최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0826311 (2010-06-29) |
등록번호 | US-9608826 (2017-03-28) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 553 |
A system and method for implementing an interoperable credential management protocol for processing online transactions. The protocol, referred to as the Partner Key Management (PKM) protocol provides an improved alternative to traditional public key infrastructure (PKI), particularly for use in hig
A system and method for implementing an interoperable credential management protocol for processing online transactions. The protocol, referred to as the Partner Key Management (PKM) protocol provides an improved alternative to traditional public key infrastructure (PKI), particularly for use in high-value commercial transactions which require additional controls on the use of credentials for authentication and authorization. According to the PKM protocol, a user may take advantage of credential interoperability by using the same credential at a plurality of different financial institutions for authentication or digital signatures. Additionally, the credential interoperability achieved according to the PKM protocol allows the user to employ the same credential at a plurality of financial institutions for the purpose of digital or electronic signatures.
1. A method comprising: storing, by an institution computer of a first institution, a file comprising a stored policy statement mutually agreed upon by the first institution and a user, wherein the stored policy statement comprises security procedures governing transactions between the first institu
1. A method comprising: storing, by an institution computer of a first institution, a file comprising a stored policy statement mutually agreed upon by the first institution and a user, wherein the stored policy statement comprises security procedures governing transactions between the first institution and the user;generating a credential to execute a plurality of online transactions with the first institution and a second institution;generating a digital signature with the credential using Portable Security Transaction Protocol;receiving, by the institution computer, a request from the user for registration of the credential;examining, by the institution computer, the request for registration of the credential;determining whether the request for registration of the credential complies with registration requirements established by the first institution;in response to determining that the request for registration of the credential complies with the registration requirements established by the first institution, registering, by the institution computer, the credential to represent the user with regard to a plurality of online transactions with the first institution;receiving, from the user, a request for an online transaction comprising a received policy statement and the digital signature, wherein the received policy statement comprises security procedures governing transactions between the first institution and the user;verifying the identity of the user by examining the digital signature;determining whether the received policy statement complies with the stored policy statement; andin response to verifying the identity of the user and determining that the received policy statement complies with the stored policy statement, authorizing, by the institution computer, the requested online transaction; andexecuting the requested online transaction. 2. The method of claim 1 further comprising the steps of: receiving, by the institution computer, an approval of the credential from an approver representing the user's organization; and determining, by the institution computer, whether the approver is on a list of approvers. 3. The method of claim 2, wherein an approval is received from multiple approvers. 4. The method of claim 2, wherein an approval 1 s received from multiple approvers with different roles. 5. The method of claim 1, wherein the first institution and the second institution are financial institutions. 6. The method of claim 1, further comprising independently registering the credential with the second institution in accordance with registration requirements established by the second institution. 7. A non-transitory computer-readable medium comprising computer executable software code executable by a processor to cause the processor to perform a method comprising: storing, by an institution computer of a first institution, a file comprising a stored policy statement mutually agreed upon by the first institution and a user, wherein the stored policy statement comprises security procedures governing transactions between the first institution and the user;generating a credential to execute a plurality of online transactions with the first institution and a second institution;generating a digital signature with the credential using Portable Security Transaction Protocol;receiving, by the institution computer, a request from the user for registration of the credential;examining, by the institution computer, the request for registration of the credential;determining whether the request for registration of the credential complies with registration requirements established by the first institution;in response to determining that the request for registration of the credential complies with the registration requirements established by the first institution, registering, by the institution computer, the credential to represent the user with regard to a plurality of online transactions with the first institution;receiving, from the user, a request for an online transaction comprising a received policy statement and the digital signature, wherein the received policy statement comprises security procedures governing transactions between the first institution and the user;determining whether the received policy statement complies with the stored policy statement; andin response to determining that the received policy statement complies with the stored policy statement, authorizing, by the institution computer, the requested online transaction. 8. The non-transitory computer-readable medium of claim 7, wherein the software code is further operable to cause the processor to independently register the credential with the second institution in accordance with registration requirements established by the second institution. 9. A system comprising: a memory configured to store credential registration requirements established by a first institution and a stored policy statement mutually agreed upon by the first institution and a user, wherein the policy statement comprises security procedures governing transactions between the first institution and the user; anda processor coupled to the memory, the processor configured to:generate a credential to execute a plurality of online transactions with the first institution and a second institution;generate a digital signature with the credential using Portable Security Transaction Protocol;receive a request from the user for registration of the credential;examine the request for registration of the credential;determining whether the request for registration of the credential complies with the credential registration requirements established by the first institution,in response to determining that the request for registration of the credential complies with the registration requirements established by the first institution, register the credential to represent the user with regard to a plurality of online transactions with the first institution;receive, from the user, a request for an online transaction comprising a received policy statement and the digital signature, wherein the received policy statement comprises security procedures governing transactions between the first institution and the user;determine whether the received policy statement complies with the stored policy statement; andin response to determining that the received policy statement complies with the stored policy statement, authorize the requested online transaction. 10. The system of claim 9, wherein the processor is further configured to independently register the credential with the second institution in accordance with registration requirements established by the second institution. 11. A method for establishing an interoperable credential of a first type selected from a group consisting of: a certificate, a one-time password, an IP address, and a machine fingerprint, for use in an online transaction between a user and an institution, the method comprising: storing, by an institution computer of a first institution, a file comprising a stored policy statement mutually agreed upon by the first institution and a user, wherein the stored policy statement comprises security procedures governing transactions between the first institution and the user;generating the interoperable credential to execute a plurality of online transactions with the first institution and a second institution;generating a digital signature with the interoperable credential using Portable Security Transaction Protocol;receiving, by the institution computer, a request from the user for registration of the credential, wherein the request is signed by the digital signature using a credential of second type selected from a group consisting of: a certificate, a one-time password, an IP address, and a machine fingerprint, wherein the first type and the second type are not the same;examining, by the institution computer, the request for registration of the credential;determining whether the request for registration of the credential complies with registration requirements established by the first institution;in response to determining that the request for registration of the credential complies with the registration requirements established by the first institution, registering, by the institution computer, the credential to represent the user with regard to a plurality of online transactions with the first institution;receiving, from the user, a request for an online transaction comprising a received policy statement and the digital signature including the interoperable credential, wherein the received policy statement comprises security procedures governing transactions between the first institution and the user;determining whether the received policy statement complies with the stored policy statement; andin response to determining that the received policy statement complies with the stored policy statement, authorizing, by the institution computer, the requested online transaction if the received policy statement complies with the stored policy statement associated with the user. 12. The method of claim 11, further comprising independently registering the credential with the second institution in accordance with registration requirements established by the second institution.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.