Dabears4....Wave's ENVOY Diagnostic Server & Patent!
Btw.....Great stuff from you as always.....thx!
"[0029] The account management server 206 can take the form of a WaveNet server provided by Wave Systems Corporation of Plainsboro, N.J., which is a known computer server for enabling secure payment of goods and services over the Internet for client computers having appropriate secure hardware 104 and software, such as SURF based hardware and software. A diagnostic server 204 can also be provided. The Envoy Diagnostic Web Server from Wave Systems Corporation of Plainsboro, N.J., is suitable for this application."
Inventors:Sprague, Steven (Lenox, MA, US)
Application Number:09/906375 Publication Date:01/16/2003 Filing Date:07/16/2001 View Patent Images:Download PDF 20030014631 PDF help Export Citation:Click for automatic bibliography generation Primary Class:713/168 International Classes:(IPC1-7): H04L009/00 Attorney, Agent or Firm:BAKER & BOTTS (30 ROCKEFELLER PLAZA, NEW YORK, NY, 10112)
Claims:What is claimed is:
1. A method for a user of a computer to access content anonymously from a third party content provider computer comprising: registering a persona having a persona identifier with a persona server to generate an access record; requesting access to content from the content provider using the persona identifier; the content provider generating a challenge message including, at least in part, the persona identifier and data uniquely verifiable by the content provider, and submitting the challenge message to the persona server; the persona server associating the persona identifier with the access record and generating an authentication object including the data uniquely verifiable by the content provider enveloped in a manner extractable only by an authorized user of the persona; the user computer receiving the authentication object; the user computer retrieving data from the access record; the user computer extracting the data uniquely verifiable by the content provider using the data from the access record; and the user computer submitting the extracted data to the content provider for authentication.
2. The method for a user of a computer to access content anonymously according to claim 1, wherein the user is a member of a group of authorized users and the persona identifier is associated with the group.
3. The method for a user of a computer to access content anonymously according to claim 1, wherein the data uniquely verifiable by the content provider is pseudo-random data generated by the content provider computer.
4. The method for a user of a computer to access content anonymously according to claim 1, wherein the user can register a plurality of persona identifiers with the persona server.
5. A method for a content provider to authorize anonymous user access to content on a computer network comprising: receiving a request for access from a user computer having a persona identifier; generating a challenge message including, at least in part, the persona identifier and verification data; submitting the challenge message to a persona server; receiving an authentication object from the persona server and forwarding the authentication object to the user computer, the authentication object including the verification data enveloped such that it is accessible only by an authorized user of the persona identifier; receiving the verification data from the user computer; and granting access to the user computer if the verification data is correct.
6. The method of authorizing anonymous access to content according to claim 5, wherein the verification data is pseudo-random data generated in response to the request for access.
7. The method of authorizing anonymous access to content according to claim 5, wherein the user extracts the verification data from the authentication object using data retrieved from the persona server.
8. The method of authorizing anonymous access to content according to claim 5, wherein the user is a member of a group of users.
9. The method of authorizing anonymous access to content according to claim 5, wherein the user has a plurality of persona identifiers.
10. A method of providing authentication data for a user of a persona to access content anonymously comprising: creating an access record based at least in part on a persona identifier and associating the persona identifier with substantially unique encryption data; receiving a challenge message from a content provider computer including the persona identifier and verification data; enveloping at least the verification data in accordance with the encryption data in the access record associated with the persona identifier to generate an authentication object; and providing the authentication object to at least one of the content provider and the persona user.
11. The method of providing authentication data for a user of a persona according to claim 10, wherein the authentication object is passed to the content provider and from the content provider to the persona user.
12. The method of providing authentication data for a user of a persona according to claim 10, wherein the authentication object is passed to the persona user.
13. A system for authenticating a user of an anonymous persona prior to granting access rights on a public network comprising: a plurality of client computers operatively coupled to the public network, the client computers storing at least one persona identifier; a persona server operatively coupled to the public network, the persona server maintaining a database of access records associated with a plurality of persona identifiers, the access records associating each persona identifier with corresponding decryption data; at least one content provider computer operatively coupled to the public network, in response to a request for access from one of the plurality of client computers using a persona identifier, the content provider computer generating a challenge message including the persona identifier and verification data associated with the request for access, the content provider computer submitting the challenge message to the persona server, the persona server receiving the challenge message and generating an authentication object including the verification data encrypted based on the access record associated with the persona identifier, the authentication object is presented to the client computer requesting access which, if authentic, retrieves data from the access record, decrypts the authentication object and returns the verification data to the content provider computer to establish user authentication.
14. The system for authenticating a user of an anonymous persona according to claim 13, wherein the persona server comprises: an authentication server operatively coupled to the public network; a digital rights management server operatively coupled to the authentication server; and an account management server operatively coupled to the authentication server, to the digital rights management server and to the public network.
15. The system for authenticating a user of an anonymous persona according to claim 13, wherein the plurality of client computers include secure hardware for storing the at least one persona identifier.
16. The system for authenticating a user of an anonymous persona according to claim 15, wherein the secure hardware is a SURF hardware device.
Description:FIELD OF THE INVENTION
[0001] The present invention relates generally to the access and use of content over a public network, such as the Internet, and more particularly relates to a system for access and use of content over a public network where users and groups are identified by a persona which is verifiable by a combination of the operations of the user computer and an authentication server.
BACKGROUND OF THE INVENTION
[0002] The Internet is a vast public network that is now used by millions of users to access content and to engage in electronic commerce transactions. The growth of the Internet, however, has lead to concerns regarding the security of transactions over a public network and the unauthorized use of personal information and personal profiles for improper purposes. For example, as a user accesses a website on the Internet, the user may be required to register with the service provider and divulge personal information and payment information, such as credit card data. The user's activities can be tracked and this information used to establish personal profiles which are commonly sold to others interested in directing marketing efforts to users with certain profiles. Such marketing efforts generally result in unsolicited and unwanted advertisements being directed to the consumer. There is also concern that such profiles can be used for improper purposes, such as theft of an individual's identity and other crimes against the user.
[0003] U.S. Pat. No. 5,815,665, the entire specification of which is herein incorporated by reference, is directed to a system and method for providing trusted brokering services over a distributed network. In the systems and methods disclosed in this patent, a user requests access to a content provider and is provided with a “challenge” message. The user computer provides a response to the challenge message which is passed by the service provider to an online broker server. The broker server uses the response to verify the user identity and provide an anonymous identifier for the user to the content provider for subsequent billing purposes. In this system, the “trust” resides with the broker server and not with the client.
[0004] It would be desirable to have a system where the identity of the user remains anonymous and the user was verifiable by a trusted client computer or the combination of a trusted server and a trusted client computer.
OBJECTS AND SUMMARY OF THE INVENTION
[0005] It is an object to provide a system and method for enabling electronic commerce transactions over a public network while maintaining a substantial degree of user anonymity.
[0006] It is a further object to provide a system and method for enabling an individual user or a group of users to be identified by a persona or alias which can be authorized by an authentication server and a user of a trusted client computer.
[0007] It is yet another object to authenticate that a user is a member of an authorized group of users without the individual user's identity being disclosed.
[0008] A method for one or more user(s) to access content anonymously from a third party content provider computer includes the step of a user registering a persona having a persona identifier with a persona server to generate an access record. In the case of a group of users, once an access record for the group is generated, additional personas can be added to the access record by modifying the existing access record. A user requests access to content from the content provider using the persona identifier. In response, the content provider computer generates a challenge message including, at least in part, the persona identifier and data uniquely verifiable by the content provider computer, and submits the challenge message to the persona server. The persona server associates the persona identifier of the challenge message with the access record and generates an authentication object including the data uniquely verifiable by the content provider computer enveloped in such a manner that it is extractable only by a computer of a user of the persona authorized to retrieve the access record. The user receives the authentication object and retrieves the access record from the personal server. Using data stored in the access record, the user extracts the data which is uniquely verifiable by the content provider computer. The user then submits the extracted data which is uniquely verifiable by the content provider computer to the content provider for authentication and access control.
[0009] Another embodiment of the present invention is a method for authorizing anonymous access to content that includes: receiving a request for access from a user having a persona identifier; generating a challenge message including, at least in part, the persona identifier and verification data; submitting the challenge message to the persona server; receiving an authentication object from the persona server and forwarding the authentication object to the user computer, the authentication object packaging the verification data such that it is accessible only by the authorized user computer; receiving the verification data from the user computer; and granting access to the user if the verification data is correct.
[0010] The present invention also includes a method of generating an authentication object for a user of a persona to access content anonymously, which is generally performed by a persona server acting as an authorization agent. The method includes registering a user persona by creating an access record based at least in part on a persona identifier and registration data provided by a user associated with the persona identifier. Upon receiving a challenge message from a content provider computer, including the persona identifier and verification data, the method provides for enveloping at least the verification data in accordance with data stored in the access record associated with the persona identifier to generate an authentication object. The authentication object is provided either to the content provider computer, which in turn forwards it to the persona user, or directly to the persona user. If the persona user requesting access to the content provider is authentic, the user computer can retrieve the access record, extract the verification data and submit the verification data to the content provider for authentication.
[0011] Also in accordance with the present invention is a system for authenticating a user of a persona prior to granting access rights over a public network. The system includes a plurality of client computers which are operatively coupled to the public network. The client computers store at least one persona identifier. Preferably, the persona identifiers are stored in secure hardware which is operatively coupled to the client computer. The system also includes a persona server which is operatively coupled to the public network and maintains a database of access records that are associated with the plurality of persona identifiers. The access records generally include data to associate each persona identifier with the corresponding decryption keys. At least one content provider computer is operatively coupled to the public network. In response to a request for access from one of the plurality of client computers using a persona identifier, the content provider computer generates a challenge message including the persona identifier and verification data associated with the request for access. The content provider computer submits the challenge message to the persona server which in turn generates an authentication object.
[0012] The authentication object generally includes the verification data encrypted based on data in the access record associated with the persona identifier. The authentication object is then presented to the client computer requesting access. If the client computer is an authentic user of the persona, the client computer can retrieve data from the access record to decrypt the authentication object and return the verification data to the content provider computer to establish user authentication.
[0013] Also in accordance with the present invention is a system for authenticating a member of a group of users of a persona prior to granting access rights over a public network. The system includes a plurality of client computers which are operatively coupled to the public network. The client computers store at least one group identifier. Preferably, the group identifiers are stored in secure hardware which is operatively coupled to the client computer. The system also includes a persona server which is operatively coupled to the public network and maintains a database of access records that are associated with the plurality of group identifiers. The access records generally include data to associate each group identifier with the corresponding decryption keys. At least one content provider computer is operatively coupled to the public network. In response to a request for access from one of the plurality of client computers using a group identifier, the content provider computer generates a challenge message including the group identifier and verification data associated with the request for access. The content provider computer submits the challenge message to the persona server which in turn generates an authentication object.
[0014] The authentication object generally includes the verification data encrypted based on data in the access record associated with the group identifier. The authentication object is then presented to the client computer requesting access. If the client computer is an authentic member of the group, the client computer can retrieve data from the access record to decrypt the authentication object and return the verification data to the content provider computer to establish user authentication.
[0015] These and other objects and features of the invention will become apparent from the description of preferred embodiments of the present invention in connection with the drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
[0016] The invention will be described in connection with certain preferred embodiments thereof in connection with the following drawings, in which:
[0017] FIG. 1 is a simplified block diagram illustrating the present system;
[0018] FIG. 2 is a simplified block diagram of the present system and further illustrating the functional blocks of one embodiment of the persona server;
[0019] FIG. 3 is a flow chart illustrating the process of accessing a third party content provider server with a user persona, in accordance with the present invention;
[0020] FIG. 4 is a flow chart which further illustrates the process of a user generating an authentication object in accordance with one embodiment of the invention; and
[0021] FIG. 5 is a flow chart illustrating the process of registering a persona with a third party content provider website.
[0022] FIG. 6 is a system level flow diagram illustrating an embodiment of a persona registration process.
[0023] FIG. 7 is a system level flow diagram illustrating an embodiment of use of a persona to gain access to a third party content provider.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
[0024] FIG. 1 is a simplified block diagram of the present system for authenticating individual users or individual members of a group of users using a pseudo-anonymous identifier, which is referred to herein as a persona. The persona is an identifier which is used to grant rights to users and enable transactions between users and third parties while protecting the actual identity of the user. A user or group of users can have a number of personas which are used for different service providers or content providers. In this way, the ability of such providers to share and accumulate user profile data is reduced.
[0025] Referring to FIG. 1, a client computer 100 is operated by a user and includes appropriate interface circuitry to access a public network 102 , such as the Internet. The client computer 100 can take the form of a personal computer, set-top box, hand held computing device and the like.
[0026] To insure a level of security or trust in the client computer 100 , the client computer 100 includes secure hardware 104 to facilitate the payment for goods and services purchased over the public network 102 . The secure hardware 104 preferably includes a dedicated microprocessor and a secure memory area for storing encryption keys and the like. The secure hardware 104 can take the form of a SURF (secure usage reporting functions) device and associated software, such as the USB WaveMeter™ which includes a SURF C device and is available from Wave Systems Corporation of Plainsboro, N.J. The SURF protocol is described in U.S. Pat. Nos. 5,351,293, 5,615,264, 5,671,283 and 5,764,762 which are hereby incorporated by reference in their entireties. The SURF hardware can be embedded in the client computer or can be added as a peripheral device connected to an interface port of the client computer 100 . The use of appropriate secure hardware 104 and software can render the client computer 100 into a trusted client, i.e., there is a high level of assurance that once verified, the identity of the client is authentic rather than being an imposter or “hacker.”
[0027] An overview of the operation of the system of FIG. 1 is now provided. The client computer 100 communicates with a content provider computer 106 via the public network 102 . Similarly, the client computer 102 communicates with a persona server 108 via the public network 102 . In addition, communication between the content provider computer 106 and the persona server 108 is also provided via the public network 102 . In general, a user of the client computer 102 will request access to the content provider computer 106 and will identify itself with a persona identifier. The content provider computer 106 will provide the persona identifier, along with a challenge message, to the persona server 108 . The persona server will generate an authentication object based upon the information provided by the third party content provider computer and data stored in a database having an access record associated with the persona. The authentication object is provided to the content provider computer 106 which in turn passes the authentication object to the client computer 100 . Using the secure hardware 104 and data from the persona server 108 , the client computer 100 extracts the challenge data and provides the challenge data to the content provider computer 106 as user authentication.
[0028] FIG. 2 is a block diagram of the system of FIG. 1 that further illustrates an exemplary embodiment of the persona server 108 . In this embodiment, the persona server 108 includes an authentication server 200 which is operatively coupled to the client computer 100 and the content provider computer 106 via the public network 102 . There is also a digital rights management (DRM) server 202 and an account management server 206 which are in electrical communication with each other and with the authentication server 200 . The DRM server 202 can take the form of a MyPublish server provided by Wave Systems Corporation of Plainsboro, N.J., which is a known computer server for enabling the secure publication of digital content on a public network, such as the Internet.
[0029] The account management server 206 can take the form of a WaveNet server provided by Wave Systems Corporation of Plainsboro, N.J., which is a known computer server for enabling secure payment of goods and services over the Internet for client computers having appropriate secure hardware 104 and software, such as SURF based hardware and software. A diagnostic server 204 can also be provided. The Envoy Diagnostic Web Server from Wave Systems Corporation of Plainsboro, N.J., is suitable for this application.
News 
Market Data 
Discover 
AI
