribed to the registration authority. In one embodiment, the authentication certificates are sent to a called device or a proxy for the called device via a path that is separate from the call setup path. An indication is conveyed to the called party to indicate whether the caller name was successfully authenticated.

The present invention provides systems and methods for transfering electronic information from one location to another such that only one original work exists at a given time. The methods and systems of the present invention allow distribution of originals without requiring a registration authority or other entity to vouch for what constitutes an “original” piece of information, thus reducing (or eliminating entirely) the need to centrally record changes in ownership each time originals change hands.

A public key validation agent (PKVA) includes a registration authority which issues a first unsigned public key validation certificate (unsigned PKVC) off-line to a subject that binds a public key of the subject to a first public key serial number (PKVN). The registration authority maintains a certificate database of unsigned PKVCs in which it stores the first unsigned PKVC. A credentials server issues a disposable public key validation certificate (disposable PKVC) on-line to the subject. The disposable PKVC binds the public key of the subject from the first unsigned PKVC to the first PKVN from the first unsigned PKVC. The credentials server maintains a table that contains entries corresponding to valid unsigned PKVCs stored in the certificate database. The PKVA can be employed in a public key validation service to validate the public key of the subject before a private/public key pair of the subject is used for authentication purposes.

Methods, apparatuses and modules for creation of a generic public key infrastructure by use of established trust, wherein trust between a client and a registration authority is established, and an enrolled certificate is furnished in a secure manner to the client by use of the established trust. The present invention also address correspondingly configured servers and/or terminals, client and/or registration authorities and/or certificate authority entities, as well as device security, security-aware control points and security console units, provided with such modules and functions enabling the aspects of the method/s to be carried out. Respective computer programs and circuit arrangements for carrying out the aspects of the methods and/or for operating hardware to carry out the aspects of the above methods are also provided.

A public-key-encryption data-communication system includes a public-key-certificate issuer authority. The public-key-certificate issuer authority performs the issuance of a public key certificate and management operations, certification of a subject to be certificated, which is a certificate issuing request, and management such as registration processing are executed by a root registration authority or each registration authority. The public-key-certificate issuer authority performs processing for validating, invalidating, and deleting the certificate in accordance with a request from the root registration authority. The root registration authority accepts a request for issuing a public key certificate corresponding to the subject to be certificated which is under the control of a certificated registration authority, and transfers it to the public-key-certificate issuer authority in a form in which a signature is added to it. Processes by the public-key-certificate issuer authority, the root registration authority, the registration authority are separated, whereby the need for new implementation of user recognition, certificate issuance, registration, and management is eliminated.

A system enables interactive socialization of users having a wireless device at a venue. The system includes a registration mechanism for registering a user. A location determination mechanism comprises a global positioning system that identifies the longitude and latitude of other users. An on-location update mechanism publishes the availability of the service at a given venue. A data mechanism runs a list of active sessions against a user compatibility engine. A notification is transmitted to each user that contains a compatibility match listing compatible users at the venue. Intercommunication among users is provided through the system/application, whereby a user receives the compatibility match notification and can respond with a message, block or ignore based on a compatibility assessment. The subject system or application may be used for a dating aid for meeting others, or to create networking opportunities.

The present invention provides a method for modifying validity of a certificate in a public key infrastructure (PKI)-based authentication system, which is capable of performing online suspension, recovery and revocation of a certificate between a user system and a certificate authority by executing user authentication with guaranteed reliability using user biometric information. Accordingly, there is no need for the user to personally visit a registration authority or certificate authority to modify the certificate validity. The user can easily modify the certificate validity using his/her user system connected online to the certificate authority.

The invention relates to a two-dimensional code based method for realizing extended authentication control of a smart card on mobile equipment. The method comprises the following steps: an eID application program sends a service request to an eID service system; the eID service system returns a two-dimensional code including registry key information to the eID application program and monitors the status of the registry key information; the two-dimensional code is scanned; information acquisition is conducted; whether an eID card is registered or not is checked; the registration authority information of the eID card is read or encrypted and then sent to the eID service system; the eID service system achieves eID registration authority treatment; the session key is updated according to the result; the eID application program receives application service provided by the eID service system. By adopting the two-dimensional code based method for realizing extended authentication control of the smart card on mobile equipment, the dependence of the smart card on a traditional card reader is reduced, the identity authentication is safe and reliable, the use is convenient, quick and safe, the working performance is stable and reliable and the application range is relatively wide.

The invention provides an edge computing node identity authentication method based on an AES algorithm. The method comprises the following steps: an initialization step: allocating ID to each edge service device in a network by utilizing a register mechanism, and finishing generation of a public/private key pair of each edge service device and the register mechanism; a register step: finishing registration of an edge user requesting for service and generation of a master key; and an authentication step: realizing two-way identity authentication of the edge user and each edge service device byutilizing an improved AES algorithm. The technical scheme solves the problem of two-way identity authentication of an edge computing node, ensures safe and efficient communication of the edge node, and can meet requirements for high dynamic and low time delay of edge calculation.

A method for producing linkage values to be contained within pseudonym digital certificates of a security credential management system for connected vehicles, including the following steps: providing a linkage value function that expresses linkage values as a function of a number of input parameters that include a linkage seed input from a pseudonym certificate authority processor entity and a plurality of inputs from a registration authority processor entity including a vehicle identifier and at least one index relating to a time period for the linkage value; producing a Boolean circuit representative of the function for a particular combination of the number of input parameters; and executing a garbled circuit protocol on the Boolean circuit between the registration authority processor entity and the pseudonym certificate authority processor entity, whereby the pseudonym certificate authority processor entity privately derives a linkage value for the particular combination of the number of input parameters.

A system and method of proxy (60) domain name registration permits a would-be domain name registrant anonymity. A registrar (24) affords customers (20) the opportunity to use the proxy registration. If the customer seeking registration of a domain name requests, the registrar obtains contact information needed for registration from a proxy entity established for this purpose. The registrar completes the registration of the domain name with the appropriate registry (22) (i.e. “.com, .net” etc.). The contact information published in WHOIS (27) is that of proxy entity. Contractually the customer is afforded control over the domain name. Emails intended for the customer are received by the proxy entity who may filter them if the customer requests. Emails sent by the customer are sent to the proxy entity who in turn send them to the indicated addressee.

The invention discloses patient document retrieval authorization control method and system, belonging to the technical field of computer software. The method comprises the following steps of: firstly, classifying patient documents, setting access rights to the documents for medical personnel according to the roles of the medical personnel and issuing corresponding digital certificates to the medical personnel; then signing own documents by patients and meanwhile setting diagnosis activity participation roles and the access time of the medical personnel; and finally, determining the document retrieval rights of the medical personnel according to the roles, the diagnosis activity participation roles and the access time of the medical personnel by the system. The system comprises a medical personnel certificate registration mechanism, a patient certificate registration mechanism, a certificate authorization mechanism, a safety service interface, an access control module, a document retrieval client and a document base server. Compared with the prior art, the invention not only protects the individual privacy information of patients and the intellectual property of medical units, but also are convenient for the medical personnel to conveniently use the documents of the patients.

The invention discloses a secure electronic voting system based on an identity signature. The secure electronic voting system comprises a registration mechanism, a notary mechanism, a voter, a vote checking center and a flight ticket center. The voting system comprises an identity-based signature scheme, a matrix homomorphic encryption scheme, a matrix fully-homomorphic encryption scheme and a matrix commissioned calculation scheme, and comprises the following steps of: a series of initialization work of the notary mechanism before election; a series of operations of the voter for completing voting; votes checking and counting by a vote counting mechanism ; and statistical results decoding and election results announcing by the notary mechanism. By adopting the technical scheme disclosed by the invention, firstly the electronic voting scheme is a secure electronic voting scheme, secondly the size of the votes can be freely determined, so that the secure electronic voting system can be used for large-scale network voting for election, and thirdly all links of the election are more open and transparent.

A method, apparatus, and system are directed towards generating a public/private key pair prior to registration. The generation of the public/private key pair is performed by the entity to which the key pair is to be associated. The entity may then complete n application. The entity may then employ the generated public/private key pair to digitally sign the application. In one embodiment, the public key is provided with the application to a registration authority. Upon request, the public key and at least some of the application information may be provided to requester for use in identification, authentication, integrity, and/or non-repudiation of the registered entity. In another embodiment, the registration authority or other entity may verify the identity of the registering entity using the application. In one embodiment, the registration authority may select to digitally sign the application to indicate that the information has been verified.