IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
UP-0503181
(2000-02-14)
|
등록번호 |
US-7610614
(2009-11-10)
|
발명자
/ 주소 |
- Frankel, Yair
- Montgomery, Charles T.
- Yung, Marcel M.
|
출원인 / 주소 |
|
대리인 / 주소 |
Pillsbury Winthrop Shaw Pittman LLP
|
인용정보 |
피인용 횟수 :
4 인용 특허 :
3 |
초록
▼
Methods, systems and devices for cryptographic control and maintenance of organizational structure and functions are provided. A method for control and maintenance of an operational organizational structure, the method includes associating entities with cryptographic capabilities; organizing entitie
Methods, systems and devices for cryptographic control and maintenance of organizational structure and functions are provided. A method for control and maintenance of an operational organizational structure, the method includes associating entities with cryptographic capabilities; organizing entities within the organizational structure as roles; and maintaining roles within the organizational structure. The system may involve at least a Public Key Infrastructure operation. Elements in said organizational structure may be assigned to roles and/or groups within said organizational structure.
대표청구항
▼
We claim: 1. A method for control and maintenance of an operational organizational structure, involving cryptographic control and maintenance of entities within one or more business organizations, the method being automated using a computing device, the method comprising: associating cryptographic
We claim: 1. A method for control and maintenance of an operational organizational structure, involving cryptographic control and maintenance of entities within one or more business organizations, the method being automated using a computing device, the method comprising: associating cryptographic capabilities with electronic representations of entities within an organizational structure of the one or more business organizations; organizing entities within the organizational structure as roles through associating the electronic representations of entities with electronic representations of roles; and upon any addition, deletion or modification of an entity, a cryptographic capability, or any of their associations, maintaining roles within the organizational structure by adding, deleting or modifying electronic representations of the entities, cryptographic capabilities, roles, or any of their associations. 2. A method as in claim 1, wherein the method involves at least a public key infrastructure operation. 3. A method as in claim 1 wherein the control and maintenance further comprises: assigning elements in said organizational structure to roles within said organizational structure. 4. A method as in claim 1 wherein the control and maintenance further comprises: assigning elements in said organizational structure to groups within said organizational structure. 5. A method as in claim 3 wherein at least some of said elements are already grouped elements. 6. A method as in claim 1 wherein said method involves access control technology. 7. A method as in claim 1 wherein said method involves at least an access control operation. 8. A method as in claim 1 wherein said method involves at least a data-base operation. 9. A method as in claim 1 wherein said method involves at least one operation implemented in a hardware device. 10. A method as in claim 1 wherein the operational organizational structure represents at least one commercial organization. 11. A method as in claim 1 wherein the operational organizational structure represents at least two organizations, and wherein one of said organizations performs at least one function on behalf of another of said organizations. 12. A method as in claim 1 wherein the method further comprises changing software whose authorization is checked. 13. A method as in claim 1 wherein the method further comprises changing hardware. 14. A method as in claim 1 wherein the method further comprises moving hardware. 15. A system for control and maintenance of an operational structure involving at least one cryptographic method, entities within a business organization, characteristics of said entities and relationships between said entities, wherein the system comprises code executable by a computing device to: maintain electronic representations of capabilities of entities of a business organization; maintain electronic representations of functions of said entities; maintain electronic representations of characteristics of said entities; maintain electronic representations of relationships of said entities; and change the maintained electronic representations of said entities said characteristics and said relationships upon an addition, deletion, or modification of a characteristic or relationship of the entities. 16. A system as in claim 15 where at least one of said entities is an individual in an organization. 17. A system as in claim 15 where at least one of said entities is a group of individuals in an organization. 18. A system as in claim 15 where at least one capability is a role in an organization. 19. A system as in claim 15 where at least one capability is a task in an organization. 20. A system as in claim 15 where at least one function is an operation by a functionary in an organization. 21. A system as in claim 15 where at least one function is an operation by a group of functionaries in an organization. 22. A system as in claim 15 where said entities in an organization are represented in a public key infrastructure directory. 23. A system as in claim 15 where at least one of said characteristics and said relationships is represented in a directory. 24. A system as in claim 15 where at least one of said characteristics, at least one of said relationships, or both is represented in a public key infrastructure directory. 25. A system as in claim 15 where an operation of said system involves updating at least one directory. 26. A system as in claim 15 where an operation of said system involves updating at least one public key infrastructure directory. 27. A system as in claim 15 where said code to change said maintained elements comprises code to change information processing control structure. 28. A system as in claim 15 where said code to change said maintained elements comprises code to change cryptographic certification information within the public-key infrastructure directories. 29. A system as in claim 15 where said code to change said maintained elements comprises code to change databases. 30. A system as in claim 15 where said code to change said maintained elements comprises code to change cryptographic certification information within the public-key infrastructure directories and further database changes. 31. A system as in claim 15 where said entities, said characteristics and said relationships are maintained by combining databases components and components of certification authorities of a public key infrastructure. 32. A system as in claim 15 where said entities are represented in one directory and said characteristics and said relationships are represented in a second directory. 33. A system as in claim 15 where said entities are represented in at least a first directory and said characteristics and said relationships are represented in at least a second directory. 34. A system as in claim 15 comprising observers, where said entities said characteristics and said relationships are partially visible to various observers. 35. A system as in claim 15 where an operation of said system comprises cryptographic key management operations. 36. A system as in claim 15 where an operation of said system is activated by at least one designated entity amongst said entities. 37. A system as in claim 15 where an operation of said system is activated based on agreed upon rules. 38. A system as in claim 15 where an operation of said system is activated based on authorizations. 39. A system as in claim 15 where an operation of said system comprises database maintenance operations involving said entities said characteristics and said relationships. 40. A system as in claim 15 where said characteristics and said relationships define authorization rules. 41. A system as in claim 15 where said characteristics and said relationships define authorization rules based on access structure. 42. A system as in claim 15 where said characteristics and said relationships define authorization rules based on cryptographic capability. 43. A system as in claim 15 where said characteristics and said relationships define authorization rules based on shared cryptographic capability. 44. A system as in claim 15 with the additional operations of logging said system's operations. 45. A system as in claim 15 with the additional operations of logging said system's operations, where said logging is performed in various locations in said system. 46. A system as in claim 15 with the additional operations of monitoring operations within said system. 47. A system as in claim 15 with the additional operations of time-stamping operations within said system. 48. A system as in claim 15 where at least one of said system's operations is performed distributedly via communication. 49. A system as in claim 15 where at least one of said system's operations is a distributed database operation. 50. A system as in claim 15 where at least one of said system's operations involves physical handling of devices to one of said entities. 51. A method as in claim 1 where a plurality of entities are electronically visible to one part of the organization, a first set of outside viewers, or both, and roles or characteristics thereof are electronically visible to another part of the organization, a second set of outside viewers, or both. 52. A method as in claim 1 where maintaining of roles within the organizational structure is protected and can be performed only by an authorized party inside or outside the organization. 53. A system as in claim 15 where a plurality of entities are electronically visible to one part of the organization, a first set of outside viewers, or both, and roles or characteristics thereof are electronically visible to another part of the organization, a second set of outside viewers, or both. 54. A system as in claim 15 where change to the maintained electronic representations of said entities said characteristics or said relationships is protected and can be performed only by an authorized party inside or outside the organization.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.