US20060020783A1 - Method, system and service for conducting authenticated business transactions - Google Patents

Method, system and service for conducting authenticated business transactions Download PDF

Info

Publication number
US20060020783A1
US20060020783A1 US11/197,955 US19795505A US2006020783A1 US 20060020783 A1 US20060020783 A1 US 20060020783A1 US 19795505 A US19795505 A US 19795505A US 2006020783 A1 US2006020783 A1 US 2006020783A1
Authority
US
United States
Prior art keywords
users
authentication
pams
service
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US11/197,955
Inventor
Douglas Fisher
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US11/197,955 priority Critical patent/US20060020783A1/en
Publication of US20060020783A1 publication Critical patent/US20060020783A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/085Payment architectures involving remote charge determination or related payment systems
    • G06Q20/0855Payment architectures involving remote charge determination or related payment systems involving a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/18Legal services; Handling legal documents
    • G06Q50/188Electronic negotiation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response

Definitions

  • the invention relates to a system and method for conducting authenticated business transactions over an open multi-platform public network.
  • the buyer and seller have established a trusted relationship prior to the transaction, which gives the seller enough confidence to ship the goods subject to later collection, usually upon invoice.
  • the ability to leverage trusted long term relationships is certainly advantageous, but is becoming increasing difficult, especially over the Internet.
  • Global traders looking to quickly establish new trading relationships to increase sales or to reduce costs must either go through a time consuming process to develop the relationship over time, or incur a risk since verifying the identity of the trading partner in another country is difficult.
  • the ability to quickly form trusted business relationships is becoming mission critical and central to this capability is the ability to globally ensure the identity of each trading partner.
  • PKI public key infrastructure
  • PKI involves distributing a public key and a private key to users. A message encrypted with the private key can be decrypted with the public key.
  • a common way of using PKI for authentication is to distribute the public key along with a message encrypted by the users private key. The validity of the public key is assured by distributing it in the form of a certificate which has been signed with the private key of a trusted certifying agent. The certificate can be verified using the well known public key of the certifying agent, and the user's public key can be used to decrypt the original message to authenticate the user by verifying that the message was encrypted using the user's private key.
  • the software camouflaging technique is more readily scaled to large numbers of users and curing breach of security is less of an issue since authentication is only handled by a limited number of servers. No means is provided, however, for non-trusted entities to accomplish validation. For this reason the technique could be called pseudo PKI.
  • the current generation of e-commerce applications is directed towards establishing authentication of clients to a particular Internet based services, i.e., connecting a user to a particular Internet based business with which the user is aware and where the user establishes an identification relationship of some type prior to transacting business.
  • Authentication is carried out by each business, by some suitable means whereby he can recognize a person who has previously established a relationship.
  • Several models have become popular. In one simple model, the user knows the URL address of an e-business and contacts the business. The user and business establish a relationship according to a protocol established by the business and thereafter the user authenticates himself according to the protocol, often entering a user name and password which are compared to values stored in a database on the business' server.
  • the user is directed to a choice of businesses by a portal, whereupon the experience is similar to previous model.
  • Still another class of e-businesses follow the structure of an exchange, where the exchange business establishes relationships with potential buyers and sellers who offer to buy or sell goods or services, such offers being matched in some way—by the exchange.
  • the actual transaction is usually consummated (payment, shipping, other infra-structure) outside of the exchange directly between the buyer and seller.
  • authentication is handled ad hoc according to the protocol set up by the Internet business owner, and in the case of the exchange possibly multiple times by the principals themselves.
  • the broker keeps each user's access rights to each service provider on record and provides these to the service provider at each session.
  • Service providers generate a billing event message for each service utilized by the user and independently send each billing event message to the brokering service.
  • the brokering service bills the consumer for services used. While providing an important improvement to the art, U.S. Pat. No. 5,815,665 has a number of deficiencies which limit its use for promoting global trade transactions. First, the degree of authentication is limited to the security of a password, and the password is stored along with the identity of the consumer on the brokering service's database. Second, the service is asymmetric.
  • brokering service does not independently mediate the interaction between the user and the service provider but must rely on the report of the user's activities provided by the service provider through the billing event messages, thus allowing for disagreements or repudiation between the user and service provider. Also, there is no provision for the users of the multiple service providers to interact.
  • Another model of authentication involves providing infrastructure for existing business partners to securely share their information and computational resources among partners and allocate access among different users.
  • These systems may provide limited access to users over a public network such as the Internet, but often involve the use of special network hardware for full access or a VPN.
  • These systems are only available for users with a preexisting relationship and do not provide a method for forming a secure trust relationship over a public network. They do not provide a method to simultaneously connect arbitrary combinations of users.
  • the established models do not make optimal use of the Internet to promote global trade. First they leave the users to establish a multiplicity of relationships with different trade partners. The user has to know of the existence of the business and establish a relationship of trust and a basis for future authentication on an ad hoc basis. Also the type of transaction which can take place directly over the Internet is limited to simple transactions which are carried out in the predetermined format determined by the business owner, since the only relationship which has been established is between the user and the business and between the business and certain pre-determined infrastructure providers which have been chosen. This limitation precludes e-commerce transactions which are much more complicated than the standard models which were previously described.
  • the instant invention pertains to a method, an online service, and a system, for creating trade partnerships based on trust relationships over a public network, reliably authenticating trade partners, infrastructure providers and collaborators to each other over a distributed network such as the public Internet and providing authenticated users with an environment suitable for conducting business transactions requiring a high level of trust, particularly in world wide trade.
  • the invention addresses the problems of establishing trusted relationships among widely separated and disparate parties which do not necessarily have a preexisting relationship, and providing an environment suitable for forming relationships and carrying out business transactions in a non-repudiation environment.
  • the service acts as a trust broker by providing a unique mechanism for creating, monitoring, and enforcing trust relationships in business transactions involving a network accessed by micro processor equipped devices.
  • the invention pertains to a persistent authentication and mediation service (PAMS) which is provided as an on-line service on a public distributed network such as the Internet.
  • PAMS persistent authentication and mediation service
  • a PAMS is an online service provided over the network which is capable of authenticating groups of two or more users to each other by authenticating each user to the PAMS and connecting the authenticated users to each other under persistent mediation of the PAMS.
  • Authentication refers to the processes of a first entity proving its identity to one or more other entities over the network.
  • Mediation refers to the fact that communications between authenticated users pass through the PAMS giving the PAMS the capability to monitor the interaction and compile an audit trail.
  • Persistent refers to the fact that interaction remains mediated during the entire interaction under the PAMS, and messages persist until delivered. Persistent messaging is based on asynchronous communication. The audit trail is compiled by monitoring mediated messages and saving pre-selected or user selectable messages for permanent storage and retrieval. The content of messages may be stored and retrieved.
  • Authentication of a user to PAMS according to the invention is accomplished by a “closed” authentication system, that is one where a prior relationship is required between the user and the authenticating party.
  • the preferable closed authentication system is a closed PKI system, one where the PKI Certification Authority (CA) performs the authentication.
  • CA PKI Certification Authority
  • the overall operation of the PAMS serves as an “open” authentication system, that is one where the users do not need to have a direct prior relationship, but have trust in each other's authenticity based on the authentication of the other to the PAMS and their connection to each other under persistent mediation of PAMS.
  • One embodiment of the invention is a process for conducting authenticated transactions among users employing microprocessor equipped devices over a distributed public network such as the Internet.
  • the method involves providing a persistent authentication and mediation service (PAMS) on the network which carries out the following acts:
  • PAMS persistent authentication and mediation service
  • the method embodied by the persistent authentication and mediation service provides the major elements of trust required for conducting trade over a network such as the Internet, wherein trust in the service is substituted for trust in the other party, including:
  • Authentication provided by the PAMS differs from prior art methods which provide for a population of otherwise unrelated members to authenticate to each other.
  • Authentication by the PAMS is a two step process involving first authenticating the users to the PAMS and then connecting authenticated users to each other under persistent mediation of the PAMS.
  • Authentication of a large and disparate group of users to a single authenticating entity to whom they are known can be done with a much higher level of confidence and trust than direct authentication of the many users to each other.
  • a PAMS according to the invention provides a way to provide the security possible in the many-to-one authentication while achieving the end results of many-to-many authentication.
  • the PAMS provides the high level of confidence which is associated with authentication to a single authenticating entity, to the situation where many users need to authenticate to each other.
  • the PAMS provides symmetric authentication of users to each other, as opposed to one way authentication of a user to a service or server.
  • the PAMS provides for authentication of multiple parties to each other. Since all interactions between users is mediated by the PAMS, interactions may be anonymous while still being authenticated. Anonymous transactions are conducted by referencing the identity rather than revealing it. Verified information about authenticated users can be exchanged without revealing the actual identity of the users to each other.
  • the combination of authentication with mediation allows for user management of privacy and negotiation between parties on what will be revealed. This latter feature is important for the early stages of establishing a trusted relationship.
  • a mediated interaction has an audit trail which is maintained under the control of the PAMS, but is available to the users.
  • An important feature of an interaction under the PAMS is that users, including users of different types, interact under circumstances where after their identity is authenticated by the PAMS and they are connected to other users under mediation of the PAMS, the interaction continues to be mediated by the PAMS during the interaction, so that an audit trail is accumulated.
  • the audit trail is available to the users during the interaction.
  • Another key feature is that groups of three or more users may interact.
  • the mediated environment is a key part of establishing trust in the identity of the parties during the authentication process and is the basis for monitoring and enforcing trust during and after the transaction.
  • a preferred implementation of the invention utilizes two new classes of network software which are particularly and synergistically suited for providing the PAMS.
  • a preferred implementation comprises a host site connected to the network, the host site including at least one computer server operated by an open software platform providing intelligent interactions, a persistent authentication and mediation service comprising a strong software pseudo-PKI authentication agent operating on the open software platform, an audit agent operating on the open software platform for compiling an audit trail of mediated interactions, and application software operating on the open software platform with functionality for enrolling users, authenticating enrolled users, allowing authenticated users to dynamically find suitable partners according to criteria which they specify, allowing authenticated partners to interact under the mediation of the persistent authentication and mediation service through the open software platform, and allowing members access to the audit trail at the application level, including access to the content of the interaction.
  • the authentication system further comprises a customer database server comprising a database of information about the registered businesses, the database being accessible to the persistent authentication and mediation service.
  • an open software platform refers to a platform where users and enabled services operating under the platform can interact regardless of their hardware or operating systems, system management strategies, development environments or device capabilities. Intelligent interaction refers to the ability of enabled services to discover, negotiate, mediate, and compose themselves into more complicated services.
  • a preferred open software platform is Hewlett Packard's e-speak, currently available as version 3.01.
  • the e-speak platform is implemented by an e-speak core program which operates on a user's computer or server.
  • enabled services are referred to as e-Services.
  • the ability to discover refers to the fact that when an e-service registers with a host system accessible to the Internet and creates a description of the service it provides, users of the system can automatically discover services which have desired attributes, and contact them without needing to have known about the service in advance or knowing its URL.
  • To negotiate refers to the fact that e-speak negotiates between the requester and provider to eliminate services which are outside of the requested criteria.
  • To mediate refers to the fact that users are connected through the e-speak core and e-speak continuously intermediates the service delivery after the user and e-service have been connected. The mediation is persistent in that an asynchronous message transfer system is provided to retain messages until delivered.
  • e-speak While e-speak mediates all interactions, it does not create a permanent audit trail by saving the interactions after delivery.
  • the audit function of PAMS is an application running on e-speak called the audit agent.
  • An audit trail may include the content of an interaction.
  • the audit agent intercepts specified events or messages during mediation based on application level monitoring, and stores them in a database. To compose refers to the ability of e-services to combine themselves into more complex, cascading e-services even dynamically.
  • E-speak is in essence an “operating system” for building e-services operating on the platform.
  • An open software source is provided to build business applications.
  • the e-speak platform does not provide for sufficient security since there is no way provided to protect the user private keys.
  • e-speak is intended for services to interact and transact without being centrally managed or provided.
  • Central to the original intent of e-speak is that a service which is registered according to a known vocabulary, is instantly discoverable to another party through the dynamic discovery feature.
  • a persistent authentication and mediation service according to the invention requires all users to register with the PAMS to become part of a closed community.
  • the PAMS is antithetical to the original intent of the open software platform and uses it in a fundamentally different manner than intended.
  • a preferred technology for software protected pseudo PKI is a system such as the pseudo PKI system described in U.S. Pat. No. 6,170,058, “Method and Apparatus for Secure Cryptographic Key Storage, Certification and Use”, and “Software Smart Cards via Cryptographic Camouflage” by D. Hoover and N. Kausik (1999 IEEE Symposium on Security and Privacy”).
  • the above technique protects the private key by means of a cryptographic software camouflage, which provides similar security benefits to hardware based PKI but is limited to circumstances where messages are only verified by pre-defined trusted entities. This restriction occurs since the method requires that to maintain security of the private key, the user's public key be distributed on a certificate in an encrypted form which can only be decrypted by a secret key.
  • the technique has generally been relegated to authenticating users to a server. Since the public key is only made available in encrypted form the system may be called pseudo PKI.
  • the software camouflage technique places the private key on the user's site so that it is released when the user enters a correct password.
  • the private key is not merely encrypted with the password, however, but it is said to be camouflaged because when incorrect passwords are inputted, in many cases a false but otherwise plausible private key is generated.
  • a challenge message encrypted with a false key is identifiable when submitted for authentication.
  • the software camouflaging technique is readily scaled to large numbers of users since authentication is only carried out by a limited number of servers. This allows for minimal software requirement on the user's network access device and elimination of the need for hardware protection of the private key.
  • WebFortTM The pseudo PKI technology described above has been implemented in software known as WebFortTM.
  • WebfortTM is not capable of operating in a distributed e-services environment and is suitable for authenticating users to a server or integrated group of servers which constitutes a resource which the user seeks to access rather than for common authentication of unrelated entities to each other.
  • the WebFortTM system does not support a mediated infrastructure.
  • the WebFortTM functionality is organized into separate components and encapsulated in a custom software container operating on the e-speak core to provide the functionality needed for authentication by the PAMS.
  • the discovery and collaboration features are implemented as software applications operating on the e-speak core. Interactions between users and the PAMS and between users connected through the PAMS are mediated by the e-speak core. An audit trail of mediated interactions is created and preserved by audit agent software operating on the e-speak core.
  • the preferred network is the public Internet, though embodiments of the invention can be applied to other public or private networks as well, and while the methods are described as being capable for facilitating transactions in global trade, it should be appreciated that the invention is equally applicable to smaller distances and other networks and not limited to global trade or the Internet.
  • the combination of the software pseudo PKI authentication agent, the audit agent, and the intelligent software platform provides unexpected benefits for enabling global business transactions. Placing the authentication agent on the intelligent software platform (e-speak) makes it possible to realize the security benefits of PKI in a manner practically suited for use in world trade where there are a large number of users seeking authentication to each other, as distinguished from authentication of users to a single server or service to which they seek access.
  • the use of an encrypted public key in pseudo PKI is not a limitation since the PAMS is an intermediary to authentication and users have no need to know other users' public keys, since the authentication between two users occurs by both being individually authenticated to the PAMS, and then being authenticated to each other through mediation of the PAMS.
  • the combination allows for providing the important elements identified for conducting business in an authenticated environment.
  • users can dynamically locate suitable partners who are also enrolled in the system based on the software platform's discovery capability, and can become authenticated to other suitable users which have been located. Users have both fixed information which has been verified and dynamically variable data to aid in selection.
  • suitable partners Once suitable partners have been identified they can be introduced and connected as equals under the mediation of the persistent authentication and mediation service through the open software platform with the same high level of trust and confidence that they would have if each user maintained his own PKI authentication infrastructure.
  • a collaboration environment is provided to facilitate making and memorializing a deal based on the persistent mediation of the software platform and the audit trail created by the audit agent. Sufficient evidence is collected to support non-repudiation. Partners are able to put together a complex project team by locating and seamlessly connecting additional authenticated participants. Workflow tools, authenticated bulletin board interactions, trading partner agreements, and deal libraries are provided.
  • Users may be of any type which has access to the network through a microprocessor equipped device.
  • a first type of user accesses the Internet through an Internet Service Provider using a browser.
  • a second type of user has outsourced authentication for a web site or other network accessible application to the persistent authentication and mediation service.
  • a third type of user could be a web connected automated software application or software operated hardware device.
  • each user would receive software which allows the particular user type to interact with the persistent authentication and mediation service.
  • Each user would also receive a software smart card containing a camouflaged private key and a digital certificate containing an encrypted public key.
  • a business will generally enroll with its own identity which will be verified by the persistent authentication and mediation service as well as a number of users which may include a combination of the types of users.
  • Each user will have one or more personas, each of which contains a subset of the verified business and user information.
  • a persona identifies a user as part of the business as well as a particular unique individual (human or otherwise).
  • Each business and user will also have information which may be dynamically varied by the user, such as a “shopping list” or inventory list.
  • a persona can identify a user's role within a business, such as the user's title and the amount the user is authorized to spend.
  • a persona can be anonymous or not.
  • the authentication process can be initiated by a direct request from the user to the persistent authentication and mediation service, or alternatively by a request to another user's world wide web site which uses the persistent authentication and mediation service to regulate access to the site.
  • the software provided to the web site will refer the user to the PAMS, which will authenticate the user and connect it to the web site, now under mediation of the PAMS. All communications with the persistent authentication and mediation service are mediated through the open software platform and once connected the user's interaction will be mediated by the persistent authentication and mediation service through the open software platform.
  • a unique feature of the PAMS is its ability to provide one or more additional Authentication Providers (AP) in addition to the default authentication application described above as a part of the persistent authentication and mediation service.
  • AP Authentication Providers
  • These additional Authentication Providers would perform private key software smart card issuance and authentication in some specialized manner such as extremely rapid authentication, an authentication accompanied by authentication insurance, or stronger security due to longer cryptographic keys.
  • the PAMS goes beyond the traditional role of providing a simple confirmation of whether a user is authentic, but allows a user to personalize authentication needs. For instance, some users will only want to deal with other users who use authentication accompanied by authentication insurance.
  • PAMS can provide more than one Audit Providers, in addition to the default functionality provided in PAMS.
  • PAMS may perform special functions such as service quality monitoring, transactional volume monitoring, and status and status monitoring to support functions such as producing a bill for a service provider.
  • PAMS is uniquely situated to monitor members' usage of another member's services and bill accordingly based on the mediation of all transactions. Another similar feature is that PAMS can be used to compile a map of transactions carried out by users. This map would show the type or frequency of contacts with other users.
  • PAMS may track the amount purchased through PAMS and proactively notify business of any exceptions.
  • the value the audit agent and audit providers add is the ability to enforce trust relationships.
  • An object of the invention is to provide a method and system for providing a Persistent authentication and mediation service for reliably authenticating potential trade partners, infrastructure providers and collaborators of disparate types and in widely separated locations to each other over a distributed network such as the public Internet and providing authenticated users with an environment suitable for conducting business transactions requiring a high level of trust, particularly in world wide trade.
  • a further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which is suitable for authentication of groups of disparate and widely separated users to each other under circumstances such as global trade where a trusted relationship is required.
  • a further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which will allow users to locate suitable trusted collaborators based on dynamically variable and verified information.
  • a still further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which will allow groups of authenticated users to interact under the mediation of the Service, such that the Service directly compiles an audit trail and information from the audit trail is made available to the interacting users.
  • a still further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which allows for peer to peer mutual authentication of groups users of different types.
  • a still further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which allows users to substitute trust in the Service for a direct relationship with another user in the steps of finding potential suitable trade partners, authenticating the identity of other users, and conducting a secure mediated interaction with other users.
  • FIG. 1 is an overview block diagram of a preferred Persistent Authentication and Mediation Service (PAMS) which shows the system architecture.
  • PAMS Persistent Authentication and Mediation Service
  • FIG. 2 is a diagram which shows a typical load balancing configuration of a PAMS system.
  • FIG. 3 is a block diagram showing the key process steps of a PAMS.
  • FIG. 4 is a block diagram showing the registration process.
  • FIG. 5 is a block diagram showing the authentication process.
  • FIG. 6 is a block diagram showing the discovery process.
  • FIG. 7 is a block diagram illustrating the process whereby two users establish a relationship.
  • FIG. 8 is a block diagram illustrating the collaboration process.
  • FIG. 9 is a block diagram illustrating an application of a PAMS to an exchange (Example 3).
  • FIG. 10 is an exemplary Home Page for a PAMS.
  • FIG. 11 is an exemplary Discovery Portal for a PAMS.
  • FIG. 12 is an exemplary Persona Portal.
  • FIG. 13 is an exemplary Collaboration Portal.
  • FIG. 14 is a drawing which shows typical hardware for a PAMS.
  • FIG. 15 is a flow chart of a normal PAMS workflow.
  • the instant invention pertains to a method, an online service, and a system, for reliably authenticating trade partners, infrastructure providers, and collaborators to each other over a distributed network such as the public Internet and providing authenticated users with an environment suitable for conducting business transactions requiring a high level of trust, particularly in world wide trade.
  • PAMS on-line persistent authentication and mediation service
  • a PAMS is a service provided over a network which is capable of authenticating groups of two or more users to each other by authenticating each user to the PAMS and then connecting authenticated users under persistent mediation of the PAMS.
  • Authentication refers to the processes of a first entity proving its identity to one or more other entities over the network.
  • Mediation refers to the fact that communications between authenticated users pass through the PAMS giving the PAMS the capability to monitor the interaction and compile an audit trail.
  • Persistent refers to the fact that interaction remains mediated during the entire interaction, and the messages are transferred asynchronously so that the service maintains the message until it is delivered.
  • an on line PAMS is a service which is provided over a public network, such as the Internet, which is directly accessible to users of the network having the ordinary hardware to access the network, based on authentication and persistent mediation supplied by the PAMS.
  • Authentication among many users is thus a two step process comprising authentication of each user to the PAMS followed by connection of the authenticated users through mediation of the PAMS.
  • the two step process allows unexpected benefits in level of security and trust in the authentication and scalability to a system, particularly when there are a large number of widely separated users of many different types seeking to authenticate to each other.
  • authentication of many users to a central party is intrinsically subject to much greater security and assurance than providing for each of the many users to authenticate directly to each other (many-to-many authentication).
  • a PAMS according to the invention provides a way to provide the security possible in many-to-one authentication while achieving the end results of many-to-many authentication.
  • the goal of authentication in large scale electronic commerce is to provide the capability for “stranger-to-stranger” authentication, that is authentication of any two parties where the parties have complete trust that they know who they are dealing with while having had no prior relationship.
  • stranger-to-stranger authentication of any two parties where the parties have complete trust that they know who they are dealing with while having had no prior relationship.
  • what is required is the even more difficult task of authenticating a group (two or more) of strangers to each other.
  • PKI Public Key Infrastructure
  • each party has a private key and a public key.
  • the private key is known only to the owner while the public key is readily available but associated in some way with the owner.
  • the private key In order to be useful for authentication the private key must be subject to the strictest security measures so that no other party can have access to it or invoke it.
  • a trustworthy third party must verify the public key/private key pair and verify that the private key is in the possession of the actual person seeking to use the keys for authentication.
  • This is usually done by a trusted third party certification authority (CA) issuing a digital identity certificate binding the identity of the owner to a public key and signing the certificate with the private key of the CA (signing is the process of encrypting a message or digest of a message with a party's private key so that a person seeking to authenticate the message can do so by decrypting the encrypted message with the party's public key and comparing the decrypted message with the original message or digest to see whether they are identical.)
  • CA trusted third party certification authority
  • the method is no more secure than the confidence in the identity certificates and the confidence in the security of the private keys.
  • a very extensive infrastructure would need to be supplied to accomplish a secure stranger-to-stranger system, usually employing a second agent known as a Registration authority (RA) who verifies the actual identity of a party seeking a certificate, obtains the public key, verifies that the party is in possession of the private key and that the private key is secure, and arranges for the secure delivery of the certificate.
  • RA Registration authority
  • An authentication system such as described above is often called an “open” authentication system, in that parties may authenticate without having a prior direct relationship to each other.
  • a less satisfactory approach to PKI for authentication in a closed authentication system may be realized through requiring a user to share information they know or otherwise producing evidence of their identity.
  • Many authentication techniques have been developed for this purpose such as user-ID/password, and symmetric cryptosystems, such as Kerberos. These systems provide a lesser degree of security than PKI, and are not generally satisfactory, but may be acceptable when combined with the extra security PAMS mediation provides.
  • a user-ID/password could be supplemented by PAMS requiring the user to answer a question based on information in the PAMS audit trail.
  • the many-to-one model is intrinsically more secure than the many-to-many model simply because the certificates are only used by the one party which authenticates users seeking to use the resource which it protects.
  • the authenticating party is also the CA and RA, or is closely related to them. This is a model often used for authentication within an enterprise where the authenticating party is protecting access to some resource, where the group is a limited in size and has a “real life” relationship to the authenticating party through the enterprise. It is often practical, in such an environment, to protect the private keys with very secure devices such as hardware smart cards, and to provide a further measure of security by encrypting the public key with a key known only to the authenticating party.
  • Such a system provides a very high level of security and a very high level of confidence or trust that a user seeking authentication is the party it purports to be.
  • An authentication system is said to be closed when a party being authenticated requires a prior relationship with the authenticating party.
  • a PKI architecture is often termed to be “closed” when only the CA relies on the identity certificates for authentication. In such a system parties must have a prior relationship with the CA prior to authentication.
  • a PAMS according to the invention is a hybrid of open and closed architectures in that it provides users authenticating to each other in a many-to-many environment with the high degree of confidence and security that characterizes the many-to-one environment because each user in fact begins a session by authenticating itself to the PAMS according to the many-to-one closed model where only the PAMS must directly rely on the identity certificates, and it has issued those certificates.
  • the users then authenticate with other users by virtue of their trust in the PAMS and their connection to the other users which is mediated by the PAMS. Users of the PAMS have their identities verified through an enrollment process prior to being eligible for authentication to other users.
  • Authentication of a first user and a second user in PAMS is accomplished by the first user and the second user authenticating to PAMS using a closed system architecture, preferably a closed PKI architecture, and then authenticating to each other by PAMS connecting the first member to the second member to each other using the persistent mediation of PAMS.
  • a closed system architecture preferably a closed PKI architecture
  • a novelty of the instant invention is the application of a closed authentication model system to a model that can comprise many members authenticating to each other, for instance in a manner consistent with meeting the demands of authentication among trading partners in global trade conducted over the Internet.
  • a PAMS according to a preferred embodiment of the invention authenticates users based on a PKI system where the private key and digital certificate are secured by software. This is important so that the system will be practically scaleable to a population of many distant and disparate users. Registration, distribution and administration can be accomplished over the network.
  • a preferred PKI system involves protection of the private key by cryptographically camouflaging it in a software container, i.e., a software smart card. This system provides the same level of protection as hardware smart cards under circumstances where the public key is encrypted so as to be accessible only to the party performing authentication. The structure of the PAMS allows adherence to the latter condition.
  • PAMS issues software smart cards
  • the cards will generally conform to standards which allow it to interact with other devices.
  • PKCS Public-Key Cryptography Standards
  • PKCS #11 defines a technology independent programming interface known as Cryptoki, for cryptographic devices such as smart cards and PCMIA cards.
  • Cryptoki technology independent programming interface
  • the preferred embodiment of the invention is compatible with PKCS #11.
  • a PAMS could also adopt alternate compatibility standards. Thus it is possible for an application to request credentials from their software smart card just as if it were a hardware card, and for PAMS to accept credentials from a hardware card.
  • PAMS establishes a Trust domain which follows a single certificate Policy statement so that all users trust the authentication from anywhere in the domain.
  • the main Trust domain of the preferred embodiment uses software smart cards as the authentication approach.
  • PAMS offers a capability to recognize and authenticate credentials of external Registration Authorities defining Trust Domains external to PAMS and securing user credentials in a compatible device.
  • external Registration authorities require a higher level of security validation to PAMS prior to service.
  • Authentication is the first part of a trust relationship. Since users are connected under mediation of the PAMS, the interaction continues to be monitored by the PAMS, establishing an audit trail which is accessible to the interacting users.
  • the PAMS provides a non-repudiation environment which ultimately supports enforcement of the results of the interaction.
  • the PAMS provides functionality which allows users to discover other members according to dynamically variable criteria, based on information which has been verified by the PAMS as well as user controlled information.
  • the PAMS provides functionality for collaboration between members and documentation of the collaboration based on the audit trail compiled due to the mediation function. Collaboration may include many normal network functions provided in a non-repudiation environment, such as certified delivery electronic mail and ability to sign documents and verify the signing.
  • Trust may be based on the reputation of a party, that is a generally held opinion about the party.
  • a party may have confidence or trust in another party based on his own experience in dealing with the party. This method often used in every day transactions and is often a time consuming learning process based on a sequence of transactions involving gradually increasing importance.
  • Trust may also be based on general reputation in a community where the parties interact. Trust may also be based on recommendations of other parties. Finally, trust may be based on insurance obtained from an outside source.
  • the structure of the PAMS provides an unexpected benefit in providing a basis for establishing trust in direct transactions over a public network such as the Internet without necessity of any relationship other than PAMS.
  • the PAMS begins the establishment of trust by verifying the identity of users and verifying their credentials in an enrollment process prior to issuing an identity certificate.
  • the PAMS also has the ability to allow a user to select from alternative authentication options which offer different levels of security, convenience, and cost. Since interactions between users are mediated by the PAMS, the PAMS may obtain a continuously evolving independent rating of a user based on the number, type, and quality of interactions, and a reputation based on feedback from other users. This information can be supplied to other users considering establishing a relationship or by an insurance provider who can provide insurance for a transaction based on the reputation or the party's authentication security level.
  • PAMS persistent authentication and mediation service
  • a persistent mediated interaction has an audit trail which is maintained under the control of the PAMS, and is available to the users.
  • An important feature of an interaction under the PAMS is that users, including users of different types, interact under circumstances where after their identity is authenticated by the PAMS and they are connected to other users under mediation of the PAMS, the interaction continues to be mediated by the PAMS during the interaction, so that an audit trail is accumulated.
  • the audit trail is available to the users during the interaction and may include the content of the interaction. Exactly what content will be preserved is user determined.
  • Another key feature is that groups of three or more users may interact.
  • the mediated environment is a key part of establishing trust in the identity of the parties during the authentication process and is the basis for monitoring and enforcing trust during and after the transaction.
  • Mediation of interactions also provides capabilities which are ancillary to authentication.
  • One capability is for businesses to monitor the quality of service provided by their business partners.
  • Another example is to monitor the response time experienced by visitors to the business's site.
  • Mediation is a valuable feature which most users will wish to retain throughout an interaction. However, in some cases users may choose to continue the interaction outside of the PAMS mediation and the audit trail. Mediation is mandatory for establishment of full trust during authentication, but optional after authentication. Users may elect to carry on interactions through a parallel connection which is not mediated by PAMS. PAMS may readily be configured to offer users to alternate between the mediated and direct connection.
  • PAMS provides the optional feature of monitoring one user's use of another user's resources, and billing for those resources. Another optional feature is to compile a transaction usage map for users which reveals the identity and frequency of user contacts with other user's. This feature can provide a valuable tool for analyzing a user's business patterns, for instance identifying bottlenecks.
  • Another optional feature is the capability for authenticated users to interact with network users which are not authenticated or even enrolled in the PAMS. For instance an authenticated Internet user accessing the PAMS with a browser may access a web site which not enrolled in the PAMS by entering the URL into the Discovery Portal. A user which is connected to the non-enrolled site does not enjoy the full benefits of PAMS, however the interaction will be mediated by the PAMS, including the audit trail. The authenticated user will also have the capability of anonymous interaction with the non-enrolled site, since the PAMS can remove the identifying header information from the Internet message.
  • Another application of persistent authenticated mediation is anonymous processing credit card transactions.
  • a cardholder transmits his credit card information to a merchant over an Internet connection.
  • the merchant seeks authorization by transmitting the information to the merchant's bank (called the acquiring bank) which in turn seeks authorization from the card holder's issuing bank.
  • An approval is passed back to the merchant, through the acquiring bank, and the merchant completes the transaction.
  • the PAMS mediated transaction the card holder has authenticated to PAMS, and is shopping with the merchant under mediation of PAMS through a PAMS application, for example a wallet program such as Netar operating as a PAMS application program.
  • the cardholder enters his credit card information into the wallet, and a corresponding reference TD is created.
  • the reference ID looks like a credit card number and is partly composed of random numbers the cardholder can enter, as well as required information such as the (Bank Identification Number) BIN number of the Payment Processor who is a PAMS external Service Provider.
  • the Payment Processor also has access to the credit card network (such as VISA or Mastercard).
  • the reference ID is passed to the merchant in place of a credit card number.
  • the merchant thinks the reference ID is a credit card number and passes it on to the acquiring bank.
  • the acquiring bank sends the transaction to the Payment Processor whom the acquiring bank thinks is the issuing bank.
  • the Payment Processor obtains the card holders actual credit card number and billing address from Netar, which is passed to the issuing bank for authorization.
  • the cardholder's interaction with the merchant can be as anonymous as desired, and the cardholder's confidential information is not transmitted over the Internet (only the transactions involving the merchant and the cardholder are transmitted over the Internet—all others are high speed secure transmissions). Additional benefits accrue when the Payment Processor is also the acquiring or issuing bank.
  • a unique feature of the PAMS is its ability to provide one or more additional Authentication Providers (AP) in addition to a default authentication application which was described above as a part of the persistent authentication and mediation service. These additional AP's all interface through the default authentication application and await service requests from the default application. These additional Authentication Providers would perform private key software smart card issuance and authentication in some specialized manner such as extremely rapid authentication, authentication accompanied by authentication insurance, or authentication specialized on a certain geography or device type. Additional AP's may also be the interface to alternative trust domains having credentials issued by an RA external to PAMS. Thus the PAMS goes beyond the traditional role of providing a simple confirmation of whether a user is authentic, but allows users to personalize authentication needs. For instance, some users will only want to deal with other users who use authentication accompanied by authentication insurance.
  • AP Authentication Providers
  • PAMS Another feature of PAMS is the option to provide alternative audit providers which interface through the default application audit provider similarly to authentication providers.
  • Alternative audit providers may offer special auditing services such as auditing service quality, business transaction volume and status, and state of the art messaging system. Audit providers may offer different levels of security or safety of storage.
  • additional authentication providers and additional audit providers enable a particularly attractive options for privacy and security of users.
  • the additional providers may be internal (providers which are located at the same physical setting and get started in the PAMS boot-up process) or external (providers which reside elsewhere on the network). By choosing external authentication and audit providers a user may choose where his information resides and how it is secured.
  • This feature of the PAMS architecture allows the user the ability to separate identification information (coming through the authentication agent) from transactional information (coming through the audit agent). The user is able to see the data transparently combined through the web portal while the data are actually coming from multiple places. This feature allows users a method by which fully authenticated users can transact anonymously with other users.
  • a primary target of the invention is international trade transactions
  • the word business will be used to refer to entities of all types, including all entities comprising one or more users with some connection which causes them to be grouped for the purpose of authentication.
  • a business transaction or transaction will similarly refer to the interaction between two or more users.
  • a business will generally enroll with its own identity which will be verified by the persistent authentication and mediation service as well as a number of users which may include a combination of the types of users.
  • Each user will have one or more personas which contains a subset of the verified business and user information.
  • a persona identifies a user as part of the business as well as a particular unique individual (human or otherwise).
  • Each business and user will also have information which may be dynamically varied by the user, such as a “shopping list” or inventory list.
  • a persona can identify a users role within a business, such as title, and the amount the user is authorized to spend.
  • a persona can be anonymous or not and a user may have both identified and anonymous personas.
  • Anonymous personas are a significant in light of the PAMS's ability to provide for authenticated anonymous interactions.
  • the PAMS uses the preferred pseudo-PKI system, where a user's public key is contained in encrypted form on an identity certificate which is forwarded to the PAMS with the challenge response, a significant security benefit is realized, in that there is no need for the PAMS to store the public key or other access parameter on the authentication server making a breach of the system much less likely.
  • the authentication process can be initiated by a direct request from the user to the persistent authentication and mediation service or alternatively by a request to another user world wide web site which uses the persistent authentication and mediation service to regulate access to the site.
  • the software provided to the web site will refer the user to the PAMS, which will authenticate the user and connect it to the web site, now under mediation of the PAMS. All communications with the persistent authentication and mediation service are mediated through the open software platform and once connected the user's interaction will be mediated by the persistent authentication and mediation service through the open software platform.
  • a very important feature of the PAMS is that the PAMS provides a platform to form new relationships which did not previously exist. Enrolled users of the PAMS can find other users by searching the dynamically variable database of verified and user variable data to find suitable partners. Some users will accept any potential “customer” as a partner, while others will have qualifying criteria which they can verify based on the credentials maintained in the PAMS database.
  • a preferred optional feature of the PAMS is to provide work flow processes which allow a first user to screen the persona of a second user against predetermined criteria, and either accept or reject formation of the relationship based on the comparison.
  • An example is a business with a web site which is enrolled in the PAMS and uses the PAMS to control access to its site. For instance, the business may indicate that it wants to form relationships with any user which is authorized to make purchases over $100,000.
  • Prospective partners which discover the business from the discovery portal will be transparently screened by the PAMS and admitted or not based on the result of the screening.
  • Information content which is available on the Internet, has generally no meaning without a well-understood context.
  • the context itself is in a constant state of change as parties interact and new traders appear and disappear.
  • the combination of authentication and persistent mediation provided by PAMS provides a persistent context to the information content.
  • the PAMS and the enrolled users form a virtual network which exists on a public network such as the Internet.
  • Enrolled users sign on to the network when they begin a session by authenticating to the PAMS. They may search for other members using the PAMS, and interact with other members with trust in their identity based on entry to the network being guarded by the PAMS. All interactions between users over the virtual network are mediated by the PAMS.
  • the virtual network provides a particularly convenient forum for its users due to the ability to access other users seamlessly without repeated login procedures.
  • the preferred implementation utilizes two new classes of network software which are synergistically suited for providing the PAMS.
  • the preferred implementation comprises a host site connected to the network, the host site including at least one computer server operated by an open software platform providing intelligent interactions, a persistent authentication and mediation service comprising a software pseudo PKI authentication agent operating on the open software platform, an audit agent operating on the open software platform for monitoring and storing mediated messages, and application software operating on the open software platform with functionality for enrolling users, authenticating enrolled users, allowing authenticated users to dynamically find suitable partners according to criteria which they specify, and allowing authenticated partners to interact under the mediation of the common authenticating service through the open software platform.
  • the authentication system further preferably further comprises a customer database server separate from the open software platform comprising a database of information about the registered businesses, the database being accessible to the persistent authentication and mediation service, though it is possible to include the information within the database maintained by the open software platform.
  • an open software platform refers to a platform where users and enabled services operating under the platform can interact regardless of their hardware or operating systems, system management strategies, development environments or device capabilities. Intelligent interaction refers to the ability of enabled services to discover, negotiate, mediate, and compose themselves into more complicated services.
  • the platform is analogous to an operating system, but instead of just mediating fixed requests from a process for resources and mapping virtual addresses to actual addresses, the operating system is capable of mediating global Internet services. All of the major functions of the service are preferably implemented through the open software platform, which mediates all interactions between PAMS and users.
  • a preferred open software platform is Hewlett Packard's e-speak, currently available as version 3.01.
  • the e-speak platform is implemented by an e-speak core program which operates on a user's computer or server.
  • enabled services are referred to as e-Services.
  • the ability to discover refers to the fact that when an e-service registers with a host system accessible to the network and creates a description of the service it provides, users of the system can automatically discover services which have desired attributes, and contact them without needing to have known about the service in advance or knowing its URL.
  • To negotiate refers to the fact that e-speak negotiates between the requester and provider to eliminate services which are outside of the requested criteria.
  • To mediate refers to the fact that users are connected through the e-speak core and e-speak continuously intermediates the service delivery after the user and e-service have been connected. Users do not normally interface directly, interactions are by default mediated by the service. As previously mentioned there may be times when users prefer to interact directly without mediation.
  • a preferred embodiment of PAMS includes the capability to alternate between mediated and direct interaction after authentication has been completed using persistent mediation.
  • To compose refers to the ability of e-services to combine themselves into more complex, cascading e-services even dynamically. While e-speak is the preferred open platform, other open platforms which could be well suitable for providing the service, such as those provided by Microsoft, IBM and Sun, particularly platforms which provide the capability for discovery, negotiation, and mediation as described above. Another alternative embodiment is to build the necessary functionality into a dedicated software package performing similar functions as e-speak.
  • An essential part of the service of the instant invention is an authentication agent which is part of the PAMS.
  • the authentication agent performs the first step in the authentication process, namely authenticating a user to the PAMS.
  • the authentication agent comprises software functionality operating on the open software platform.
  • the combination of the common authentication agent with the open software platform is a particularly synergistic combination in that authentication agent performs the authentication of a user to the PAMS, while the open platform provides the persistent mediated connection between authenticated users.
  • the open software platform mediates the exchanges between the authentication agent and the various users and then the interaction between authenticated users interacting under the PAMS.
  • an audit agent which like the authentication agent is a software application operating on the open software platform. While e-speak mediates all messages the messages are only stored until delivered. The audit agent performs logging and monitoring for all transaction events that occur in the system. The audit agent intercepts all interested events during mediation by the e-speak core and stores them in a permanent store such as a database.
  • the PAMS database component contains the customer relationship management (CRM) information for each registered user.
  • CRM customer relationship management
  • Such information includes user-specific reputation ratings, business partners, past and current dealings, and so forth that are personalized for each user.
  • Other features for promoting business transactions requiring trust are preferably provided as software applications operating on the open software platform either integrated into a single package, or as separate software applications.
  • these software application these functions are part of the extensible Web Access component of e-speak and are known as the Web Portal.
  • the Web Portal is accessible via xml/https or ESIP via the e-speak core.
  • E-speak typically provides a proprietary EIDL compiler (See Appendix D of the E-speak's Programmer's Guide) that generates stub files on top of ESIP for efficient programmatic access from clients to an e-speak service.
  • PAMS is to be deployed on high-end computer systems with fast Internet connections. Therefore, successive improvements in Internet router/switch technologies and computer systems, which has been taken for granted in today's marketplace, will help PAMS to perform under increasing workload.
  • the open software platform provides asynchronous message delivery providing persistence of messages until delivered.
  • the persistent authentication and mediation service requires an asynchronous architecture to provide fault tolerance in a widely dispersed network so that messages will be preserved during server or network failures.
  • the open software platform provides the persistent message queue management that is necessary to support the persistent authentication and mediation service on a global scale.
  • Authenticated connections are preferably secure connections such as SSL, which is supported by e-speak.
  • the authentication agent In a PAMS in accordance with the invention, it is necessary that the authentication agent provide a high degree of confidence that the authenticated party is the entity which it purports to be, since a user's trust in the authenticity of another user can be no stronger than the trust that the PAMS has properly authenticated the other user.
  • the authentication agent should employ an implementation which is scaleable for use by a very large number of potential users, preferably hundreds of thousands or millions of users distributed world wide. Ordinary id/password systems which are commonly employed for authentication to servers or on-line services will not be considered to be sufficiently secure to proceed with major transactions based on their trust in the authentication.
  • PKI Public Key Infrastructure
  • Hardware based smart card systems for protecting the private key are very secure but are considered to be very costly and unmanageable for a large and widely dispersed group of users such as is contemplated in world wide trade which is a primary application contemplated for the invention.
  • a preferred strong software protected pseudo PKJ system is a system such as the pseudo PKI system described in U.S. Pat. No. 6,170,058, “Method and Apparatus for Secure Cryptographic Key Storage, Certification and Use”, and “Software Smart Cards via Cryptographic Camouflage” by D. Hoover and N. Kausik (1999 IEEE Symposium on Security and Privacy”).
  • the above technique protects the private key by means of a cryptographic software camouflage, which provides similar security benefits to hardware based PKI but is limited to circumstances where messages are only verified by pre-defined trusted entities.
  • the private key is not merely encrypted with the password, however, but it is said to be camouflaged because when incorrect passwords are inputted, in many cases a false but otherwise plausible private key is generated.
  • a challenge message encrypted with a false key is identifiable when submitted for authentication.
  • the software camouflaging technique is readily scaled to large numbers of users since authentication is only carried out by a limited number of servers. This allows for a minimal software requirement on the user's network access device which can be conveniently distributed over the network and elimination of the need for hardware protection of the private key.
  • WebFortTM The technology for implementing a pseudo PKI system described above has been implemented in software known as WebFortTM.
  • WebfortTM as such is not capable of operating in a distributed e-services environment and is suitable for authenticating users to a server or integrated group of servers which constitutes a resource which the user seeks to access rather than for common authentication of unrelated entities to each other.
  • the WebFortTM system does not support a mediated infrastructure.
  • the WebFortTM functions to carry out pseudo-PKI are organized into separate components and encapsulated in a custom software container operating on the e-speak core to provide the functionality to enable authentication of users to the PAMS.
  • the implementation of the discovery and collaboration features are implemented as software applications operating on the e-speak core either preferably as an extension of the e-speak Web Access component. Interactions between users and the PAMS and between users connected by the PAMS are mediated by the e-speak core.
  • JNIExport jbyteArray JNICALL Java_arcot_service_wallet_create JNIEnv *env, jobject jobj, jstring juserID, jstring jcardName
  • JNIExport jbyteArray JNICALL Java_arcot_service_wallet_exists JNIEnv *env, jobject jobj, jstring juserID, jstring jcardName).
  • JNI wrapper APIs are based on Sun's standard JNI Specification (Java Native Interface Specification (http://java.sun.com).
  • the service further comprises additional authentication providers in addition to the main authentication agent.
  • the additional authentication providers perform special services such as providing extremely rapid authentication or providing authentication insurance combined with the authentication.
  • the preferred embodiment further comprises additional audit providers in addition to the default audit agent provided with PAMS. Additional providers may perform special functions such as service quality monitoring, transactional volume monitoring, and status.
  • the preferred network is the public Internet, though embodiments of the invention can be applied to other large-scale networks as well, and while the methods are described as being capable for facilitating transactions in global trade, it should be appreciated that the invention is equally applicable to smaller distances and other networks and not limited to global trade or the Internet.
  • FIG. 1 describes a logical view of a preferred PAMS system utilizing the e-speak open software platform.
  • Actual system configurations can vary considerably. For instance, the entire PAMS system functionality can be distributed across application servers, Web servers, e-speak Cores, and multiple databases. Through e-speak Core-to-Core communication, PAMS systems can easily connect to one another to form a cluster of PAMS networks providing the same consistent view to the users.
  • PAMS acting as the primary backend component, along with other Web portal front-end components, forms a complete online service.
  • PAMS Internally PAMS consists of three primary system components: authentication agent, audit agent, and e-speak. Both agents maintain a list of internal service providers for authentication and auditing.
  • the authentication agent relies on WebFortTM for software smart card implementation.
  • the audit agent relies on e-speak for mediation functionality.
  • a preferred PAMS system 110 comprising an authentication agent 120 is shown operating on an open software platform, here the e-speak core 130 .
  • Authentication Provider 1 ( 122 )
  • the Authentication Providers include the functionality for enrolling users and authenticating enrolled users to the PAMS.
  • the default Authentication Provider is part of the Authentication Agent 120 .
  • An Audit Agent 140 is shown with Additional Audit Providers 142 and 144 .
  • Authentication Providers 150 and Audit Providers 152 are additional external providers. Also shown are special external service providers 156 , 158 , and 160 which are services outside of PAMS which have been enrolled as member in the PAMS and will be frequently utilized by other members.
  • the Authentication Agent is an integral part of PAMS. It leverages a local e-speak Core to provide authentication services for PAMS.
  • the agent serves as the default Registration Authority in PAMS; it is the RA for users enrolled by PAMS. It is optionally possible for PAMS to recognize certificates issued by others and authenticated by an external Authentication Provider which interfaces through the Authentication Agent. In this case, before authenticating, information about each user is stored in the PAMS database creating a relationship between PAMS and the user.
  • the Authentication Agent acts as proxy to other internal or external authentication providers which serve as the Certificate Authority.
  • the Agent implements e-speak's service interface, thus qualifying it as an e-service.
  • the agent by default hosts an internal authentication service that wraps around WebFortTM. Generation of certificates within the agent is the default operating mode when an external authentication provider is not being utilized. As PAMS's default authentication provider, this service implements the pamsAuthSPIntf interface as defined below.
  • the Agent decides which authentication provider to use based on certain attributes of the incoming request, such as cost or response time requirements.
  • the Authentication Agent is accessible through its interface defined as following: /** pamsAuthAgentIntf: ** ** Notes: interface to PAMS Authentication Agent **/ interface pamsAuthAgentIntf extends ESService, pamsAuthSPIntf ⁇ // open new account with PAMS boolean openAccount(int userType, AccountInfo newUser); // update account information void updateAccount(AccountInfo update); // close account boolean closeAccount(String userName); // find service providers ESURL,[ ] findServices(ESServiceDescription sd); // establish relationship with a service partner boolean formRelationship(ESURL, partner); // update user database boolean updateUserDatabase( ); // distribute software smart cards byte[ ] getSmartCard(String userName); // validate data with external SPs boolean validateData(byte[ ] data,
  • the Authentication Agent provides built-in authentication, as indicated by its implementation of the pamsAuthSPIntf. Internally it implements a JNI adapter to WebFort'sTM public C-based SDK. The agent mediates all calls for authentication. Other Web Portal components can call the agent service by name. (Web Portal discussed below is the interface for access to PAMS)
  • the Authentication Agent is called by Web portal components when authentication is required, in cases where access to protected resources is requested. Type B clients, however, would bypass the portal and access the agent directly.
  • An Authentication provider (AP) from the PAMS viewpoint belongs to one of two classifications: internal or external.
  • An internal AP is local and packaged with PAMS together; local AP's can be considered premier AP's.
  • External AP's are located remotely, and connected to PAMS through the administration console by conforming to the e-speak service interface. External AP's require higher level of security validation to PAMS prior to service. Both types of providers implement the same pamsAuthSPIntf interface.
  • the Agent holds sway over which AP gets selected for a particular transaction based on the service attributes such as cost and service response requirements.
  • pamsAuthSPIntf ** ** Notes: to be implemented by authentication service providers **/ interface pamsAuthSPIntf ⁇ // request a challenge string from authentication server String getChallenge( ); // verify response to requested challenge string boolean verifyResponse(String resp ); // verify signed data from authentication server boolean verifySignedData(int encodingScheme, byte[ ] signedData) ; // sign data byte[ ] signData(int encodingScheme, byte[ ] rawData); // check to see if card already exists Boolean cardExists(String walletName, String cardName, String userID); // create a sofware card byte[ ] cardCreate(String walletName, String cardName, String userID ); // verify cookie boolean isCookieValid(String cookieName, byte[ ] cookieData); // delete cookie void deleteCookie(
  • the audit agent in PAMS performs logging and monitoring service for all transaction events that occur in the system.
  • e-speak terminology it utilizes the system event logging provided as a default service by e-speak Core.
  • the Agent hooks into the publish/subscribe event manager of the e-speak Core.
  • the agent can raise a warning flag, suspend, or terminate sessions that are suspicious in nature.
  • the agent intercepts all interested events or messages during mediation by e-speak Core.
  • the agent can put the transaction events in a permanent store, such as a database or secure store such as HP's VirtualVault.
  • the audit agent interface is defined as follows: /** pamsAuditAgentIntf: ** ** Notes: service contract interface to PAMS Agent **/ interface pamsAuditAgentIntf extends ESService, pamsAuditSPIntf ⁇ // set the date/time source void setUniversalDateTime(URL dateTimeSource); // generate message authentication code for log entry String generateMACId(byte[ ] logData); ⁇
  • the PAMS system leverages on e-speak's open architecture for e-services.
  • audit service providers can choose to monitor PAMS for critical information such as existing service quality, business transactions volume and status, and the state of the messaging system. This set of differentiating features provides distinct value-added service to PAMS operators for system monitoring and management purposes.
  • Both authentication and audit service providers use the same mechanism for service management.
  • PAMS administrator has at its disposal a browser-based administration console that allows the management of new and existing service providers. Therefore each PAMS service provider must fully implement the relevant PAMS service provider interface in e-speak context and be validated and approved by PAMS authority leading to acceptance of PAMS access control list (ACL) of validated service providers.
  • ACL PAMS access control list
  • PAMS administrator can use the very same authentication service to validate service providers.
  • PAMS includes a PAMS Database 154 .
  • the PAMS database component contains the customer relationship management (CRM) information for each registered user. Such information includes user-specific reputation ratings, business partners, past and current dealings, and so forth that are personalized for each user.
  • CRM customer relationship management
  • This component is essential to implementing the MyPAMS part of the portal (MyPAMS is similar to MyYahoo—a common Web portal feature.
  • PAMS database can be a relational database or a directory.
  • the former is accessible through JDBC interface (Java Database Connectivity API (http://java.sun.com/products/jdbc/index.html)), with the latter through LDAP (Lightweight Directory Access Protocol).
  • JDBC interface Java Database Connectivity API (http://java.sun.com/products/jdbc/index.html)
  • LDAP Lightweight Directory Access Protocol
  • PAMS service providers can be internal or external. Internal providers are local to PAMS; they reside in the same physical setting and get started as part of the PAMS boot-up process. Internal providers are integral parts of PAMS system. External service providers reside elsewhere in the network, and typically connect via a communication link. External providers must be authorized by PAMS operator for their services to be enabled.
  • External PAMS service providers can connect with ESIP or XML, depending on the interface specification or the service contract, of the defined service. For instance, given PAMS Authentication Service Provider interface is defined as a set of Java methods, any compliant authentication provider will have to implement this interface to become available to the PAMS network and therefore would typically use ESIP. PAMS service providers can choose to connect to PAMS through a private secure dedicated link or through virtual private network (VPN) protocol on the Internet.
  • VPN virtual private network
  • Other external service providers ( 156 , 158 , 160 ) are verbatim e-speak services that have registered with PAMS directly or discovered through the e-speak's distributed advertising service that make services registered in different e-speak Core visible to one another.
  • the Web Portal 132 is the interface for user access to the PAMS services. Key functionality exposed through the portal includes user management, service provider management, collaboration, service discovery, authentication, and persistent mediation. Basic PAMS services provided by the authentication agent, audit agent, or e-speak are accessed through the portal while other functions such as collaboration and discovery are implemented as in the Web Portal.
  • PAMS user clients There are three main types of PAMS user clients for PAMS portal. They are distinguished by how they access the portal as well as what they can access.
  • Type A 162 is through the Web browser with XML over HTTP. It has access to all other portal features in addition to authenticated mediation.
  • Software is provided to the user by PAMS which allows it to communicate with the authentication agent. This may be in the form of an applet which is downloaded via the network each time the application is called, or as by a browser plug-in which can be permanently downloaded.
  • the software smart card including the private key and the digital certificate is stored on the users' device. For users accessing the network from a computing device with adequate non-volatile memory, it will generally be preferred that the smart card be stored on the user's device in the non-volatile memory. Other users may download the smart card into volatile memory at each power up.
  • the software provided to the user also permits users to alternate between indirect mediated interaction and direct interaction though a parallel connection after authentication is complete.
  • Type B 166 is through a custom application, e.g. Web server, that uses ESIP (E-speak Inter-exchange Protocol (TCP/IP based) directly, e.g. e-speak's J-ESI SDK. It typically accesses PAMS for authenticated mediation and optionally other portal features, e.g., collaboration, through portal integration.
  • ESIP E-speak Inter-exchange Protocol
  • TCP/IP based E-speak Inter-exchange Protocol
  • PAMS for authenticated mediation
  • portal features e.g., collaboration
  • System integration of this nature depends on actual implementations of the target system. Many commercial tools exist, e.g., Tibco, that facilitate such integration.
  • Type C 164 is a Net-enabled device that interacts with PAMS primarily for authentication and mediated messaging.
  • Type C users will typically utilize authentication software of the type used by type A users.
  • PAMS end users use the browser for access, whereas PAMS service providers will prefer to use ESIP for system performance and programmatic flexibility.
  • the Web browser client would include WebFort'sTM browser plug-in 170 and 172 to manage the issuance and update of software smart cards for the user.
  • the plug-in interacts with Arcot's Card Server through PAMS implementation of Arcot's client APIs. After a smart card is issued, the browser interacts with the plug-in to decrypt challenge strings from authentication server using the user's private key embedded within the smart card. The user needs to enter valid personal identification number (PIN) for authentication when prompted for dialog to succeed.
  • PIN personal identification number
  • PAMS Since all client access begins by being mediated by PAMS through e-speak, PAMS provides the “resource handlers”, in e-speak terms, for all clients.
  • the PAMS resource handlers monitor each user's mailbox for new messages and process them accordingly, e.g. converting them to user's database records.
  • e-speak's Webaccess module implements the resource handlers.
  • Other user types implement their own resource handlers, e.g. by servlet in a service provider case.
  • SSL Secure Socket Layer
  • FIG. 1 Each type of user is represented by one block on FIG. 1 and many of the other figures, however it should be understood that there may be many users of each type utilizing a PAMS according to the invention and the drawing is simply representative of each type of user to illustrate how that user interacts.
  • FIG. 1 One important observation in FIG. 1 is that communications of the PAMS Authentication Agent and Audit Agent with each other and outside entities (including the external Authentication Providers and Audit Providers) and users, are mediated by the e-speak core.
  • a PAMS system is preferably designed for scalability, performance, and availability as described below.
  • E-speak provides several key scalability features.
  • PAMS services interact with one another mediated by e-speak Core messaging with ESIP, which is e-speak's Session Layer Security (SLS) protocol.
  • SLS Session Layer Security
  • One key feature of SLS is request multi-plexing. Several requests can be serviced by a single TCP connection.
  • Another e-speak feature is support for asynchronous mode of messaging; in fact, this is the default mode for e-speak messaging.
  • synchronous messaging is modeled on top of the asynchronous implementation.
  • Asynchronous messaging, with Inbox and Outbox concepts is quite analogous to the Internet email system today. Therefore many users can use the system simultaneously sharing finite system resources such as threads and socket connections.
  • the typical load-balancing schemes in use are web server clustering and application server clustering.
  • the Web proxy server distributes requests among an active list of Web servers in a cluster according to in well-understood algorithms, e.g. round robin.
  • application server clustering the application server proxy distributes workload across current active application servers, similar to Web server proxying.
  • FIG. 2 A typical load-balancing configuration is shown in FIG. 2 .
  • FIG. 2 assumes load balancing is a feature of the application server.
  • FIG. 2 several users 180 , 182 , and 184 are shown connected to a Web Server 186 which is connected to three instances of the same PAMS application module 190 , 192 , and 194 and the Database 154 through the application server proxy 188 .
  • the Web servers essentially load balance workload across a cluster of application servers, which host different instances of the same PAMS application module.
  • load balancing is a feature of the application server.
  • Other schemes for load balancing include hardware load balancer based on ongoing IP traffic and Web server clustering that are based on request load on each of the cluster member server.
  • a hybrid of the approaches can also be implemented based on the nature of the application work flow and network traffic patterns.
  • ESIP System-on-Infrared Protocol
  • Performance-sensitive services use ESIP to communicate with PAMS.
  • E-speak also provides a proprietary EIDL (see Appendix D of E-speak's Programmers Guide) compiler that generates stub files on top of ESIP for efficient programmatic access from clients to an e-speak service.
  • PAMS is to be deployed on high-end computer systems with fast Internet connections. Therefore, successive improvements in Internet router/switch technologies and computer systems, which has been taken for granted in today's marketplace, will help PAMS to perform under increasing workload.
  • E-speak Core architecture is designed for clustering, which is key to e-speak service redundancy.
  • E-speak has built-in support to import/export resources between two connecting Cores and to keep the two systems in sync over time. Since PAMS is built on e-speak, it can leverage on the benefits of such cluster configuration of inter-connecting stand-alone or redundant PAMS systems. PAMS users can be configured to have access to more than one PAMS access point but maintains the same logical view of the service.
  • PAMS system design relies exclusively on Java technologies in interface definitions and connectivity with non-Java code through JNI (Java Native Interface).
  • JNI Java Native Interface
  • FIG. 3 shows the same implementation as in FIG. 1 showing the key processes of the PAMS, registration A, authentication, discovery and relationship development B, and collaboration C, all of which are applicable to each type of user.
  • User type A 162 and user type C 164 access all process functions though the Web Portal, while user type B 166 accesses the e-speak core directly for authentication, discovery, relationship development, and collaboration.
  • FIG. 14 shows a hardware configuration of the PAMS.
  • Computers can be any standard network or Internet accessible machines.
  • Preferable personal computers comprise 100 MB of hard disk space and 32 MB of memory and have common operating systems such as Windows 2000/95.
  • Preferred servers are standard web servers such as those manufactured by Hewlett Packard or Sun and preferably having a minimum of 100 MB of disk space and 256 MB of memory and operating under such operating systems as UNIX or Windows NT 4.0/SP4.
  • Type A browser access
  • Type B web application software on a server
  • Type C software Bot or device that sometimes has network connectivity
  • a single user can enroll, or a business or group comprising two or more users can enroll as a group.
  • a business or group can be a combination of users of different types.
  • FIG. 4 represents the enrollment process where in this example, a business, represented by an employee who is a Type A user, is enrolling. This user could enroll on behalf of itself and for other users. The user 162 would first need to find the PAMS.
  • the user 162 issues a generic e-Service request from a web browser for a ‘global authentication provider’ through an e-Service broker (an e-Service broker is a class of service provided by Hewlett Packard which allows users to find e-Services) in the Internet connection line 201 .
  • an e-Service broker is a class of service provided by Hewlett Packard which allows users to find e-Services
  • the proposed business user selects PAMS if multiple service providers are returned by the e-Service broker.
  • the business user clicks on the PAMS link and is connected through a URL to the PAMS home page (which is shown as FIG. 10 ) through connection line 202 accessing the Authentication Agent through the Web Portal mediated by e-speak.
  • the user 162 initiates the open account process with Authentication Agent by accessing the ‘become a member’ function on the home page.
  • the business user is instructed to complete a number of online forms which provide specifics on the business and the employee(s) who will be enabled to utilized the PAMS service, such as their title and whether they can contractually commit the business.
  • the business user will also be instructed to provide documents, which support the authenticity of the business such as SEC filings, etc.
  • the business user will also personalize the service PAMS provides by selecting desired features from a list of available PAMS services. This includes specialized authentication providers, service level monitoring, authentication insurance, etc. Each of these services will have a different usage cost associated with them.
  • PAMS investigates the provided information.
  • PAMS may contact external information providers, such as Dun and Bradstreet to validate provided information.
  • the business may be contacted multiple times to clarify existing or supply additional information Businesses that meet membership policies are notified that their registration has been approved. Otherwise, their application is rejected.
  • An optional procedure would provide a fast temporary enrollment option to a user which has some degree of established identification, such as a DUNS number. The authentication rating of such a user would be low, warning other users of the temporary user's status.
  • the Authentication Agent If the validation process for a company is successfully completed, the Authentication Agent generates a public/private key pair(s), and encrypts the public key(s). The Authentication Agent controls the process of generating a software smart card for each employee of the business who is approved to utilize the PAMS.
  • the user selected a specialized Authentication Provider (AP) 122 which includes insurance coverage as part of the authentication for an additional fee.
  • the Authentication Agent then issues a request to AP I through line 203 to generate the digital certificate(s) appropriate to that AP.
  • the digital certificate(s) are returned to the Authentication Agent through line 204 .
  • the user selected to use the default authentication provider which is part of the Authentication Agent the certificate would have been generated within the Authentication Agent.
  • the Authentication Agent 120 camouflages the private key with an activation code, builds the software smart card(s) and places it in the software smart card database.
  • the Authentication Agent 120 provides instructions to the Business employee 162 on how to pick up the software smart card and the required client software.
  • the Business employee 162 obtains the software smart card from the card database by downloading it through line 205 from the PAMS home page ( FIG. 10 ) by selecting “certificate download” after entering the appropriate activation code.
  • the user could secure the smart card through an out-of-band communication method such as a disk sent by registered mail.
  • the software smart card can be stored permanently on the PC hard disk or temporarily in the PC's memory.
  • the Authentication Agent also provides the Business employee with the software plug-in necessary to interface with PAMS.
  • the Plug-in is installed by accessing ‘software installation’ from the PAMS home page FIG. 10 ).
  • the employee is enrolling Type B and Type C users the smart card and plug-ins are obtained by a Type A user and installed on the application server (type B) or device specific software.
  • the business employee 162 initializes the software smart card, through entering a user name, activation code and a user defined password and can personalize the software smart card through line 206 by entering non-validated information about interests, needs, etc. through the Persona Management Page ( FIG. 12 ).
  • the business employee can also create multiple personas, which represent subsets of the validated and non-validated information through the Persona Management page.
  • Line 206 actually accesses the Authentication Agent through the Web Portal under mediation of e-speak, though the line is distorted on FIG. 4 due to crowding.
  • the routine Open_Account is executed by the PAMS which carries out administrative functions such as setting the Authentication Strength rating for the new member based on the amount of identity verification that was performed.
  • FIG. 5 is a diagram illustrating a Type A user 162 , who is an employee of the business which enrolled in the PAMS in the prior example, who signs on (authenticates) to the PAMS.
  • a Type A user 162 requests the Authentication Agent to sign on by selecting “Sign-on” from the PAMS home page through line 211 which contacts the Authentication Agent through the Web Portal mediated by e-speak.
  • the Audit Agent 120 receives and logs the sign-on request.
  • user 162 has enrolled using external Authentication Provider 122 which issued the user's software smart card, so the Authentication Agent forwards a request for a challenge to Authentication Provider 122 though line 212 .
  • Authentication Provider (AP) 122 generates a challenge and forwards it to the Authentication Agent through line 213 .
  • the Authentication Agent presents the challenge to the user 162 by line 214 .
  • the PIN entry screen is displayed to the user 162 , and the plug-in 170 which was supplied to the user during enrollment signs the challenge by encrypting the challenge with the user's private key.
  • the signed challenge is returned with the user's digital certificate through line 215 to the Authentication Agent 120 through the Web Portal mediated by e-speak.
  • the response is forwarded to AP 122 through line 216 .
  • AP 122 verifies whether the response is authentic by decrypting the encrypted public key on the user's digital certificate and then decrypting the challenge and determining whether it is valid.
  • the result of the verification is returned to the Authentication Agent through line 217 and then to the user through line 218 . If the user's log in was validated a cookie is set in the user's browser and the user is routed to the Discovery Portal from where other users may be accessed. If the log in was not valid the log in procedure is repeated unless the maximum number of failures is reached.
  • An optional security feature would comprise notifying a user by some external means when it signed on to the PAMS.
  • the notification could be sent to a mobile phone, pager, message service, or the like.
  • the dynamic discovery feature of the authentication service is one of the key elements of facilitating business transactions according to the present invention. It addresses the requirement to provide easy access to a dynamic directory of business members of the persistent authentication and mediation service.
  • the feature is offered through a portal to Type A users and through equivalent direct communication with Type B and Type C users.
  • FIG. 11 is a picture of a preferred discovery portal.
  • the discovery portal organizes all the users and businesses into categories and allows sophisticated searching of the user and business data. Users can search both the authenticated data as well as data which may be dynamically inputted by businesses. This search is much different from an ordinary “web search” portal in that the data is dynamically variable and structured through a vocabulary. Also, all businesses are searchable, either directly or anonymously.
  • the dynamic search feature is not limited to the common paradigm of browser users searching for web service providers.
  • Businesses and users may be searched dynamically according to search criteria, either searching authenticated data, user inputted data or both.
  • An example of relevant user inputted data could include a business's current product inventory list, so that a buyer could select businesses who have sufficient inventory to meet their needs. Alternatively, a buyer could input its needs and be discovered by businesses who desire to bid on supplying the materials.
  • Personas Users input user variable data through personas. Personas are managed through a Persona Management Portal which is shown in FIG. 12 .
  • Personas like business cards, contain both personal as well as business identification information. Unlike business cards, users can personalize the persona to include information on interests, competencies, advertise goods or services with specified sale terms, etc. Users can also limit the information that is shared as the PAMS keeps the ‘master’ list of information private, and only reveals the information that the user has included in the persona.
  • a new persona is created by selecting a subset of the master list of validated information and entering in appropriate non-validated information. Non-validated information can be entered into a validated category, though the information will be identified as being a pseudonym. For example, an employees company may be ‘ABC’, but they may not want to reveal their company name, so they enter ‘XYZ’. The receiving party would be able to see that the company name is a pseudonym.
  • a user can request to make a relationship with another business through the Discovery Portal, either identified, anonymously, or pseudonymously.
  • the other business, or a user designated to make relationships will be forwarded the request along with authentication, either validated or anonymous as appropriate.
  • the business could decide to establish a relationship, negotiate to have more validated information revealed or reject the request. If the businesses decide to a establish a relationship, their identities may be revealed to each other if not already known or kept anonymous depending on each users preference.
  • a Type B business will be forwarded the necessary information to add the user requesting a relationship to its customer list so that the introduction process will not be needed in the future. Many businesses will accept all members registered with the persistent authentication and mediation service so that the introduction step will not be necessary for these businesses.
  • the discovery feature leads naturally to the next step in transacting global business collaboration with authenticated trade partners.
  • the persistent authentication and mediation service includes software for secure collaboration. A browser user will conveniently begin to use the collaboration features by collecting businesses by “dragging and dropping” them onto the collaboration portal.
  • FIG. 6 is an example of the use of the dynamic discovery features to create a persona and discover a second business.
  • a Type A user 162 from the previous example selects ‘persona maintenance’ from the PAMS Home page ( FIG. 10 ) through communication 221 .
  • the persona maintenance page is shown in FIG. 12 .
  • Personas like business cards, contain both personal as well as corporate identification information. Unlike business cards, users can personalize the persona to include information on interests, competencies, advertise goods or services with specified sale terms, etc. Users can also limit the information that is shared as the PAMS keeps the ‘master’ list of information private, and only reveals the information that the user has included in the persona.
  • a new persona is created by selecting a subset of the master list of validated information and entering in appropriate non-validated information.
  • the PAMS provides default personas, such as a ‘first time’ trading persona, a ‘long term relationship’ persona as well as an anonymous persona which has validated information such as the dollar amount the holder can commit the business to but no information on the name of the business itself.
  • PAMS can update all businesses, that had previously received the information, of the change automatically.
  • the user 162 then accesses the Discovery portal from the PAMS Home Page ( FIG. 11 shows the Discovery portal which is accessed through the Web Portal) and enters desired search information in communication 222 .
  • the user 162 is interested in heavy equipment distributors.
  • the user also specifies that only companies with at least a composite trust rating, as compiled by the PAMS, of four stars should be discovered.
  • the user enters search text into a customized vocabulary which corresponds to the validated PAMS master data as well as the non-validated information.
  • the request is processed by the e-speak core 130 which searches its repository of registered businesses for one or more that matches the search criteria and returns them through communication 223 to the user 162 through the Discovery portal a function of the Web Portal 132 .
  • Business 165 in this example, is returned as the best match to the query.
  • User 162 exercises the option to request additional detail on a discovered business beyond that which the e-speak repository maintains through communication 224 and receives the result in communication 225 .
  • the PAMS reveals approved information on Business 165 , such as a overview of the business, which PAMS maintains in its business database 154 .
  • the web portal retrieves the detailed data from the database 154 .
  • User 162 will not directly access User 165 , as their interaction will be mediated by the e-speak core.
  • An option on the Discovery Portal is to provide information to allow members to view the ‘discovery’ requests that are most frequent. In this way, a business can dynamically alter their persona to increase the likelihood their product/service is discovered. Since a product/service overview can be part of the validated information, a business would have some confidence that the companies they discover can deliver. This is another example of an action in one part of the system causing ripples to flow through the rest of the system.
  • the collaboration feature is the remaining key feature of the persistent authentication and mediation service according to the present invention.
  • the collaboration portal is a feature of the Web Portal.
  • the collaboration feature is accessed by a browser user through a collaboration portal, though as with the other features it will be appreciated by those skilled in the art that the features could also be accessed directly by programmed applications including automated processes.
  • the businesses dragged in from the discovery portal will show up in the user's in box.
  • the portal contains a Library which includes a history of deals completed and pending and tracks changes and revisions to the deal documents.
  • a particular document may be pulled up from the Library or searched for from a database of all deals participated in. Since all transactions are mediated by the persistent authentication and mediation service, there is an archive memorializing all the deals.
  • One option of the service is to provide certified message delivery. Since all interactions are mediated by e-speak until the message is delivered, PAMS can readily acknowledge when a document has been delivered and received.
  • An optional security feature of the PAMS is to confirm with an authenticated user by an external means that its digital signature is to be applied to a document.
  • the notification could involve external means such as a telephone or mobile phone message, pager, or the like.
  • a particularly important feature of the authentication service according to the invention is that unlike prior discussion boards, all communications are fully authenticated by the persistent authentication and mediation service, so that all the participants know exactly with whom they are dealing.
  • parties to a negotiation may add additional parties which are needed to complete a deal.
  • a buyer and seller of goods may bring in additional parties needed for handling, shipping, and insurance.
  • a buyer could assemble alternative seller-handler-shipper-insurer combinations and compare them, all with surprising ease of process and security.
  • FIG. 7 illustrates the process whereby two businesses, Business 1 and Business 2 form a relationship.
  • Business 1 ( 162 ), a Type A user, uses the Discovery portal to review information about Business 2 ( 165 ), also a Type A user in communication 231 .
  • the Discovery feature is accessed through the Web Portal which calls on the e-speak dynamic discovery feature.
  • Business 1 in this case is able to review Business 2's access policy and notices that relationships are restricted to businesses that meet specific criteria, in this case having annual sales of over $10 million.
  • Business 1 specifies that it would like to be introduced to the distributor, Business 2, by selecting the ‘Request Relationship’ function from the Discovery Portal.
  • the Discovery feature conveys the request to Business 2 by placing a message in Business 2's in box in communication 232 .
  • Business 2 is provided with the information present in the active persona of Business 1.
  • Business 2 replies that they desire a relationship with Business 1 in communication 233 .
  • PAMS updates its database to show that a relationship has been established between Business 1 and Business 2.
  • the Web Portal relays this information to Business 1 in communication 234 .
  • Business 1 may now send a message to Business 2.
  • Business 1 can send digital messages to Business 2 and they can collaborate through the collaboration page.
  • Business 1 could desire an anonymous relationship in which case the persona would convey minimal information.
  • Business 2 may decide to deal anonymously with Business 1 or may request additional information be provided in order to establish a relationship.
  • An advantage of the invention is that Business 2 benefits from an accelerated customer acquisition process. For example, Business 2 can establish an immediate approval profile. Based on the information the PAMS provides, Business 2 can immediately authorize the addition of a new customer since it can rely on the PAMS to ensure that the new customer satisfies the criteria of its immediate approval profile.
  • Business 2 in this example is a browser user responding to a message received through the Discovery Portal.
  • Business 2 could have alternatively been a Type B user such as a web site, responding in an automated manner to Business 1's messages. It could also alternatively be a Type C user such an application program, software bot, or device. If Business 2 had been a Type B user, after establishing a relationship, Business 2's web site access tables would have been updated by Business 2 to allow Business 1 access to the web site without needing to go through the typical web site sign on screens.
  • Business 1 ( 162 ) initiates an collaboration session with Business 2 by selecting the “Collaboration” feature from the Discovery portal which causes the Collaboration Portal to be displayed by the Web Portal.
  • Business 1 notifies Business 2 by selecting ‘Contact Partners’ from the Collaboration portal and selecting Business 2.
  • a message is sent to Business 2 Discovery Portal's ‘Alert’ function, and/or to a mobile device, etc. which Business 2 has designated.
  • Business 2 When Business 2 accesses the Collaboration Portal it can exchange messages and documents with Business 1.
  • Business 2 specifies that it wants to receive an assurance from a financial institution that Business 1 is credit worthy before concluding the contract and Business 1 and 2 agree to split the fees for the financial institution and to choose a financial institution that both organizations approve.
  • Business 2 accesses the Discovery Portal and issues a search request for a “credit rating agency”.
  • Business 1 and 2 both receive back the information which was discovered, in parallel communications 245 , in this example identifying two potential service providers (D+B) and (@rating) as credit rating agencies.
  • Business 1 and Business 2 agree to utilize Business 3, @rating, which is a software application (a Type C Business).
  • the discussion is shown as parallel communication lines 246 , which is a communication between Business 1 and Business 2, mediated by e-speak 130 .
  • This agreement is captured in the discussion forum feature of the collaboration portal and logged in a permanent audit record in the communication labeled 247 between e-speak and Audit Provider 142 through Audit Agent 140 .
  • Audit Agent 140 continuously monitors e-speak for events to be memorialized in the permanent record.
  • Business 3 is software application, e-Service, it could also be a web site, or a human utilizing a browser. It is an important feature of the invention that a human user utilizing the discovery or collaboration portal could interact with a mix of automated and human counterparts.
  • the Collaboration portal is used to simultaneously interact with businesses for the purpose of completing a trade.
  • the Collaboration Portal supports multi-company discussion through a discussion board, web-telephony, etc.
  • the Collaboration portal provides a central point to manage the key process steps involved in concluding a trade.
  • the Collaboration portal is an application maintained by the Web Portal.
  • an exchange 161 selects the PAMS to provide services to its business customers.
  • the exchange comprises both a User Type A (it is able to interact with PAMS members through a browser) and a User Type B (its web site uses PAMS for access control).
  • the Exchange initiates the open account process with the PAMS by accessing the ‘become a member’ function on the PAMS's home page in the communication labeled 251 .
  • the Exchange opens an account with the PAMS, it provides all the information necessary for enrollment.
  • the Exchange is instructed to complete a number of online forms which provide specifics on the Exchange and the employee(s) who will be enabled to utilized the PAMS service.
  • the Exchange is also instructed to provide documents which support its authenticity such as SEC filings, etc.
  • the exchange also provides information on its customer base to allow the PAMS to determine whether it will be able to accept all the exchange's customers as members.
  • the PAMS investigates the provided information. In the course of the investigation the Exchange may be contacted multiple times to clarify existing or supply additional information. Customers may also be approached individually to provide any additional required information.
  • the processing steps of the customer joining the PAMS follows the enrollment procedure as previously described.
  • the approved Exchange will personalize the service that the PAMS provides by selecting desired features from a list of available PAMS services. This includes which Authentication provider(s) its customers will utilize, whether the Discovery/Collaboration portal will be utilized by its customers, whether their customers are discoverable by other PAMS members, whether their customers can use personas and interact anonymously, obtain authentication insurance, receive service level analysis reports, etc.
  • Private labeling utilizes Frame-in-Frame techniques, to make the Discovery portal appear to be coming from the exchanges site in appearance, while actually being executed from the PAMS web server.
  • the Authentication Agent electronically provides the exchange with software necessary to authenticate its businesses and collaborate through a web browser in communication 252 . After installation the interface is tested.
  • the Exchange's customers receive required software smart cards and the software needed to authenticate to the PAMS.
  • Business 5 an importer 167 and Business 6 , an exporter 169 are shown receiving their smart cards and software electronically in communications labeled 253 .
  • Business 5 ( 167 ), an importer of textiles, has previously received his smart card and software.
  • Business 5 is a Type A user.
  • the importer signs on to the PAMS by accessing a PAMS home page that has been customized for the Exchange and the Exchange admits Business 5 to enter its site if authentication is confirmed following the procedure which has been previously described.
  • the sign on and authentication process is shown as communication 254 which passes between Business 5 and the exchange web site through the Web Portal, e-speak and the Authentication Agent.
  • communication 255 shown as a communication between Business 5 and the Exchange web site through the web portal 132 and mediated by e-speak 130 and recorded by Audit Provider 142 through the Audit Agent 140 ,
  • Business 5 uses the Exchange's matching services to select a business partner, in this example, Business 6 ( 169 ), which is an exporter of textiles—a Type A user.
  • the importer, Business 5 issues a Purchase Order (PO) to the exporter, Business 6 using the PAMS Collaboration Portal.
  • Business 5 digitally signs the PO.
  • This transaction is shown as communication 256 proceeding from Business 5 to Business 6 through the Web Portal and mediated by E-speak.
  • the signing is accomplished by Authentication Provider 122 .
  • the transaction is recorded by Audit Provider 142 through Audit Agent 140 .
  • the PAMS stores the PO in a deal folder. When the PO is delivered to Business 6 , the PAMS sends a confirmation to Business 5 that the PO was delivered and received.
  • This illustration illustrates an important feature of the Persistent authentication and mediation service, that all communications among the Exchange 161 , Business 5 ( 167 ) and Business 6 ( 169 ) are mediated by the PAMS, whose Audit Agent 140 monitors the transaction, compiles an audit trail, and makes information from the audit trail available to the interacting parties.
  • the exporter's processing policy specifies that before confirming the PO, online verification that the receivable can be immediately sold is required.
  • the exporter, Business 6 uses the Discovery portal to discover a factoring company to provide a cash advance against the future receivable and the request is conveyed to external provider 156 in communication 258 from Business 6 to External Provider 156 .
  • the factoring company 156 reviews the transactions deal file, checks on the credit worthiness of both the exporter and the importer, reviews the reputation ratings and determines whether the transaction meets the factoring companies acceptance policy guidelines. In this example, the factoring company returns a digitally signed commitment that they will purchase the receivable once the goods are shipped in 25 communication 258 , which is forwarded to Business 6 (not shown for legibility). An audit record is made of the commitment which is stored in the deal folder.
  • the PAMS Audit Agent creates a record which is forensic evidence that the exporter properly followed policy and the financing check was actually done.
  • Business 6 then uses the collaboration portal discussion board to request clarification on the Exchanges transaction procedures in communication 259 and the Exchange uses the Collaboration portal discussion board to clarify their processes.
  • the exchange is shown as communications 259 , from Business 6 to the Exchange mediated by e-speak and the exchange's reply shown as communications 260 .
  • Communication 261 shows Business 6 sending the importer a signed PO confirmation.
  • the signing is accomplished by Authentication Provider 122 .
  • the Audit Agent 140 who is monitoring e-speak picks the signed PO for memorialization and sends it to Audit Provider 142 (step not shown for legibility).
  • Business 5 receives the confirmation in a communication 261 .
  • Business 6 prepares the goods for shipment.
  • the PAMS has the ability to produce the persistent evidence that not only were the transactions signed on a particular time and date, but the entire transaction was monitored and documented at each step along way to the deal; the buyer's, seller's, and third parties' processes were met.
  • Non-repudiation is made possible by the forensic evidence that is collected which documents the commitment of the deal parties.
  • a review of the transaction's audit trail supports the ability to ensure the transactions meet each party's policy requirements.
  • the Exchange caused its customers to be enrolled for a subset of the complete service provided by the PAMS.
  • An Fxchange customer could also sign up independently of the Exchange and have access to all the PAMS services.
  • the Exchange could decide to form a relationship with another business member of the PAMS, for example, to allow the business member to have access to the Exchange's services without having to sign on (the same process is utilized as when establishing a relationship between any two businesses).
  • PAMS Agent 120 .
  • PAMS is designed to work with specialized AP's ( 122 - 124 ).
  • An AP can specialize, for example, in authenticating mobile users, or in providing authentication insurance to users.
  • AP's act as Certificate Authorities (CA) as long as they are certified and support standard X.509v3 certificates.
  • CA Certificate Authority
  • PAMS can interface to a business's existing CA to generate software smartcards containing the user's certificate again, as long as they are certified and support standard X.509v3 certificates.
  • the business's CA acts as a specialized AP.
  • External authentication providers are registered to the e-speak repository ( 130 ) by PAMS Agent and must adhere to the PAMS's standard e-speak contract.
  • Registration is composed of a number of functions:
  • FIG. 15 shows a flow diagram of the normal PAMS workflow.
  • a session token a.k.a cookie
  • the cookie is only valid within a fixed time frame and subject to certain pre-defined conditions, e.g., user logs out, that may invalidate it any time.
  • the client uses the cookie to access resources as allowed without further need for authentication.
  • the entire authentication process is always monitored and logged by the audit agent.
  • the audit agent as instrumented by system policies, can also monitor certain events that happen later in the authenticated session. Events such as document signing will always be audited, unless explicitly disabled by the PAMS.
  • XML is not the only data transfer format in PAMS.
  • ESIP-based exchange for instance, is more suitable in cases where performance and programmatic flexibility are paramount. In fact, e-speak even allows a hybrid approach where the payload of a ESIP message can be XML data.
  • PAMS defines several custom vocabularies. Here they are defined in e-speak XML schemas, although they can be equivalently defined using J-ESI, e-speak's Java programming interface. For more details, see Chapter 14 of the E-speak Programmer's Guide.
  • Vocabularies in e-speak are Core-managed resources, and they are handled by e-speak directly.
  • the following XML request example shows how an authentication service registers using the pre-registered PAMS vocabulary.
  • the request is processed by the service provider administration console.
  • the URL element within the service Data element indicates that this service is accessible through a URL link.
  • the following XML request example shows how business clients are located using the pre-registered PAMS vocabulary. Client lookups are handled by e-speak directly.
  • a business client or employee registers using the Persona vocabulary.
  • the resource handler for user registration is not initially part of e-speak Core; instead, it is handled by PAMSportal's user registration module, as indicated by the e:to attribute in example below. However, if some of the user registrations are to be discoverable through e-speak, then the registration module can internally register the entries with e-speak through the standard service registration mechanism.
  • Both authentication and audit agents are registered with e-speak through the same XML template.
  • PC's can be standard machines with 100 Meg of hard disk space and 32 Meg of memory.
  • Windows 2000/95 are some of the operating systems that can be used.
  • Servers can also be standard machines available from HP, Sun, etc., UNIX or Windows NT 4.0/SP4 are some of the operating systems that can be used. Servers should have a minimum of 100 Meg of disk space and 256M of memory.
  • the system is started by the following steps:
  • the PAMS agents also register the default authentication and audit service handlers with e-speak. Since these agents are system default, they can simply be called by name by other PAMS portal modules.
  • PAMS's administration console This is done by PAMS's administration console. The procedure will be different depending on whether the service provider is internal or external. Internal service provider comes with a service description file describing full details of the service. The console picks up the configuration file for registration. External service provider, on the other hand, is typically discovered through e-speak's advertising service. In the case where the service's ESURL is known, the discovery step can be skipped, and the console can connect to the service directly through e-speak.

Abstract

The invention pertains to a method, on-line service, and system, for creating partnerships based on trust relationships over a public network, authenticating trade partners, infrastructure providers, and collaborators to each other, and providing users with an environment suitable for conducting transactions requiring a high level of trust. A service according to the invention is a persistent authentication and mediation service (PAMS) which is provided as an on-line service. One embodiment is a method for conducting authenticated business transactions involving microprocessor equipped devices over the Internet comprising: A. Providing an on-line authentication service available on the distributed network; B. Authenticating a plurality of users to said on-line authentication service using a closed authentication system to produce a plurality of authenticated users; and C. Connecting a group of at least two of said plurality of authenticated users under persistent mediation of said on-line authentication service, producing a connected group of authenticated users.

Description

  • This application is a continuation of application Ser. No. 09/875,088, which in turn claimed the benefit of Provisional Patent Application No. 60/229,368 filed Aug. 30, 2000, and specifically references PTO Disclosure Document No. SV01257 which was filed on Jun. 11, 2000 and PTO Disclosure Document No. SV01343 which was filed on Jan. 17, 2001.
  • BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The invention relates to a system and method for conducting authenticated business transactions over an open multi-platform public network.
  • 2. Description of the Prior Art
  • The formation of the World Trade Organization and the general reduction in barriers to trade often referred to as globalization, which has taken place in the past decade, has resulted in a great expansion of international global trade. Global trade requires a special infrastructure to support transactions. Differences in customs, legal systems, language and currencies increase the complexity and risk of conducting business internationally. Global trading partners often mitigate the risks by engaging banks to intermediate transactions. Trading partners are willing to pay a significant fee of approximately 1% of the goods' value to banks in exchange for reducing trading risk by substituting the creditworthiness of the bank for the buyer. Another way to mitigate global risks and avoid large bank fees is through leveraging strong relationships between trading partners. In this method, the buyer and seller have established a trusted relationship prior to the transaction, which gives the seller enough confidence to ship the goods subject to later collection, usually upon invoice. The ability to leverage trusted long term relationships is certainly advantageous, but is becoming increasing difficult, especially over the Internet. Global traders looking to quickly establish new trading relationships to increase sales or to reduce costs must either go through a time consuming process to develop the relationship over time, or incur a risk since verifying the identity of the trading partner in another country is difficult. In any event, the ability to quickly form trusted business relationships is becoming mission critical and central to this capability is the ability to globally ensure the identity of each trading partner.
  • The development of the public Internet and a multiplicity of e-businesses and electronic marketplaces (e-markets) are providing potential counterparts with the theoretical possibility to meet each other and conduct efficient real time trade on a global basis. Electronic commerce has already demonstrated its ability to add efficiency to markets by real time brokering of goods and services in the consumer arena. In the current consumer applications, authentication, payment and credit are generally handled by a simple user-id/password approach for identification and credit card or off-line arrangement for payment. Most business applications also use user-id/password for authentication. This level of authentication, alone, is not sufficient to satisfy the needs for large worldwide e-commerce markets.
  • An alternative and more certain approach to authentication than user-id/password is the use of public key infrastructure (PKI). PKI involves distributing a public key and a private key to users. A message encrypted with the private key can be decrypted with the public key. A common way of using PKI for authentication is to distribute the public key along with a message encrypted by the users private key. The validity of the public key is assured by distributing it in the form of a certificate which has been signed with the private key of a trusted certifying agent. The certificate can be verified using the well known public key of the certifying agent, and the user's public key can be used to decrypt the original message to authenticate the user by verifying that the message was encrypted using the user's private key.
  • The security of PKI is totally dependent on the security of the private key, which is often protected by a hardware key such as a smart card to assure its security. Such systems are quite effective for authentication within a limited enterprise, but are impractical for authentication among a great many users as in global trade, because of the cost and complexity of managing the hardware keys on a large scale. Another drawback of such a system is that there is no effective way to deal with a major breach of security without notifying users of the system, since certificates are self-authenticating.
  • Another technique known as software camouflaging has been developed by Arcot Systems Inc. and has been described the paper “Software Smart Cards via Cryptographic Camouflage” by D. Hoover and N. Kausik (1999 IEEE Symposium on Security and Privacy”) which, similar to the hardware PKI described above, solves some of the objections to PKI. The Arcot technique protects the private key by means of a cryptographic camouflage, which provides similar security benefits to hardware based PKI for closed public-key infrastructure, where messages are only verified by pre-defined trusted entities. This restriction occurs since the method requires that the user's public key be distributed on a certificate in an encrypted form which can only be decrypted by a secret key. The software camouflaging technique is more readily scaled to large numbers of users and curing breach of security is less of an issue since authentication is only handled by a limited number of servers. No means is provided, however, for non-trusted entities to accomplish validation. For this reason the technique could be called pseudo PKI.
  • The current generation of e-commerce applications is directed towards establishing authentication of clients to a particular Internet based services, i.e., connecting a user to a particular Internet based business with which the user is aware and where the user establishes an identification relationship of some type prior to transacting business. Authentication is carried out by each business, by some suitable means whereby he can recognize a person who has previously established a relationship. Several models have become popular. In one simple model, the user knows the URL address of an e-business and contacts the business. The user and business establish a relationship according to a protocol established by the business and thereafter the user authenticates himself according to the protocol, often entering a user name and password which are compared to values stored in a database on the business' server. In another common model the user is directed to a choice of businesses by a portal, whereupon the experience is similar to previous model. Still another class of e-businesses follow the structure of an exchange, where the exchange business establishes relationships with potential buyers and sellers who offer to buy or sell goods or services, such offers being matched in some way—by the exchange. In the exchange model, the actual transaction is usually consummated (payment, shipping, other infra-structure) outside of the exchange directly between the buyer and seller. In all of these models authentication is handled ad hoc according to the protocol set up by the Internet business owner, and in the case of the exchange possibly multiple times by the principals themselves.
  • One advanced model that has been proposed for providing world wide web service provider sites to consumers is that proposed in U.S. Pat. No. 5,815,665. In that patent an online brokering service is proposed which provides user authentication and billing services to allow consumer users to anonymously and securely purchase online services from service provider sites (e.g., World Wide Web sites) over a distributed public network. The user is authenticated by returning a response to a challenge generated by the brokering service which is encrypted with the user's password. The brokering service authenticates the user by decrypting the response using the broker's copy of the password which it has on file. The user's anonymity and billing security are protected because they are held only by the broker rather than being distributed among a variety of service providers. The broker keeps each user's access rights to each service provider on record and provides these to the service provider at each session. Service providers generate a billing event message for each service utilized by the user and independently send each billing event message to the brokering service. The brokering service bills the consumer for services used. While providing an important improvement to the art, U.S. Pat. No. 5,815,665 has a number of deficiencies which limit its use for promoting global trade transactions. First, the degree of authentication is limited to the security of a password, and the password is stored along with the identity of the consumer on the brokering service's database. Second, the service is asymmetric. It is fundamentally based on interaction between two unequal parties, a service provider and a user interacting in a particular way which is defined by the nature of the service provider's web site application. There are no extensions to allow for the two parties to interact and forge a unique deal. Of particular importance in this regard, is that brokering service does not independently mediate the interaction between the user and the service provider but must rely on the report of the user's activities provided by the service provider through the billing event messages, thus allowing for disagreements or repudiation between the user and service provider. Also, there is no provision for the users of the multiple service providers to interact.
  • Another model of authentication involves providing infrastructure for existing business partners to securely share their information and computational resources among partners and allocate access among different users. These systems may provide limited access to users over a public network such as the Internet, but often involve the use of special network hardware for full access or a VPN. These systems are only available for users with a preexisting relationship and do not provide a method for forming a secure trust relationship over a public network. They do not provide a method to simultaneously connect arbitrary combinations of users.
  • The established models do not make optimal use of the Internet to promote global trade. First they leave the users to establish a multiplicity of relationships with different trade partners. The user has to know of the existence of the business and establish a relationship of trust and a basis for future authentication on an ad hoc basis. Also the type of transaction which can take place directly over the Internet is limited to simple transactions which are carried out in the predetermined format determined by the business owner, since the only relationship which has been established is between the user and the business and between the business and certain pre-determined infrastructure providers which have been chosen. This limitation precludes e-commerce transactions which are much more complicated than the standard models which were previously described. For instance, there is no way to make a deal for purchase of a commodity on the sellers Internet business site, and then “shop around” for infrastructure such as financing, shipping, and insurance specific to the unique deal between the buyer and seller. An even more desirable capability which cannot be currently implemented would be for a buyer along with a key partner on another computer to simultaneously shop around to purchase—infrastructure from a variety of vendor-infrastructure provider combinations to optimize a particular procurement. It will be readily apparent that the Internet would be ideal for such optimized purchases if there was a way for appropriate trade partners and infrastructure providers to meet and reliably authenticate their identities.
  • There is a need for an improved authentication system, service and method with the security advantages of hardware smart card PKI which can be practically applied on a very large scale, even on a global basis, over the public Internet so that potential trade partners can reliably locate each other, authenticate each others' identity with great confidence, and establish trusted relationships over the Internet.
  • There is a need for an improved authentication system, service and method which provides an authenticated environment for collaboration between trade partners of different types on an equal basis to formulate complex business transactions.
  • There is a need for an improved authentication system, service and methods which provides for collaboration between business partners in an authenticated environment mediated by a third party so as to prevent repudiation of the collaboration.
  • SUMMARY OF THE INVENTION
  • The instant invention pertains to a method, an online service, and a system, for creating trade partnerships based on trust relationships over a public network, reliably authenticating trade partners, infrastructure providers and collaborators to each other over a distributed network such as the public Internet and providing authenticated users with an environment suitable for conducting business transactions requiring a high level of trust, particularly in world wide trade. The invention addresses the problems of establishing trusted relationships among widely separated and disparate parties which do not necessarily have a preexisting relationship, and providing an environment suitable for forming relationships and carrying out business transactions in a non-repudiation environment. The service acts as a trust broker by providing a unique mechanism for creating, monitoring, and enforcing trust relationships in business transactions involving a network accessed by micro processor equipped devices.
  • The invention pertains to a persistent authentication and mediation service (PAMS) which is provided as an on-line service on a public distributed network such as the Internet. As used herein, a PAMS is an online service provided over the network which is capable of authenticating groups of two or more users to each other by authenticating each user to the PAMS and connecting the authenticated users to each other under persistent mediation of the PAMS. Authentication refers to the processes of a first entity proving its identity to one or more other entities over the network. Mediation refers to the fact that communications between authenticated users pass through the PAMS giving the PAMS the capability to monitor the interaction and compile an audit trail. Persistent refers to the fact that interaction remains mediated during the entire interaction under the PAMS, and messages persist until delivered. Persistent messaging is based on asynchronous communication. The audit trail is compiled by monitoring mediated messages and saving pre-selected or user selectable messages for permanent storage and retrieval. The content of messages may be stored and retrieved.
  • Authentication of a user to PAMS according to the invention is accomplished by a “closed” authentication system, that is one where a prior relationship is required between the user and the authenticating party. The preferable closed authentication system is a closed PKI system, one where the PKI Certification Authority (CA) performs the authentication. The overall operation of the PAMS, however, serves as an “open” authentication system, that is one where the users do not need to have a direct prior relationship, but have trust in each other's authenticity based on the authentication of the other to the PAMS and their connection to each other under persistent mediation of PAMS.
  • One embodiment of the invention is a process for conducting authenticated transactions among users employing microprocessor equipped devices over a distributed public network such as the Internet. The method involves providing a persistent authentication and mediation service (PAMS) on the network which carries out the following acts:
    • 1. enrolling users—this step includes distributing software to each user which enables the user to authenticate to the persistent authentication and mediation service, generating and distributing a private key and digital certificate including a public key to the user in the form of a software smart card, obtaining credentials particular to the user, verifying the validity of the credentials, and storing the credentials in a customer database. Examples of users include the type which accesses the Internet through an Internet Service Provider using a browser. A second type of user uses the persistent authentication and mediation service to control access to a web site or other application, that is accessible to the network without a browser interface. A third type of user could be a network accessible automated software application.
    • 2. authenticating enrolled users to the PAMS using a Public Key Infrastructure (PKI) system which is consistent with storage of the private key and digital certificate in the form of a software protected smart card—this step includes the persistent authentication and mediation service generating a challenge message and sending it to the user seeking to be authenticated, receiving a response generated by the software which was provided to the user which includes an encrypted message and a digital certificate containing the user's public key, decrypting the response using the user's public key, verifying whether the response is authentic and rejecting the user if the response is not authentic. A preferred PKI system is a pseudo-PKI system where the private key is protected by cryptographic software camouflage and the public key is encrypted on a digital certificate by a key which is controlled by the persistent authentication and mediation service.
    • 3. receiving requests from authenticated users to be connected to particular other users.
    • 4. connecting groups of authenticated users under persistent mediation of the persistent authentication and mediation service—groups may include two or more users, and may include users of the same or different types.
    • 5. mediating the interaction among connected users, including supplying authenticated information about each user to the interaction, and optionally removing the identifying information which is normally provided by the distributed network, directly compiling an audit trail of the interaction, and making application level information from the audit trail available to the connected users.
    • 6. providing collaboration functionality to each group of interacting users to facilitate interaction between the users—the collaboration functionality includes a portal for browser users including a message board for posting messages among the authenticated collaborating users, and providing the users with access to the audit trail. Equivalent functionality is provided to transfer the authenticated exchange without a user interface for users not using a browser. The collaboration functionality preferably includes tools needed to exchange digitally signed documents attesting to their agreement.
  • The method embodied by the persistent authentication and mediation service provides the major elements of trust required for conducting trade over a network such as the Internet, wherein trust in the service is substituted for trust in the other party, including:
    • 1. establishing a user's identity and having a trusted party (the PAMS) verify the identity,
    • 2. providing the ability of authenticating the user to others and having others authenticate themselves to the user on line with a high level of confidence and trust based on their trust in the PAMS and persistent mediation of the PAMS during the interaction,
    • 3. providing the ability for users to discover appropriate trade partners based on both their permanent verified credentials and dynamically variable and searchable information, such as a “shopping list” or a current inventory list,
    • 4. providing the ability for anonymous but authenticated introductions among users with only the desired verified information coming with the introduction and without the identifying information which normally accompanies a transaction over a network,
    • 5. providing the ability for two or more users to conduct an interaction which is mediated by the service so that a non-repudiation environment is established,
    • 6. providing a level of abstraction to users which is not tied to a particular URL or address—the PAMS allows authenticated users to locate other enrolled users by criteria and to establish connection with symmetric authentication and providing ability for dynamic changes in membership, and
    • 7. providing a “persistent environment” which allows users to shut down and restart their network presence in the same or different location without losing their relationships.
  • Authentication provided by the PAMS differs from prior art methods which provide for a population of otherwise unrelated members to authenticate to each other. Authentication by the PAMS is a two step process involving first authenticating the users to the PAMS and then connecting authenticated users to each other under persistent mediation of the PAMS. Authentication of a large and disparate group of users to a single authenticating entity to whom they are known, can be done with a much higher level of confidence and trust than direct authentication of the many users to each other. A PAMS according to the invention, provides a way to provide the security possible in the many-to-one authentication while achieving the end results of many-to-many authentication. In the two step authentication process, users maintain the high level of confidence that they have in authentication to the PAMS when they are connected to each other under mediation of the PAMS, based on their trust in the PAMS. Thus the PAMS provides the high level of confidence which is associated with authentication to a single authenticating entity, to the situation where many users need to authenticate to each other. The PAMS provides symmetric authentication of users to each other, as opposed to one way authentication of a user to a service or server. The PAMS provides for authentication of multiple parties to each other. Since all interactions between users is mediated by the PAMS, interactions may be anonymous while still being authenticated. Anonymous transactions are conducted by referencing the identity rather than revealing it. Verified information about authenticated users can be exchanged without revealing the actual identity of the users to each other. The combination of authentication with mediation allows for user management of privacy and negotiation between parties on what will be revealed. This latter feature is important for the early stages of establishing a trusted relationship.
  • A mediated interaction has an audit trail which is maintained under the control of the PAMS, but is available to the users. An important feature of an interaction under the PAMS is that users, including users of different types, interact under circumstances where after their identity is authenticated by the PAMS and they are connected to other users under mediation of the PAMS, the interaction continues to be mediated by the PAMS during the interaction, so that an audit trail is accumulated. The audit trail is available to the users during the interaction. Another key feature is that groups of three or more users may interact. The mediated environment is a key part of establishing trust in the identity of the parties during the authentication process and is the basis for monitoring and enforcing trust during and after the transaction.
  • Since all transactions utilizing the PAMS are mediated and monitored at an application level, it is possible to accumulate an independent rating of users based on performance as monitored by the service. For instance, number of relationships a user or business has, number of deals conducted, dollar value of deals, reliability in responding to requests, response time to responding to requests, etc. This information could be used by a business to monitor performance of employees or by an authentication insurance provider to rate the risk associated with insuring transactions of a particular business or user or by a member in deciding whether to form a trusted relationship with another member.
  • A preferred implementation of the invention utilizes two new classes of network software which are particularly and synergistically suited for providing the PAMS. A preferred implementation comprises a host site connected to the network, the host site including at least one computer server operated by an open software platform providing intelligent interactions, a persistent authentication and mediation service comprising a strong software pseudo-PKI authentication agent operating on the open software platform, an audit agent operating on the open software platform for compiling an audit trail of mediated interactions, and application software operating on the open software platform with functionality for enrolling users, authenticating enrolled users, allowing authenticated users to dynamically find suitable partners according to criteria which they specify, allowing authenticated partners to interact under the mediation of the persistent authentication and mediation service through the open software platform, and allowing members access to the audit trail at the application level, including access to the content of the interaction. The authentication system further comprises a customer database server comprising a database of information about the registered businesses, the database being accessible to the persistent authentication and mediation service.
  • In the context of this application, an open software platform refers to a platform where users and enabled services operating under the platform can interact regardless of their hardware or operating systems, system management strategies, development environments or device capabilities. Intelligent interaction refers to the ability of enabled services to discover, negotiate, mediate, and compose themselves into more complicated services. A preferred open software platform is Hewlett Packard's e-speak, currently available as version 3.01. The e-speak platform is implemented by an e-speak core program which operates on a user's computer or server. In e-speak, enabled services are referred to as e-Services. The ability to discover refers to the fact that when an e-service registers with a host system accessible to the Internet and creates a description of the service it provides, users of the system can automatically discover services which have desired attributes, and contact them without needing to have known about the service in advance or knowing its URL. To negotiate refers to the fact that e-speak negotiates between the requester and provider to eliminate services which are outside of the requested criteria. To mediate refers to the fact that users are connected through the e-speak core and e-speak continuously intermediates the service delivery after the user and e-service have been connected. The mediation is persistent in that an asynchronous message transfer system is provided to retain messages until delivered. While e-speak mediates all interactions, it does not create a permanent audit trail by saving the interactions after delivery. The audit function of PAMS is an application running on e-speak called the audit agent. An audit trail may include the content of an interaction. The audit agent intercepts specified events or messages during mediation based on application level monitoring, and stores them in a database. To compose refers to the ability of e-services to combine themselves into more complex, cascading e-services even dynamically.
  • E-speak is in essence an “operating system” for building e-services operating on the platform. An open software source is provided to build business applications. The e-speak platform does not provide for sufficient security since there is no way provided to protect the user private keys. Also e-speak is intended for services to interact and transact without being centrally managed or provided. Central to the original intent of e-speak, is that a service which is registered according to a known vocabulary, is instantly discoverable to another party through the dynamic discovery feature. A persistent authentication and mediation service according to the invention, requires all users to register with the PAMS to become part of a closed community. The PAMS is antithetical to the original intent of the open software platform and uses it in a fundamentally different manner than intended.
  • A preferred technology for software protected pseudo PKI is a system such as the pseudo PKI system described in U.S. Pat. No. 6,170,058, “Method and Apparatus for Secure Cryptographic Key Storage, Certification and Use”, and “Software Smart Cards via Cryptographic Camouflage” by D. Hoover and N. Kausik (1999 IEEE Symposium on Security and Privacy”). The above technique protects the private key by means of a cryptographic software camouflage, which provides similar security benefits to hardware based PKI but is limited to circumstances where messages are only verified by pre-defined trusted entities. This restriction occurs since the method requires that to maintain security of the private key, the user's public key be distributed on a certificate in an encrypted form which can only be decrypted by a secret key. For this reason, the technique has generally been relegated to authenticating users to a server. Since the public key is only made available in encrypted form the system may be called pseudo PKI. The software camouflage technique places the private key on the user's site so that it is released when the user enters a correct password. The private key is not merely encrypted with the password, however, but it is said to be camouflaged because when incorrect passwords are inputted, in many cases a false but otherwise plausible private key is generated. A challenge message encrypted with a false key is identifiable when submitted for authentication. The software camouflaging technique is readily scaled to large numbers of users since authentication is only carried out by a limited number of servers. This allows for minimal software requirement on the user's network access device and elimination of the need for hardware protection of the private key.
  • The pseudo PKI technology described above has been implemented in software known as WebFort™. Webfort™ is not capable of operating in a distributed e-services environment and is suitable for authenticating users to a server or integrated group of servers which constitutes a resource which the user seeks to access rather than for common authentication of unrelated entities to each other. The WebFort™ system does not support a mediated infrastructure.
  • In a preferred implementation of the instant invention, the WebFort™ functionality is organized into separate components and encapsulated in a custom software container operating on the e-speak core to provide the functionality needed for authentication by the PAMS. The discovery and collaboration features are implemented as software applications operating on the e-speak core. Interactions between users and the PAMS and between users connected through the PAMS are mediated by the e-speak core. An audit trail of mediated interactions is created and preserved by audit agent software operating on the e-speak core.
  • The preferred network is the public Internet, though embodiments of the invention can be applied to other public or private networks as well, and while the methods are described as being capable for facilitating transactions in global trade, it should be appreciated that the invention is equally applicable to smaller distances and other networks and not limited to global trade or the Internet.
  • The combination of the software pseudo PKI authentication agent, the audit agent, and the intelligent software platform provides unexpected benefits for enabling global business transactions. Placing the authentication agent on the intelligent software platform (e-speak) makes it possible to realize the security benefits of PKI in a manner practically suited for use in world trade where there are a large number of users seeking authentication to each other, as distinguished from authentication of users to a single server or service to which they seek access. The use of an encrypted public key in pseudo PKI is not a limitation since the PAMS is an intermediary to authentication and users have no need to know other users' public keys, since the authentication between two users occurs by both being individually authenticated to the PAMS, and then being authenticated to each other through mediation of the PAMS. The combination allows for providing the important elements identified for conducting business in an authenticated environment. In particular, users can dynamically locate suitable partners who are also enrolled in the system based on the software platform's discovery capability, and can become authenticated to other suitable users which have been located. Users have both fixed information which has been verified and dynamically variable data to aid in selection. Once suitable partners have been identified they can be introduced and connected as equals under the mediation of the persistent authentication and mediation service through the open software platform with the same high level of trust and confidence that they would have if each user maintained his own PKI authentication infrastructure. A collaboration environment is provided to facilitate making and memorializing a deal based on the persistent mediation of the software platform and the audit trail created by the audit agent. Sufficient evidence is collected to support non-repudiation. Partners are able to put together a complex project team by locating and seamlessly connecting additional authenticated participants. Workflow tools, authenticated bulletin board interactions, trading partner agreements, and deal libraries are provided.
  • There is an important additional benefit which accrues from using an open software platform such as e-speak on which many user web sites will be operating. When the e-speak core is operating on a user's computer or server, performance of the PAMS will be improved because mediated communications will proceed directly between the e-speak cores by the e-speak Interchange Protocol (ESIP), which is an optimized data transport specifically developed to handle e-speak traffic on heavily used web site.
  • Users may be of any type which has access to the network through a microprocessor equipped device. A first type of user accesses the Internet through an Internet Service Provider using a browser. A second type of user has outsourced authentication for a web site or other network accessible application to the persistent authentication and mediation service. A third type of user could be a web connected automated software application or software operated hardware device. During the enrollment process each user would receive software which allows the particular user type to interact with the persistent authentication and mediation service. Each user would also receive a software smart card containing a camouflaged private key and a digital certificate containing an encrypted public key.
  • Usually users are part of a larger group, generally a business. A business will generally enroll with its own identity which will be verified by the persistent authentication and mediation service as well as a number of users which may include a combination of the types of users. Each user will have one or more personas, each of which contains a subset of the verified business and user information. A persona identifies a user as part of the business as well as a particular unique individual (human or otherwise). Each business and user will also have information which may be dynamically varied by the user, such as a “shopping list” or inventory list. A persona can identify a user's role within a business, such as the user's title and the amount the user is authorized to spend. A persona can be anonymous or not.
  • The authentication process can be initiated by a direct request from the user to the persistent authentication and mediation service, or alternatively by a request to another user's world wide web site which uses the persistent authentication and mediation service to regulate access to the site. In the latter case, the software provided to the web site will refer the user to the PAMS, which will authenticate the user and connect it to the web site, now under mediation of the PAMS. All communications with the persistent authentication and mediation service are mediated through the open software platform and once connected the user's interaction will be mediated by the persistent authentication and mediation service through the open software platform. Once a user has authenticated to the PAMS, it will not be necessary to repeat that process when gaining access to other users where an existing relationship exists or to connect to users which allow access to any user who is authenticated to the PAMS. This is a very useful feature allowing multiple contacts without repeated login procedures. Some users will require that they have the option to review and approve other users before granting them access.
  • A unique feature of the PAMS is its ability to provide one or more additional Authentication Providers (AP) in addition to the default authentication application described above as a part of the persistent authentication and mediation service. These additional Authentication Providers would perform private key software smart card issuance and authentication in some specialized manner such as extremely rapid authentication, an authentication accompanied by authentication insurance, or stronger security due to longer cryptographic keys. Thus the PAMS goes beyond the traditional role of providing a simple confirmation of whether a user is authentic, but allows a user to personalize authentication needs. For instance, some users will only want to deal with other users who use authentication accompanied by authentication insurance. Similarly, PAMS can provide more than one Audit Providers, in addition to the default functionality provided in PAMS. Additional providers may perform special functions such as service quality monitoring, transactional volume monitoring, and status and status monitoring to support functions such as producing a bill for a service provider. PAMS is uniquely situated to monitor members' usage of another member's services and bill accordingly based on the mediation of all transactions. Another similar feature is that PAMS can be used to compile a map of transactions carried out by users. This map would show the type or frequency of contacts with other users. Another similar feature is that users' membership agreements may state that employees can only trade up to the amount they are authorized for the company. PAMS would track the amount purchased through PAMS and proactively notify business of any exceptions.
  • The value the audit agent and audit providers add is the ability to enforce trust relationships.
  • An object of the invention is to provide a method and system for providing a Persistent authentication and mediation service for reliably authenticating potential trade partners, infrastructure providers and collaborators of disparate types and in widely separated locations to each other over a distributed network such as the public Internet and providing authenticated users with an environment suitable for conducting business transactions requiring a high level of trust, particularly in world wide trade.
  • A further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which is suitable for authentication of groups of disparate and widely separated users to each other under circumstances such as global trade where a trusted relationship is required.
  • A further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which will allow users to locate suitable trusted collaborators based on dynamically variable and verified information.
  • A still further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which will allow groups of authenticated users to interact under the mediation of the Service, such that the Service directly compiles an audit trail and information from the audit trail is made available to the interacting users.
  • A still further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which allows for peer to peer mutual authentication of groups users of different types.
  • A still further object of the invention is to provide a method and system for providing a Persistent authentication and mediation service over a distributed network which allows users to substitute trust in the Service for a direct relationship with another user in the steps of finding potential suitable trade partners, authenticating the identity of other users, and conducting a secure mediated interaction with other users.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • These and other features, aspects and advantages of the present invention will become better understood with regard to the following description, appended claims and accompanying drawings, where:
  • FIG. 1 is an overview block diagram of a preferred Persistent Authentication and Mediation Service (PAMS) which shows the system architecture.
  • FIG. 2 is a diagram which shows a typical load balancing configuration of a PAMS system.
  • FIG. 3 is a block diagram showing the key process steps of a PAMS.
  • FIG. 4 is a block diagram showing the registration process.
  • FIG. 5 is a block diagram showing the authentication process.
  • FIG. 6 is a block diagram showing the discovery process.
  • FIG. 7 is a block diagram illustrating the process whereby two users establish a relationship.
  • FIG. 8 is a block diagram illustrating the collaboration process.
  • FIG. 9 is a block diagram illustrating an application of a PAMS to an exchange (Example 3).
  • FIG. 10 is an exemplary Home Page for a PAMS.
  • FIG. 11 is an exemplary Discovery Portal for a PAMS.
  • FIG. 12 is an exemplary Persona Portal.
  • FIG. 13 is an exemplary Collaboration Portal.
  • FIG. 14 is a drawing which shows typical hardware for a PAMS.
  • FIG. 15 is a flow chart of a normal PAMS workflow.
  • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • General Description of the Service
  • The instant invention pertains to a method, an online service, and a system, for reliably authenticating trade partners, infrastructure providers, and collaborators to each other over a distributed network such as the public Internet and providing authenticated users with an environment suitable for conducting business transactions requiring a high level of trust, particularly in world wide trade.
  • One preferred embodiment of the invention is an on-line persistent authentication and mediation service (PAMS) which is provided on a distributed public network such as the Internet. As used herein, a PAMS is a service provided over a network which is capable of authenticating groups of two or more users to each other by authenticating each user to the PAMS and then connecting authenticated users under persistent mediation of the PAMS. Authentication refers to the processes of a first entity proving its identity to one or more other entities over the network. Mediation refers to the fact that communications between authenticated users pass through the PAMS giving the PAMS the capability to monitor the interaction and compile an audit trail. Persistent refers to the fact that interaction remains mediated during the entire interaction, and the messages are transferred asynchronously so that the service maintains the message until it is delivered. In the context of this application, an on line PAMS is a service which is provided over a public network, such as the Internet, which is directly accessible to users of the network having the ordinary hardware to access the network, based on authentication and persistent mediation supplied by the PAMS.
  • Authentication among many users, according to the invention, is thus a two step process comprising authentication of each user to the PAMS followed by connection of the authenticated users through mediation of the PAMS. The two step process allows unexpected benefits in level of security and trust in the authentication and scalability to a system, particularly when there are a large number of widely separated users of many different types seeking to authenticate to each other. It should be appreciated that authentication of many users to a central party (many-to-one authentication) is intrinsically subject to much greater security and assurance than providing for each of the many users to authenticate directly to each other (many-to-many authentication). Yet, the needs of e-commerce as applied particularly to global trade require the more difficult many-to many requirement to be solved. A PAMS according to the invention, provides a way to provide the security possible in many-to-one authentication while achieving the end results of many-to-many authentication.
  • In general, the goal of authentication in large scale electronic commerce is to provide the capability for “stranger-to-stranger” authentication, that is authentication of any two parties where the parties have complete trust that they know who they are dealing with while having had no prior relationship. In fact, what is required is the even more difficult task of authenticating a group (two or more) of strangers to each other. This can be accomplished in principal with a Public Key Infrastructure (PKI) where each party has a private key and a public key. The private key is known only to the owner while the public key is readily available but associated in some way with the owner. In order to be useful for authentication the private key must be subject to the strictest security measures so that no other party can have access to it or invoke it. Also a trustworthy third party must verify the public key/private key pair and verify that the private key is in the possession of the actual person seeking to use the keys for authentication. This is usually done by a trusted third party certification authority (CA) issuing a digital identity certificate binding the identity of the owner to a public key and signing the certificate with the private key of the CA (signing is the process of encrypting a message or digest of a message with a party's private key so that a person seeking to authenticate the message can do so by decrypting the encrypted message with the party's public key and comparing the decrypted message with the original message or digest to see whether they are identical.) The method is no more secure than the confidence in the identity certificates and the confidence in the security of the private keys. In practice a very extensive infrastructure would need to be supplied to accomplish a secure stranger-to-stranger system, usually employing a second agent known as a Registration authority (RA) who verifies the actual identity of a party seeking a certificate, obtains the public key, verifies that the party is in possession of the private key and that the private key is secure, and arranges for the secure delivery of the certificate. An authentication system such as described above is often called an “open” authentication system, in that parties may authenticate without having a prior direct relationship to each other.
  • A less satisfactory approach to PKI for authentication in a closed authentication system may be realized through requiring a user to share information they know or otherwise producing evidence of their identity. Many authentication techniques have been developed for this purpose such as user-ID/password, and symmetric cryptosystems, such as Kerberos. These systems provide a lesser degree of security than PKI, and are not generally satisfactory, but may be acceptable when combined with the extra security PAMS mediation provides. For example, a user-ID/password could be supplemented by PAMS requiring the user to answer a question based on information in the PAMS audit trail.
  • The many-to-one model is intrinsically more secure than the many-to-many model simply because the certificates are only used by the one party which authenticates users seeking to use the resource which it protects. Ideally the authenticating party is also the CA and RA, or is closely related to them. This is a model often used for authentication within an enterprise where the authenticating party is protecting access to some resource, where the group is a limited in size and has a “real life” relationship to the authenticating party through the enterprise. It is often practical, in such an environment, to protect the private keys with very secure devices such as hardware smart cards, and to provide a further measure of security by encrypting the public key with a key known only to the authenticating party. Such a system provides a very high level of security and a very high level of confidence or trust that a user seeking authentication is the party it purports to be. An authentication system is said to be closed when a party being authenticated requires a prior relationship with the authenticating party. Thus a PKI architecture is often termed to be “closed” when only the CA relies on the identity certificates for authentication. In such a system parties must have a prior relationship with the CA prior to authentication.
  • The complexities of the many-to-many model generally preclude the use of secure devices such as hardware smart cards which become impractical to manage and prohibitively expensive for a large, disparate, and widely separated user population. Further, the identity certificates must be usable by each of the users to authenticate the identity of other parties. This situation is the familiar open PKI, which is well known in the art today, where users are forced to rely on identity certificates generated by an unrelated CA whose degree of diligence in verifying the true identity of the certificate holder is suspect, and where the security of the private keys may vary from user to user.
  • A PAMS according to the invention, is a hybrid of open and closed architectures in that it provides users authenticating to each other in a many-to-many environment with the high degree of confidence and security that characterizes the many-to-one environment because each user in fact begins a session by authenticating itself to the PAMS according to the many-to-one closed model where only the PAMS must directly rely on the identity certificates, and it has issued those certificates. The users then authenticate with other users by virtue of their trust in the PAMS and their connection to the other users which is mediated by the PAMS. Users of the PAMS have their identities verified through an enrollment process prior to being eligible for authentication to other users. Authentication of a first user and a second user in PAMS is accomplished by the first user and the second user authenticating to PAMS using a closed system architecture, preferably a closed PKI architecture, and then authenticating to each other by PAMS connecting the first member to the second member to each other using the persistent mediation of PAMS.
  • It should be noted that a novelty of the instant invention is the application of a closed authentication model system to a model that can comprise many members authenticating to each other, for instance in a manner consistent with meeting the demands of authentication among trading partners in global trade conducted over the Internet.
  • A PAMS according to a preferred embodiment of the invention authenticates users based on a PKI system where the private key and digital certificate are secured by software. This is important so that the system will be practically scaleable to a population of many distant and disparate users. Registration, distribution and administration can be accomplished over the network. A preferred PKI system involves protection of the private key by cryptographically camouflaging it in a software container, i.e., a software smart card. This system provides the same level of protection as hardware smart cards under circumstances where the public key is encrypted so as to be accessible only to the party performing authentication. The structure of the PAMS allows adherence to the latter condition.
  • It should be noted that while PAMS issues software smart cards, the cards will generally conform to standards which allow it to interact with other devices. For instance the Public-Key Cryptography Standards (PKCS) defines a set of intervendor standard protocols for making possible secure information exchange on the Internet using a PKI. PKCS #11 defines a technology independent programming interface known as Cryptoki, for cryptographic devices such as smart cards and PCMIA cards. The preferred embodiment of the invention is compatible with PKCS #11. Those skilled in the art will appreciate that a PAMS could also adopt alternate compatibility standards. Thus it is possible for an application to request credentials from their software smart card just as if it were a hardware card, and for PAMS to accept credentials from a hardware card. PAMS establishes a Trust domain which follows a single certificate Policy statement so that all users trust the authentication from anywhere in the domain. The main Trust domain of the preferred embodiment uses software smart cards as the authentication approach. However PAMS offers a capability to recognize and authenticate credentials of external Registration Authorities defining Trust Domains external to PAMS and securing user credentials in a compatible device. Of course to maintain the PAMS trust integrity, i.e., that any user in either domain will trust the authentication of another user through PAMS, external Registration Authorities require a higher level of security validation to PAMS prior to service.
  • Privacy is an important issue in PKI. Since the identity of a party is an integral part of the identity certificate, it is awkward to separate authentication from the party's actual identity, without having a plethora of identity or attribute certificates for each user. In a PAMS according to the invention, a user inherently reveals its identity to the PAMS, but has the ability to control which information is passed on to the other party, making it possible to have an anonymous authenticated interaction. For instance a view of a user's relevant verified credentials or role within a company could be passed on without actually identifying the user.
  • Authentication is the first part of a trust relationship. Since users are connected under mediation of the PAMS, the interaction continues to be monitored by the PAMS, establishing an audit trail which is accessible to the interacting users. The PAMS provides a non-repudiation environment which ultimately supports enforcement of the results of the interaction. The PAMS provides functionality which allows users to discover other members according to dynamically variable criteria, based on information which has been verified by the PAMS as well as user controlled information. The PAMS provides functionality for collaboration between members and documentation of the collaboration based on the audit trail compiled due to the mediation function. Collaboration may include many normal network functions provided in a non-repudiation environment, such as certified delivery electronic mail and ability to sign documents and verify the signing.
  • Trust may be based on the reputation of a party, that is a generally held opinion about the party. A party may have confidence or trust in another party based on his own experience in dealing with the party. This method often used in every day transactions and is often a time consuming learning process based on a sequence of transactions involving gradually increasing importance. Trust may also be based on general reputation in a community where the parties interact. Trust may also be based on recommendations of other parties. Finally, trust may be based on insurance obtained from an outside source.
  • The structure of the PAMS provides an unexpected benefit in providing a basis for establishing trust in direct transactions over a public network such as the Internet without necessity of any relationship other than PAMS. The PAMS begins the establishment of trust by verifying the identity of users and verifying their credentials in an enrollment process prior to issuing an identity certificate. The PAMS also has the ability to allow a user to select from alternative authentication options which offer different levels of security, convenience, and cost. Since interactions between users are mediated by the PAMS, the PAMS may obtain a continuously evolving independent rating of a user based on the number, type, and quality of interactions, and a reputation based on feedback from other users. This information can be supplied to other users considering establishing a relationship or by an insurance provider who can provide insurance for a transaction based on the reputation or the party's authentication security level.
  • The preferred method for providing a persistent authentication and mediation service (PAMS) on a public distributed network involves the following acts:
    • 1. Providing an online service, available on the network, which is capable of authenticating users and connecting authenticated user with persistent mediation of the online service.
    • 2. enrolling users—This step includes distributing software to each user which enables the user to authenticate to the persistent authentication and mediation service, generating and distributing a private key and a public key to the user in a software protected form supporting a closed PKI architecture, obtaining credentials particular to the user, verifying the validity of the credentials, and storing the credentials in a customer database. Examples of users includes the type which accesses the Internet through an Internet Service Provider using a browser. A second type of user uses the persistent authentication and mediation service to control access to a web site. A third type of user could be a web accessible automated software application.
    • 3. authenticating enrolled users to the common authentication system using the software Public Key Infrastructure (PKI) system.—This step includes the persistent authentication and mediation service generating a challenge message and sending it to the user seeking to be authenticated, receiving a response generated by the software which was provided to the user which includes an encrypted message and a digital certificate containing the user's public key, decrypting the response using the user's public key, verifying whether the response is authentic and rejecting the user if the response is not authentic. A preferred PKI system is a pseudo-PKI system, one where the private key is protected by cryptographic software camouflage and the public key is encrypted by a key known only to the persistent authentication and mediation service. Such a system has the advantage of providing a very high level of security and confidence in the PAMS structure while being scaleable to a large and diverse population since the identity certificate and software smart card are distributed over the network. The preferred pseudo-PKI system will be described in detail later in the application.
    • 4. receiving requests from authenticated users to be connected to particular other users—The PAMS provides a dynamic discovery functionality whereby authenticated users may locate other enrolled users according to search criteria. Users may search the dynamically variable PAMS data based on verified credentials and user variable information such as a “shopping list” or inventory. The user may simply click on a discovered user to contact that user. Of course, a first user may know the URL of a second user's web site on the Internet. If the second user utilizes the PAMS for authentication, the first user will be directed to the PAMS by the software provided to the second user's web site. The first user will then be authenticated to the PAMS as described in step 2 and connected to the second user under mediation of the PAMS. Some web sites may choose to use the PAMS as the sole means of controlling access to the site. In this case an entity which has not completed enrollment in the PAMS will be referred to the enrollment function of the PAMS.
    • 5. connecting groups of authenticated users under mediation of the persistent authentication and mediation service—groups may include two or more users, and may include users of the same or different types.
    • 6. mediating the interaction among connected users, including supplying authenticated information about each user to the interaction, and optionally removing the identifying information which is normally provided by the distributed network, directly compiling an audit trail of the interaction, and making information from the audit trail available to the connected users. Mediation is a valuable feature which most users will wish to retain throughout an interaction. However, in some cases users may choose to disable mediation, and continue the interaction without mediation and the audit trail. Mediation is mandatory for establishment of full trust during authentication, but optional after authentication.
    • 7. providing collaboration functionality to each group of interacting users to facilitate interaction between the users—the collaboration functionality includes a portal for browser users including a message board for posting authenticated messages among the collaborating users, and providing the users with access to the audit trail. Equivalent functionality is provided through API's to transfer the authenticated exchange without a user interface for users not using a browser. The collaboration functionality preferably includes tools needed to exchange digitally signed documents attesting to their agreement. Another preferred collaboration capability which derives from the mediation of interactions is that electronic mail exchanged between parties can be certified, that is a receipt is generated when the mail is delivered and/or received.
  • A persistent mediated interaction has an audit trail which is maintained under the control of the PAMS, and is available to the users. An important feature of an interaction under the PAMS is that users, including users of different types, interact under circumstances where after their identity is authenticated by the PAMS and they are connected to other users under mediation of the PAMS, the interaction continues to be mediated by the PAMS during the interaction, so that an audit trail is accumulated. The audit trail is available to the users during the interaction and may include the content of the interaction. Exactly what content will be preserved is user determined. Another key feature is that groups of three or more users may interact. The mediated environment is a key part of establishing trust in the identity of the parties during the authentication process and is the basis for monitoring and enforcing trust during and after the transaction.
  • Mediation of interactions also provides capabilities which are ancillary to authentication. One capability is for businesses to monitor the quality of service provided by their business partners. Another example is to monitor the response time experienced by visitors to the business's site.
  • Mediation is a valuable feature which most users will wish to retain throughout an interaction. However, in some cases users may choose to continue the interaction outside of the PAMS mediation and the audit trail. Mediation is mandatory for establishment of full trust during authentication, but optional after authentication. Users may elect to carry on interactions through a parallel connection which is not mediated by PAMS. PAMS may readily be configured to offer users to alternate between the mediated and direct connection.
  • When all transactions are mediated, PAMS provides the optional feature of monitoring one user's use of another user's resources, and billing for those resources. Another optional feature is to compile a transaction usage map for users which reveals the identity and frequency of user contacts with other user's. This feature can provide a valuable tool for analyzing a user's business patterns, for instance identifying bottlenecks.
  • Another optional feature is the capability for authenticated users to interact with network users which are not authenticated or even enrolled in the PAMS. For instance an authenticated Internet user accessing the PAMS with a browser may access a web site which not enrolled in the PAMS by entering the URL into the Discovery Portal. A user which is connected to the non-enrolled site does not enjoy the full benefits of PAMS, however the interaction will be mediated by the PAMS, including the audit trail. The authenticated user will also have the capability of anonymous interaction with the non-enrolled site, since the PAMS can remove the identifying header information from the Internet message.
  • Another application of persistent authenticated mediation is anonymous processing credit card transactions. In current applications, a cardholder transmits his credit card information to a merchant over an Internet connection. The merchant, in turn, seeks authorization by transmitting the information to the merchant's bank (called the acquiring bank) which in turn seeks authorization from the card holder's issuing bank. An approval is passed back to the merchant, through the acquiring bank, and the merchant completes the transaction. In the PAMS mediated transaction, the card holder has authenticated to PAMS, and is shopping with the merchant under mediation of PAMS through a PAMS application, for example a wallet program such as Netar operating as a PAMS application program. The cardholder enters his credit card information into the wallet, and a corresponding reference TD is created. The reference ID looks like a credit card number and is partly composed of random numbers the cardholder can enter, as well as required information such as the (Bank Identification Number) BIN number of the Payment Processor who is a PAMS external Service Provider. The Payment Processor also has access to the credit card network (such as VISA or Mastercard). When a payment is to be made, the reference ID is passed to the merchant in place of a credit card number. The merchant thinks the reference ID is a credit card number and passes it on to the acquiring bank. The acquiring bank sends the transaction to the Payment Processor whom the acquiring bank thinks is the issuing bank. The Payment Processor obtains the card holders actual credit card number and billing address from Netar, which is passed to the issuing bank for authorization. Authorization or rejection is passed back to the merchant through the Payment Processor and the acquiring bank. The cardholder's interaction with the merchant can be as anonymous as desired, and the cardholder's confidential information is not transmitted over the Internet (only the transactions involving the merchant and the cardholder are transmitted over the Internet—all others are high speed secure transmissions). Additional benefits accrue when the Payment Processor is also the acquiring or issuing bank.
  • A unique feature of the PAMS is its ability to provide one or more additional Authentication Providers (AP) in addition to a default authentication application which was described above as a part of the persistent authentication and mediation service. These additional AP's all interface through the default authentication application and await service requests from the default application. These additional Authentication Providers would perform private key software smart card issuance and authentication in some specialized manner such as extremely rapid authentication, authentication accompanied by authentication insurance, or authentication specialized on a certain geography or device type. Additional AP's may also be the interface to alternative trust domains having credentials issued by an RA external to PAMS. Thus the PAMS goes beyond the traditional role of providing a simple confirmation of whether a user is authentic, but allows users to personalize authentication needs. For instance, some users will only want to deal with other users who use authentication accompanied by authentication insurance.
  • Another feature of PAMS is the option to provide alternative audit providers which interface through the default application audit provider similarly to authentication providers. Alternative audit providers may offer special auditing services such as auditing service quality, business transaction volume and status, and state of the art messaging system. Audit providers may offer different levels of security or safety of storage.
  • The presence of additional authentication providers and additional audit providers enable a particularly attractive options for privacy and security of users. The additional providers may be internal (providers which are located at the same physical setting and get started in the PAMS boot-up process) or external (providers which reside elsewhere on the network). By choosing external authentication and audit providers a user may choose where his information resides and how it is secured. This feature of the PAMS architecture, allows the user the ability to separate identification information (coming through the authentication agent) from transactional information (coming through the audit agent). The user is able to see the data transparently combined through the web portal while the data are actually coming from multiple places. This feature allows users a method by which fully authenticated users can transact anonymously with other users.
  • Usually users are part of a larger group or enterprise of some type, generally a business. For convenience in this application, since a primary target of the invention is international trade transactions, the word business will be used to refer to entities of all types, including all entities comprising one or more users with some connection which causes them to be grouped for the purpose of authentication. A business transaction or transaction will similarly refer to the interaction between two or more users. Even though the embodiments will be described in terms of businesses and business transactions, it will be appreciated by those skilled in the art that that the invention includes all type of transactions which benefit by authentication and trust among the parties.
  • A business will generally enroll with its own identity which will be verified by the persistent authentication and mediation service as well as a number of users which may include a combination of the types of users. Each user will have one or more personas which contains a subset of the verified business and user information. A persona identifies a user as part of the business as well as a particular unique individual (human or otherwise). Each business and user will also have information which may be dynamically varied by the user, such as a “shopping list” or inventory list. A persona can identify a users role within a business, such as title, and the amount the user is authorized to spend. A persona can be anonymous or not and a user may have both identified and anonymous personas. Anonymous personas are a significant in light of the PAMS's ability to provide for authenticated anonymous interactions.
  • When the PAMS uses the preferred pseudo-PKI system, where a user's public key is contained in encrypted form on an identity certificate which is forwarded to the PAMS with the challenge response, a significant security benefit is realized, in that there is no need for the PAMS to store the public key or other access parameter on the authentication server making a breach of the system much less likely.
  • The authentication process can be initiated by a direct request from the user to the persistent authentication and mediation service or alternatively by a request to another user world wide web site which uses the persistent authentication and mediation service to regulate access to the site. In the latter case, the software provided to the web site will refer the user to the PAMS, which will authenticate the user and connect it to the web site, now under mediation of the PAMS. All communications with the persistent authentication and mediation service are mediated through the open software platform and once connected the user's interaction will be mediated by the persistent authentication and mediation service through the open software platform. Once a user has authenticated to the PAMS, it will not be necessary to repeat that process when gaining access to other users where an existing relationship exists or to connect to users which allow access to any user who is authenticated to the PAMS. This is a very useful feature of allowing multiple contacts without repeated login procedures. Some users will require a selection process before establishing a relationship. Authentication of a user to the PAMS will generally expire after passage of a specified period of time or upon execution of a log off procedure.
  • A very important feature of the PAMS is that the PAMS provides a platform to form new relationships which did not previously exist. Enrolled users of the PAMS can find other users by searching the dynamically variable database of verified and user variable data to find suitable partners. Some users will accept any potential “customer” as a partner, while others will have qualifying criteria which they can verify based on the credentials maintained in the PAMS database. A preferred optional feature of the PAMS is to provide work flow processes which allow a first user to screen the persona of a second user against predetermined criteria, and either accept or reject formation of the relationship based on the comparison. An example is a business with a web site which is enrolled in the PAMS and uses the PAMS to control access to its site. For instance, the business may indicate that it wants to form relationships with any user which is authorized to make purchases over $100,000. Prospective partners which discover the business from the discovery portal will be transparently screened by the PAMS and admitted or not based on the result of the screening.
  • Combining authentication with persistent mediation provides an unexpected benefit in establishment of trust in interactions over the Internet. Just as many to many group communication tends to be more complex than one to many communication, security in the many to many context is harder to achieve. As group membership changes, trust among group members may change, and a trust providing infrastructure must be dynamic to accommodate the changes. The amount of trust placed in a digital certificate decreases over time, as an older certificate is more likely to have been compromised. CA's typically renew certificates once a year in an open PK. Thus the relationship between a CA and a customer is normally based on infrequent contact. PAMS on the other hand is continuously involved in the end to end transactions performed by a customer, providing continued performance monitoring and being alerted to changes in status and consequently decreased risk. Information content which is available on the Internet, has generally no meaning without a well-understood context. In the case of global commerce, the context itself is in a constant state of change as parties interact and new traders appear and disappear. The combination of authentication and persistent mediation provided by PAMS provides a persistent context to the information content.
  • Once established with a group of enrolled users, the PAMS and the enrolled users form a virtual network which exists on a public network such as the Internet. Enrolled users sign on to the network when they begin a session by authenticating to the PAMS. They may search for other members using the PAMS, and interact with other members with trust in their identity based on entry to the network being guarded by the PAMS. All interactions between users over the virtual network are mediated by the PAMS. The virtual network provides a particularly convenient forum for its users due to the ability to access other users seamlessly without repeated login procedures.
  • Description of the System Architecture
  • While the service described could be implemented in many different embodiments, the preferred implementation of the invention utilizes two new classes of network software which are synergistically suited for providing the PAMS. The preferred implementation comprises a host site connected to the network, the host site including at least one computer server operated by an open software platform providing intelligent interactions, a persistent authentication and mediation service comprising a software pseudo PKI authentication agent operating on the open software platform, an audit agent operating on the open software platform for monitoring and storing mediated messages, and application software operating on the open software platform with functionality for enrolling users, authenticating enrolled users, allowing authenticated users to dynamically find suitable partners according to criteria which they specify, and allowing authenticated partners to interact under the mediation of the common authenticating service through the open software platform. The authentication system further preferably further comprises a customer database server separate from the open software platform comprising a database of information about the registered businesses, the database being accessible to the persistent authentication and mediation service, though it is possible to include the information within the database maintained by the open software platform.
  • In the context of this application, an open software platform refers to a platform where users and enabled services operating under the platform can interact regardless of their hardware or operating systems, system management strategies, development environments or device capabilities. Intelligent interaction refers to the ability of enabled services to discover, negotiate, mediate, and compose themselves into more complicated services. The platform is analogous to an operating system, but instead of just mediating fixed requests from a process for resources and mapping virtual addresses to actual addresses, the operating system is capable of mediating global Internet services. All of the major functions of the service are preferably implemented through the open software platform, which mediates all interactions between PAMS and users. A preferred open software platform is Hewlett Packard's e-speak, currently available as version 3.01. The e-speak platform is implemented by an e-speak core program which operates on a user's computer or server. In e-speak, enabled services are referred to as e-Services. The ability to discover refers to the fact that when an e-service registers with a host system accessible to the network and creates a description of the service it provides, users of the system can automatically discover services which have desired attributes, and contact them without needing to have known about the service in advance or knowing its URL. To negotiate refers to the fact that e-speak negotiates between the requester and provider to eliminate services which are outside of the requested criteria. To mediate refers to the fact that users are connected through the e-speak core and e-speak continuously intermediates the service delivery after the user and e-service have been connected. Users do not normally interface directly, interactions are by default mediated by the service. As previously mentioned there may be times when users prefer to interact directly without mediation. A preferred embodiment of PAMS includes the capability to alternate between mediated and direct interaction after authentication has been completed using persistent mediation. To compose refers to the ability of e-services to combine themselves into more complex, cascading e-services even dynamically. While e-speak is the preferred open platform, other open platforms which could be well suitable for providing the service, such as those provided by Microsoft, IBM and Sun, particularly platforms which provide the capability for discovery, negotiation, and mediation as described above. Another alternative embodiment is to build the necessary functionality into a dedicated software package performing similar functions as e-speak.
  • An essential part of the service of the instant invention is an authentication agent which is part of the PAMS. The authentication agent performs the first step in the authentication process, namely authenticating a user to the PAMS. In the preferred embodiment the authentication agent comprises software functionality operating on the open software platform. The combination of the common authentication agent with the open software platform is a particularly synergistic combination in that authentication agent performs the authentication of a user to the PAMS, while the open platform provides the persistent mediated connection between authenticated users. The open software platform mediates the exchanges between the authentication agent and the various users and then the interaction between authenticated users interacting under the PAMS.
  • Another essential part of the service is an audit agent, which like the authentication agent is a software application operating on the open software platform. While e-speak mediates all messages the messages are only stored until delivered. The audit agent performs logging and monitoring for all transaction events that occur in the system. The audit agent intercepts all interested events during mediation by the e-speak core and stores them in a permanent store such as a database.
  • Another essential part of the service is a PAMS database. The PAMS database component contains the customer relationship management (CRM) information for each registered user. Such information includes user-specific reputation ratings, business partners, past and current dealings, and so forth that are personalized for each user.
  • Other features for promoting business transactions requiring trust, such as the ability to enroll users and compile a customer database of verified and variable information about users, ability for authenticated users to dynamically discover other enrolled users based on the information in the customer database meeting particular criteria, and to transact business with authenticated partners under the mediation of the service to provide for non-repudiation of the transactions, are preferably provided as software applications operating on the open software platform either integrated into a single package, or as separate software applications. In the preferred embodiment these software application these functions are part of the extensible Web Access component of e-speak and are known as the Web Portal. The Web Portal is accessible via xml/https or ESIP via the e-speak core.
  • There is an important benefit which accrues from using an open software platform such as e-speak on which many user web sites will be operating to take advantage of its 9 electronic commerce advantages. When the e-speak core is operating on a user's computer or server, performance of the PAMS will be improved because mediated communications will proceed directly between the e-speak cores of the user and the PAMS through the e-speak Interexchange Protocol (ESIP) which is an optimized data transport for handling e-speak traffic. It is not necessary, however, that the e-speak core be installed on a user's network access device for it to utilize the PAMS. Typically users who are service providers providing services through a world wide web site will us the ESIP “core to core” connection, while users accessing through a web browser will connect with XML over HTTP. Performance-sensitive services use ESIP to communicate with PAMS. E-speak also provides a proprietary EIDL compiler (See Appendix D of the E-speak's Programmer's Guide) that generates stub files on top of ESIP for efficient programmatic access from clients to an e-speak service.
  • PAMS is to be deployed on high-end computer systems with fast Internet connections. Therefore, successive improvements in Internet router/switch technologies and computer systems, which has been taken for granted in today's marketplace, will help PAMS to perform under increasing workload.
  • In addition to mediation, the open software platform provides asynchronous message delivery providing persistence of messages until delivered. The persistent authentication and mediation service requires an asynchronous architecture to provide fault tolerance in a widely dispersed network so that messages will be preserved during server or network failures. The open software platform provides the persistent message queue management that is necessary to support the persistent authentication and mediation service on a global scale. Authenticated connections are preferably secure connections such as SSL, which is supported by e-speak.
  • In a PAMS in accordance with the invention, it is necessary that the authentication agent provide a high degree of confidence that the authenticated party is the entity which it purports to be, since a user's trust in the authenticity of another user can be no stronger than the trust that the PAMS has properly authenticated the other user. At the same time the authentication agent should employ an implementation which is scaleable for use by a very large number of potential users, preferably hundreds of thousands or millions of users distributed world wide. Ordinary id/password systems which are commonly employed for authentication to servers or on-line services will not be considered to be sufficiently secure to proceed with major transactions based on their trust in the authentication. Public Key Infrastructure (PKI) systems are recognized to provide a high degree of security provided that the private key is well secured, however the common (method of employing PKI by simply encrypting a private key located on the users device with a password is subject to attack by an intruder and may be useful for some purposes but not others. Approaches where identity certificates are stored on central servers and downloaded when requested, limit the ability to provide non-repudiation as multiple copies of the certificates exist. Hardware based smart card systems for protecting the private key are very secure but are considered to be very costly and unmanageable for a large and widely dispersed group of users such as is contemplated in world wide trade which is a primary application contemplated for the invention. A preferred strong software protected pseudo PKJ system is a system such as the pseudo PKI system described in U.S. Pat. No. 6,170,058, “Method and Apparatus for Secure Cryptographic Key Storage, Certification and Use”, and “Software Smart Cards via Cryptographic Camouflage” by D. Hoover and N. Kausik (1999 IEEE Symposium on Security and Privacy”). The above technique protects the private key by means of a cryptographic software camouflage, which provides similar security benefits to hardware based PKI but is limited to circumstances where messages are only verified by pre-defined trusted entities. This restriction occurs since the method requires that to maintain security of the private key, the user's public key be distributed on a certificate in an encrypted form which can only be decrypted by a secret key, which is controlled by the trusted entities. For this reason, the technique has generally been relegated the technique to authenticating users to a resource within an enterprise rather than many-to-many authentication among a group of users. Since the public key is only made available in encrypted form the system is called pseudo PKI. The software camouflage technique places the private key on the users site so that it is released when the user enters a correct password. The private key is not merely encrypted with the password, however, but it is said to be camouflaged because when incorrect passwords are inputted, in many cases a false but otherwise plausible private key is generated. A challenge message encrypted with a false key is identifiable when submitted for authentication. The software camouflaging technique is readily scaled to large numbers of users since authentication is only carried out by a limited number of servers. This allows for a minimal software requirement on the user's network access device which can be conveniently distributed over the network and elimination of the need for hardware protection of the private key.
  • The technology for implementing a pseudo PKI system described above has been implemented in software known as WebFort™. Webfort™ as such is not capable of operating in a distributed e-services environment and is suitable for authenticating users to a server or integrated group of servers which constitutes a resource which the user seeks to access rather than for common authentication of unrelated entities to each other. The WebFort™ system does not support a mediated infrastructure.
  • The combination of online authentication using the cryptographic key storage PKI technology described above with persistent mediation solves the principal weakness of the cryptographic key storage when used alone. When used alone the technology is subject to attack by an individual who somehow obtains the correct PIN (as by clandestine observation) and also has access to the workstation on which the software smart card is stored. Such an individual could readily defeat the system. In a PAMS, however, the continuous monitoring function could readily provide an alert to the owner via another channel such as telephone or email that the digital certificate is being used.
  • In a preferred implementation of the PAMS, the WebFort™ functions to carry out pseudo-PKI are organized into separate components and encapsulated in a custom software container operating on the e-speak core to provide the functionality to enable authentication of users to the PAMS. The implementation of the discovery and collaboration features are implemented as software applications operating on the e-speak core either preferably as an extension of the e-speak Web Access component. Interactions between users and the PAMS and between users connected by the PAMS are mediated by the e-speak core.
  • At this moment, only Arcot's card operations need to be wrapped in JNI. Other APIs such as getChallenge( ) and verifyReponse( ) are supported by Arcot's Java toolkit (Arcot's Application SDK Client API). The following JNI functions wrap around the SDK's administration C/C++ APIs:
    JNIExport jbyteArray JNICALL Java_arcot_service_wallet_create
    (JNIEnv *env, jobject jobj, jstring juserID, jstring jcardName);
    JNIExport jbyteArray JNICALL Java_arcot_service_wallet_exists
    (JNIEnv *env, jobject jobj, jstring juserID, jstring jcardName).
  • The JNI wrapper APIs are based on Sun's standard JNI Specification (Java Native Interface Specification (http://java.sun.com).
  • In the preferred embodiment of the invention, the service further comprises additional authentication providers in addition to the main authentication agent. The additional authentication providers perform special services such as providing extremely rapid authentication or providing authentication insurance combined with the authentication. The preferred embodiment further comprises additional audit providers in addition to the default audit agent provided with PAMS. Additional providers may perform special functions such as service quality monitoring, transactional volume monitoring, and status.
  • The preferred network is the public Internet, though embodiments of the invention can be applied to other large-scale networks as well, and while the methods are described as being capable for facilitating transactions in global trade, it should be appreciated that the invention is equally applicable to smaller distances and other networks and not limited to global trade or the Internet.
  • FIG. 1 describes a logical view of a preferred PAMS system utilizing the e-speak open software platform. Actual system configurations can vary considerably. For instance, the entire PAMS system functionality can be distributed across application servers, Web servers, e-speak Cores, and multiple databases. Through e-speak Core-to-Core communication, PAMS systems can easily connect to one another to form a cluster of PAMS networks providing the same consistent view to the users. PAMS, acting as the primary backend component, along with other Web portal front-end components, forms a complete online service.
  • Internally PAMS consists of three primary system components: authentication agent, audit agent, and e-speak. Both agents maintain a list of internal service providers for authentication and auditing. The authentication agent relies on WebFort™ for software smart card implementation. The audit agent relies on e-speak for mediation functionality.
  • Referring to FIG. 1, a preferred PAMS system 110 is shown, comprising an authentication agent 120 is shown operating on an open software platform, here the e-speak core 130. Several Authentication Providers are shown, Authentication Provider 1 (122), through Authentication Provider N 124. The Authentication Providers include the functionality for enrolling users and authenticating enrolled users to the PAMS. The default Authentication Provider is part of the Authentication Agent 120. An Audit Agent 140 is shown with Additional Audit Providers 142 and 144. Authentication Providers 150 and Audit Providers 152 are additional external providers. Also shown are special external service providers 156, 158, and 160 which are services outside of PAMS which have been enrolled as member in the PAMS and will be frequently utilized by other members.
  • The Authentication Agent is an integral part of PAMS. It leverages a local e-speak Core to provide authentication services for PAMS. The agent serves as the default Registration Authority in PAMS; it is the RA for users enrolled by PAMS. It is optionally possible for PAMS to recognize certificates issued by others and authenticated by an external Authentication Provider which interfaces through the Authentication Agent. In this case, before authenticating, information about each user is stored in the PAMS database creating a relationship between PAMS and the user.
  • The Authentication Agent acts as proxy to other internal or external authentication providers which serve as the Certificate Authority. The Agent implements e-speak's service interface, thus qualifying it as an e-service. The agent by default hosts an internal authentication service that wraps around WebFort™. Generation of certificates within the agent is the default operating mode when an external authentication provider is not being utilized. As PAMS's default authentication provider, this service implements the pamsAuthSPIntf interface as defined below.
  • The Agent decides which authentication provider to use based on certain attributes of the incoming request, such as cost or response time requirements. The Authentication Agent is accessible through its interface defined as following:
    /** pamsAuthAgentIntf:
     **
     ** Notes: interface to PAMS Authentication Agent
    **/
    interface pamsAuthAgentIntf
      extends ESService, pamsAuthSPIntf
    {
      // open new account with PAMS
      boolean openAccount(int userType, AccountInfo newUser);
      // update account information
      void updateAccount(AccountInfo update);
      // close account
      boolean closeAccount(String userName);
      // find service providers
      ESURL,[ ] findServices(ESServiceDescription sd);
      // establish relationship with a service partner
      boolean formRelationship(ESURL, partner);
      // update user database
      boolean updateUserDatabase( );
      // distribute software smart cards
      byte[ ] getSmartCard(String userName);
      // validate data with external SPs
      boolean validateData(byte[ ] data, ESURL sp);
    }
  • The Authentication Agent provides built-in authentication, as indicated by its implementation of the pamsAuthSPIntf. Internally it implements a JNI adapter to WebFort's™ public C-based SDK. The agent mediates all calls for authentication. Other Web Portal components can call the agent service by name. (Web Portal discussed below is the interface for access to PAMS)
  • The Authentication Agent is called by Web portal components when authentication is required, in cases where access to protected resources is requested. Type B clients, however, would bypass the portal and access the agent directly.
  • An Authentication provider (AP) from the PAMS viewpoint belongs to one of two classifications: internal or external. An internal AP is local and packaged with PAMS together; local AP's can be considered premier AP's. External AP's are located remotely, and connected to PAMS through the administration console by conforming to the e-speak service interface. External AP's require higher level of security validation to PAMS prior to service. Both types of providers implement the same pamsAuthSPIntf interface.
  • As stated earlier, all authentication providers await service requests from the Authentication Agent. The Agent holds sway over which AP gets selected for a particular transaction based on the service attributes such as cost and service response requirements.
  • The following interface must be implemented by all PAMS authentication service providers:
    /** pamsAuthSPIntf:
     **
     ** Notes: to be implemented by authentication service providers
    **/
    interface pamsAuthSPIntf
    {
      // request a challenge string from authentication server
      String getChallenge( );
      // verify response to requested challenge string
      boolean verifyResponse(String resp );
      // verify signed data from authentication server
      boolean verifySignedData(int encodingScheme, byte[ ] signedData) ;
      // sign data
      byte[ ] signData(int encodingScheme, byte[ ] rawData);
      // check to see if card already exists
      Boolean cardExists(String walletName, String cardName,
      String userID);
      // create a sofware card
      byte[ ] cardCreate(String walletName, String cardName,
      String userID );
      // verify cookie
      boolean isCookieValid(String cookieName, byte[ ] cookieData);
    // delete cookie
    void deleteCookie(String cookieName) ;
    }
  • Note that an alternative XML messaging interface that wraps these methods can be provided so that HTTP requests can access this interface.
  • The audit agent in PAMS performs logging and monitoring service for all transaction events that occur in the system. In e-speak terminology, it utilizes the system event logging provided as a default service by e-speak Core. Specifically, the Agent hooks into the publish/subscribe event manager of the e-speak Core. As part of monitoring, the agent can raise a warning flag, suspend, or terminate sessions that are suspicious in nature.
  • Once registered, the agent intercepts all interested events or messages during mediation by e-speak Core. The agent can put the transaction events in a permanent store, such as a database or secure store such as HP's VirtualVault.
  • The audit agent interface is defined as follows:
    /** pamsAuditAgentIntf:
     **
     ** Notes: service contract interface to PAMS Agent
    **/
    interface pamsAuditAgentIntf
      extends ESService, pamsAuditSPIntf
    {
      // set the date/time source
      void setUniversalDateTime(URL dateTimeSource);
      // generate message authentication code for log entry
      String generateMACId(byte[ ] logData);
    }
  • The PAMS system leverages on e-speak's open architecture for e-services. One is the definition of an audit service provider interface. Any e-speak service that implements this interface can registers with PAMS as an audit service provider. Part of the registration process requires validation for approval of the service itself.
  • In addition to providing persistent logging which can form the basis for compiling audit trails, audit service providers can choose to monitor PAMS for critical information such as existing service quality, business transactions volume and status, and the state of the messaging system. This set of differentiating features provides distinct value-added service to PAMS operators for system monitoring and management purposes.
    /** pamsAuditSPIntf:
     **
     ** Notes: to be implemented by audit service providers
    **/
    interface pamsAuditSPIntf
    {
      // log entry type constants
      int log_text = 0;
      int log_image = 1;
      int log_binary= 2;
      int log_video = 3;
      int log_voice = 4;
      // log binary data with its description
      void logEntry(String macId, String entryDesc, int entryType,
      byte[ ] entryData);
      // return the entry data type
      int getLogEntryType(String macId);
      // get the log entry description
      String getLogEntryDesc(String macId);
      // get the binary data
      Byte[ ] getLogEntryData(String macId);
      // archive the log entries based on criteria such as age of the entries
      boolean archiveNow(ArchiveCriteria ac);
    }
  • Note that an alternative XML messaging interface that wraps these methods can also be provided so that HTTP requests can access this interface.
  • Both authentication and audit service providers use the same mechanism for service management. Specifically, PAMS administrator has at its disposal a browser-based administration console that allows the management of new and existing service providers. Therefore each PAMS service provider must fully implement the relevant PAMS service provider interface in e-speak context and be validated and approved by PAMS authority leading to acceptance of PAMS access control list (ACL) of validated service providers.
  • PAMS administrator can use the very same authentication service to validate service providers.
  • PAMS includes a PAMS Database 154. The PAMS database component contains the customer relationship management (CRM) information for each registered user. Such information includes user-specific reputation ratings, business partners, past and current dealings, and so forth that are personalized for each user. Thus this component is essential to implementing the MyPAMS part of the portal (MyPAMS is similar to MyYahoo—a common Web portal feature.
  • PAMS database can be a relational database or a directory. The former is accessible through JDBC interface (Java Database Connectivity API (http://java.sun.com/products/jdbc/index.html)), with the latter through LDAP (Lightweight Directory Access Protocol).
  • PAMS service providers (Authentication or Audit Providers) can be internal or external. Internal providers are local to PAMS; they reside in the same physical setting and get started as part of the PAMS boot-up process. Internal providers are integral parts of PAMS system. External service providers reside elsewhere in the network, and typically connect via a communication link. External providers must be authorized by PAMS operator for their services to be enabled.
  • External PAMS service providers can connect with ESIP or XML, depending on the interface specification or the service contract, of the defined service. For instance, given PAMS Authentication Service Provider interface is defined as a set of Java methods, any compliant authentication provider will have to implement this interface to become available to the PAMS network and therefore would typically use ESIP. PAMS service providers can choose to connect to PAMS through a private secure dedicated link or through virtual private network (VPN) protocol on the Internet.
  • Other external service providers (156, 158, 160) are verbatim e-speak services that have registered with PAMS directly or discovered through the e-speak's distributed advertising service that make services registered in different e-speak Core visible to one another.
  • The Web Portal 132 is the interface for user access to the PAMS services. Key functionality exposed through the portal includes user management, service provider management, collaboration, service discovery, authentication, and persistent mediation. Basic PAMS services provided by the authentication agent, audit agent, or e-speak are accessed through the portal while other functions such as collaboration and discovery are implemented as in the Web Portal.
  • There are three main types of PAMS user clients for PAMS portal. They are distinguished by how they access the portal as well as what they can access.
  • Type A 162 is through the Web browser with XML over HTTP. It has access to all other portal features in addition to authenticated mediation. Software is provided to the user by PAMS which allows it to communicate with the authentication agent. This may be in the form of an applet which is downloaded via the network each time the application is called, or as by a browser plug-in which can be permanently downloaded. The software smart card including the private key and the digital certificate is stored on the users' device. For users accessing the network from a computing device with adequate non-volatile memory, it will generally be preferred that the smart card be stored on the user's device in the non-volatile memory. Other users may download the smart card into volatile memory at each power up. The software provided to the user also permits users to alternate between indirect mediated interaction and direct interaction though a parallel connection after authentication is complete.
  • Type B 166 is through a custom application, e.g. Web server, that uses ESIP (E-speak Inter-exchange Protocol (TCP/IP based) directly, e.g. e-speak's J-ESI SDK. It typically accesses PAMS for authenticated mediation and optionally other portal features, e.g., collaboration, through portal integration. System integration of this nature depends on actual implementations of the target system. Many commercial tools exist, e.g., Tibco, that facilitate such integration.
  • Type C 164 is a Net-enabled device that interacts with PAMS primarily for authentication and mediated messaging. Type C users will typically utilize authentication software of the type used by type A users. Typically PAMS end users use the browser for access, whereas PAMS service providers will prefer to use ESIP for system performance and programmatic flexibility.
  • The Web browser client would include WebFort's™ browser plug-in 170 and 172 to manage the issuance and update of software smart cards for the user. The plug-in interacts with Arcot's Card Server through PAMS implementation of Arcot's client APIs. After a smart card is issued, the browser interacts with the plug-in to decrypt challenge strings from authentication server using the user's private key embedded within the smart card. The user needs to enter valid personal identification number (PIN) for authentication when prompted for dialog to succeed.
  • Since all client access begins by being mediated by PAMS through e-speak, PAMS provides the “resource handlers”, in e-speak terms, for all clients. The PAMS resource handlers monitor each user's mailbox for new messages and process them accordingly, e.g. converting them to user's database records. For Type A users, e-speak's Webaccess module implements the resource handlers. Other user types implement their own resource handlers, e.g. by servlet in a service provider case.
  • Clients secure communication with PAMS through SSL (Secure Socket Layer) as implemented in HTTPS. Both e-speak and WebFort support SSL.
  • Each type of user is represented by one block on FIG. 1 and many of the other figures, however it should be understood that there may be many users of each type utilizing a PAMS according to the invention and the drawing is simply representative of each type of user to illustrate how that user interacts.
  • One important observation in FIG. 1 is that communications of the PAMS Authentication Agent and Audit Agent with each other and outside entities (including the external Authentication Providers and Audit Providers) and users, are mediated by the e-speak core.
  • A PAMS system, according to the invention, is preferably designed for scalability, performance, and availability as described below.
  • E-speak provides several key scalability features. PAMS services interact with one another mediated by e-speak Core messaging with ESIP, which is e-speak's Session Layer Security (SLS) protocol. One key feature of SLS is request multi-plexing. Several requests can be serviced by a single TCP connection. Another e-speak feature is support for asynchronous mode of messaging; in fact, this is the default mode for e-speak messaging. In e-speak, synchronous messaging is modeled on top of the asynchronous implementation. Asynchronous messaging, with Inbox and Outbox concepts, is quite analogous to the Internet email system today. Therefore many users can use the system simultaneously sharing finite system resources such as threads and socket connections.
  • Since other components in PAMS are based on proven Web technologies such as Web and application servers, standard load balancing configuration can be applied to release stress points in the system thereby achieving system scalability. The typical load-balancing schemes in use are web server clustering and application server clustering. In web server clustering, the Web proxy server distributes requests among an active list of Web servers in a cluster according to in well-understood algorithms, e.g. round robin. In application server clustering, the application server proxy distributes workload across current active application servers, similar to Web server proxying. A typical load-balancing configuration is shown in FIG. 2.
  • FIG. 2 assumes load balancing is a feature of the application server. In FIG. 2, several users 180, 182, and 184 are shown connected to a Web Server 186 which is connected to three instances of the same PAMS application module 190, 192, and 194 and the Database 154 through the application server proxy 188. The Web servers essentially load balance workload across a cluster of application servers, which host different instances of the same PAMS application module. In this example load balancing is a feature of the application server. Other schemes for load balancing include hardware load balancer based on ongoing IP traffic and Web server clustering that are based on request load on each of the cluster member server. A hybrid of the approaches can also be implemented based on the nature of the application work flow and network traffic patterns.
  • Another building block of PAMS, Arcot's WebFort, has provisions in its system design that conform to these standard load-balancing and clustering techniques.
  • The basis for system performance lies in ESIP, which is an optimized data transport specifically developed to handle e-speak traffic which is expected to support a heavily used web site. Performance-sensitive services use ESIP to communicate with PAMS. E-speak also provides a proprietary EIDL (see Appendix D of E-speak's Programmers Guide) compiler that generates stub files on top of ESIP for efficient programmatic access from clients to an e-speak service.
  • PAMS is to be deployed on high-end computer systems with fast Internet connections. Therefore, successive improvements in Internet router/switch technologies and computer systems, which has been taken for granted in today's marketplace, will help PAMS to perform under increasing workload.
  • E-speak Core architecture is designed for clustering, which is key to e-speak service redundancy. E-speak has built-in support to import/export resources between two connecting Cores and to keep the two systems in sync over time. Since PAMS is built on e-speak, it can leverage on the benefits of such cluster configuration of inter-connecting stand-alone or redundant PAMS systems. PAMS users can be configured to have access to more than one PAMS access point but maintains the same logical view of the service.
  • Due to its building foundation with e-speak, PAMS system design relies exclusively on Java technologies in interface definitions and connectivity with non-Java code through JNI (Java Native Interface).
  • FIG. 3 shows the same implementation as in FIG. 1 showing the key processes of the PAMS, registration A, authentication, discovery and relationship development B, and collaboration C, all of which are applicable to each type of user. User type A 162 and user type C 164 access all process functions though the Web Portal, while user type B 166 accesses the e-speak core directly for authentication, discovery, relationship development, and collaboration. Note that in this and succeeding drawings the External Authentication and Audit providers and the PAMS Database are not shown but are preferably present.
  • FIG. 14 shows a hardware configuration of the PAMS. Computers can be any standard network or Internet accessible machines. Preferable personal computers comprise 100 MB of hard disk space and 32 MB of memory and have common operating systems such as Windows 2000/95.
  • Preferred servers are standard web servers such as those manufactured by Hewlett Packard or Sun and preferably having a minimum of 100 MB of disk space and 256 MB of memory and operating under such operating systems as UNIX or Windows NT 4.0/SP4.
  • Key Processes
  • Enrollment Process
  • Before businesses or users can use the PAMS they must be enrolled in the service. Enrollment applies to all three types of users, Type A (browser access), Type B (web application software on a server) or Type C (software Bot or device that sometimes has network connectivity). A single user can enroll, or a business or group comprising two or more users can enroll as a group. A business or group can be a combination of users of different types. FIG. 4 represents the enrollment process where in this example, a business, represented by an employee who is a Type A user, is enrolling. This user could enroll on behalf of itself and for other users. The user 162 would first need to find the PAMS. In this example, the user 162 issues a generic e-Service request from a web browser for a ‘global authentication provider’ through an e-Service broker (an e-Service broker is a class of service provided by Hewlett Packard which allows users to find e-Services) in the Internet connection line 201. The proposed business user selects PAMS if multiple service providers are returned by the e-Service broker. The business user clicks on the PAMS link and is connected through a URL to the PAMS home page (which is shown as FIG. 10) through connection line 202 accessing the Authentication Agent through the Web Portal mediated by e-speak. The user 162 initiates the open account process with Authentication Agent by accessing the ‘become a member’ function on the home page. The business user is instructed to complete a number of online forms which provide specifics on the business and the employee(s) who will be enabled to utilized the PAMS service, such as their title and whether they can contractually commit the business. The business user will also be instructed to provide documents, which support the authenticity of the business such as SEC filings, etc. The business user will also personalize the service PAMS provides by selecting desired features from a list of available PAMS services. This includes specialized authentication providers, service level monitoring, authentication insurance, etc. Each of these services will have a different usage cost associated with them.
  • PAMS investigates the provided information. In the course of the investigation, PAMS may contact external information providers, such as Dun and Bradstreet to validate provided information. The business may be contacted multiple times to clarify existing or supply additional information Businesses that meet membership policies are notified that their registration has been approved. Otherwise, their application is rejected. An optional procedure would provide a fast temporary enrollment option to a user which has some degree of established identification, such as a DUNS number. The authentication rating of such a user would be low, warning other users of the temporary user's status.
  • If the validation process for a company is successfully completed, the Authentication Agent generates a public/private key pair(s), and encrypts the public key(s). The Authentication Agent controls the process of generating a software smart card for each employee of the business who is approved to utilize the PAMS.
  • In this case, for illustration, the user selected a specialized Authentication Provider (AP) 122 which includes insurance coverage as part of the authentication for an additional fee. The Authentication Agent then issues a request to AP I through line 203 to generate the digital certificate(s) appropriate to that AP. The digital certificate(s) are returned to the Authentication Agent through line 204. Had the user selected to use the default authentication provider which is part of the Authentication Agent the certificate would have been generated within the Authentication Agent.
  • The Authentication Agent 120 camouflages the private key with an activation code, builds the software smart card(s) and places it in the software smart card database. The Authentication Agent 120 provides instructions to the Business employee 162 on how to pick up the software smart card and the required client software. The Business employee 162 obtains the software smart card from the card database by downloading it through line 205 from the PAMS home page (FIG. 10) by selecting “certificate download” after entering the appropriate activation code. Alternatively the user could secure the smart card through an out-of-band communication method such as a disk sent by registered mail. The software smart card can be stored permanently on the PC hard disk or temporarily in the PC's memory. The Authentication Agent also provides the Business employee with the software plug-in necessary to interface with PAMS. The Plug-in is installed by accessing ‘software installation’ from the PAMS home page FIG. 10). In the case that the employee is enrolling Type B and Type C users the smart card and plug-ins are obtained by a Type A user and installed on the application server (type B) or device specific software.
  • The business employee 162 initializes the software smart card, through entering a user name, activation code and a user defined password and can personalize the software smart card through line 206 by entering non-validated information about interests, needs, etc. through the Persona Management Page (FIG. 12). The business employee can also create multiple personas, which represent subsets of the validated and non-validated information through the Persona Management page. Line 206 actually accesses the Authentication Agent through the Web Portal under mediation of e-speak, though the line is distorted on FIG. 4 due to crowding.
  • Upon initialization, the routine Open_Account is executed by the PAMS which carries out administrative functions such as setting the Authentication Strength rating for the new member based on the amount of identity verification that was performed.
  • Authentication
  • FIG. 5 is a diagram illustrating a Type A user 162, who is an employee of the business which enrolled in the PAMS in the prior example, who signs on (authenticates) to the PAMS. Referring to FIG. 5, a Type A user 162 requests the Authentication Agent to sign on by selecting “Sign-on” from the PAMS home page through line 211 which contacts the Authentication Agent through the Web Portal mediated by e-speak. The Audit Agent 120 receives and logs the sign-on request. In this case user 162 has enrolled using external Authentication Provider 122 which issued the user's software smart card, so the Authentication Agent forwards a request for a challenge to Authentication Provider 122 though line 212. Authentication Provider (AP) 122 generates a challenge and forwards it to the Authentication Agent through line 213. The Authentication Agent presents the challenge to the user 162 by line 214. The PIN entry screen is displayed to the user 162, and the plug-in 170 which was supplied to the user during enrollment signs the challenge by encrypting the challenge with the user's private key. The signed challenge is returned with the user's digital certificate through line 215 to the Authentication Agent 120 through the Web Portal mediated by e-speak. The response is forwarded to AP 122 through line 216. AP 122 verifies whether the response is authentic by decrypting the encrypted public key on the user's digital certificate and then decrypting the challenge and determining whether it is valid. The result of the verification is returned to the Authentication Agent through line 217 and then to the user through line 218. If the user's log in was validated a cookie is set in the user's browser and the user is routed to the Discovery Portal from where other users may be accessed. If the log in was not valid the log in procedure is repeated unless the maximum number of failures is reached.
  • An optional security feature would comprise notifying a user by some external means when it signed on to the PAMS. The notification could be sent to a mobile phone, pager, message service, or the like.
  • Dynamic Discovery
  • The dynamic discovery feature of the authentication service is one of the key elements of facilitating business transactions according to the present invention. It addresses the requirement to provide easy access to a dynamic directory of business members of the persistent authentication and mediation service. The feature is offered through a portal to Type A users and through equivalent direct communication with Type B and Type C users. FIG. 11 is a picture of a preferred discovery portal. The discovery portal organizes all the users and businesses into categories and allows sophisticated searching of the user and business data. Users can search both the authenticated data as well as data which may be dynamically inputted by businesses. This search is much different from an ordinary “web search” portal in that the data is dynamically variable and structured through a vocabulary. Also, all businesses are searchable, either directly or anonymously. The dynamic search feature is not limited to the common paradigm of browser users searching for web service providers.
  • Businesses and users may be searched dynamically according to search criteria, either searching authenticated data, user inputted data or both. An example of relevant user inputted data could include a business's current product inventory list, so that a buyer could select businesses who have sufficient inventory to meet their needs. Alternatively, a buyer could input its needs and be discovered by businesses who desire to bid on supplying the materials.
  • Users input user variable data through personas. Personas are managed through a Persona Management Portal which is shown in FIG. 12. Personas, like business cards, contain both personal as well as business identification information. Unlike business cards, users can personalize the persona to include information on interests, competencies, advertise goods or services with specified sale terms, etc. Users can also limit the information that is shared as the PAMS keeps the ‘master’ list of information private, and only reveals the information that the user has included in the persona. A new persona is created by selecting a subset of the master list of validated information and entering in appropriate non-validated information. Non-validated information can be entered into a validated category, though the information will be identified as being a pseudonym. For example, an employees company may be ‘ABC’, but they may not want to reveal their company name, so they enter ‘XYZ’. The receiving party would be able to see that the company name is a pseudonym.
  • A user can request to make a relationship with another business through the Discovery Portal, either identified, anonymously, or pseudonymously. The other business, or a user designated to make relationships, will be forwarded the request along with authentication, either validated or anonymous as appropriate. The business could decide to establish a relationship, negotiate to have more validated information revealed or reject the request. If the businesses decide to a establish a relationship, their identities may be revealed to each other if not already known or kept anonymous depending on each users preference. A Type B business will be forwarded the necessary information to add the user requesting a relationship to its customer list so that the introduction process will not be needed in the future. Many businesses will accept all members registered with the persistent authentication and mediation service so that the introduction step will not be necessary for these businesses.
  • Browser users will receive requests to establish a relationship through the Discovery Portal. New requests will be waiting in the user's In Box. While the discovery features are described as being under individual control through a browser, it will be appreciated by those skilled in the art that the same features could be accessed directly by programmed applications including automated processes. Such processes might be particularly advantageous in global trade considering the differences in business hours. A business could update their needs or inventories by an automated process so that it could be found by another trade partner who would have confidence in the authenticity of the data being searched.
  • The discovery feature leads naturally to the next step in transacting global business collaboration with authenticated trade partners. The persistent authentication and mediation service includes software for secure collaboration. A browser user will conveniently begin to use the collaboration features by collecting businesses by “dragging and dropping” them onto the collaboration portal.
  • FIG. 6 is an example of the use of the dynamic discovery features to create a persona and discover a second business. A Type A user 162 from the previous example, selects ‘persona maintenance’ from the PAMS Home page (FIG. 10) through communication 221. The persona maintenance page is shown in FIG. 12. Personas, like business cards, contain both personal as well as corporate identification information. Unlike business cards, users can personalize the persona to include information on interests, competencies, advertise goods or services with specified sale terms, etc. Users can also limit the information that is shared as the PAMS keeps the ‘master’ list of information private, and only reveals the information that the user has included in the persona.
  • A new persona is created by selecting a subset of the master list of validated information and entering in appropriate non-validated information.
  • The PAMS provides default personas, such as a ‘first time’ trading persona, a ‘long term relationship’ persona as well as an anonymous persona which has validated information such as the dollar amount the holder can commit the business to but no information on the name of the business itself.
  • When a persona is created, the user controls who sees the information and how much information is shared with a trading partner. Personas enable users to extract the maximum leverage from its trading partners as information asymmetry creates profit potential.
  • If a user needs to change his information, for example his mailing address, PAMS can update all businesses, that had previously received the information, of the change automatically.
  • The user 162 then accesses the Discovery portal from the PAMS Home Page (FIG. 11 shows the Discovery portal which is accessed through the Web Portal) and enters desired search information in communication 222. In this case, the user 162 is interested in heavy equipment distributors. The user also specifies that only companies with at least a composite trust rating, as compiled by the PAMS, of four stars should be discovered. Unlike a conventional search engine, the user enters search text into a customized vocabulary which corresponds to the validated PAMS master data as well as the non-validated information.
  • The request is processed by the e-speak core 130 which searches its repository of registered businesses for one or more that matches the search criteria and returns them through communication 223 to the user 162 through the Discovery portal a function of the Web Portal 132. Business 165, in this example, is returned as the best match to the query.
  • User 162 exercises the option to request additional detail on a discovered business beyond that which the e-speak repository maintains through communication 224 and receives the result in communication 225. The PAMS reveals approved information on Business 165, such as a overview of the business, which PAMS maintains in its business database 154. The web portal retrieves the detailed data from the database 154.
  • User 162 will not directly access User 165, as their interaction will be mediated by the e-speak core.
  • It is important to note that a business anywhere in the world who altered their persona information to mention that they are a ‘heavy equipment manufacturer’ just before the search would have been discovered. As soon as their profile is updated in the e-speak core, the new business can be independently discovered by other businesses who are doing their own searching, or by automated type C businesses who continually search for certain attributes. This is another example of how the PAMS is a ‘dynamic’ service.
  • An option on the Discovery Portal is to provide information to allow members to view the ‘discovery’ requests that are most frequent. In this way, a business can dynamically alter their persona to increase the likelihood their product/service is discovered. Since a product/service overview can be part of the validated information, a business would have some confidence that the companies they discover can deliver. This is another example of an action in one part of the system causing ripples to flow through the rest of the system.
  • Collaboration
  • The collaboration feature is the remaining key feature of the persistent authentication and mediation service according to the present invention. Referring to FIG. 13, the collaboration portal is a feature of the Web Portal. The collaboration feature is accessed by a browser user through a collaboration portal, though as with the other features it will be appreciated by those skilled in the art that the features could also be accessed directly by programmed applications including automated processes.
  • The businesses dragged in from the discovery portal will show up in the user's in box. The portal contains a Library which includes a history of deals completed and pending and tracks changes and revisions to the deal documents. A particular document may be pulled up from the Library or searched for from a database of all deals participated in. Since all transactions are mediated by the persistent authentication and mediation service, there is an archive memorializing all the deals. There is provision to exchange documents among parties and to digitally sign documents using the private key. Users may negotiate on a discussion board either in real time or by leaving messages on a discussion board, or other modes such as web-telephony.
  • One option of the service is to provide certified message delivery. Since all interactions are mediated by e-speak until the message is delivered, PAMS can readily acknowledge when a document has been delivered and received.
  • An optional security feature of the PAMS is to confirm with an authenticated user by an external means that its digital signature is to be applied to a document. The notification could involve external means such as a telephone or mobile phone message, pager, or the like.
  • A particularly important feature of the authentication service according to the invention is that unlike prior discussion boards, all communications are fully authenticated by the persistent authentication and mediation service, so that all the participants know exactly with whom they are dealing.
  • Another important feature is that parties to a negotiation may add additional parties which are needed to complete a deal. For example, a buyer and seller of goods may bring in additional parties needed for handling, shipping, and insurance. Alternatively, a buyer could assemble alternative seller-handler-shipper-insurer combinations and compare them, all with surprising ease of process and security.
  • It will be apparent that the automatic processing option will be particularly interesting to many business transactions to supplement direct operation by an individual through a browser. For example, it will now be possible for a buyer of goods to use the persistent authentication and mediation service to assemble sophisticated alternative teams of suppliers of the goods coupled with providers of infrastructure such as handling, shipping, and insuring, and compare the costs of the alternatives. Because of the features of the invention the buyer completes the process entirely within the service with confidence in the authenticity of the responses, and with the ability to legally document all offers, terms, and acceptance, with an efficiency previously unknown for secure transactions.
  • Examples of Business Processes Using the Invention EXAMPLE 1 Forming a Relationship
  • FIG. 7 illustrates the process whereby two businesses, Business 1 and Business 2 form a relationship.
  • Business 1 (162), a Type A user, uses the Discovery portal to review information about Business 2 (165), also a Type A user in communication 231. The Discovery feature is accessed through the Web Portal which calls on the e-speak dynamic discovery feature. Business 1 in this case is able to review Business 2's access policy and notices that relationships are restricted to businesses that meet specific criteria, in this case having annual sales of over $10 million. Business 1 specifies that it would like to be introduced to the distributor, Business 2, by selecting the ‘Request Relationship’ function from the Discovery Portal.
  • The Discovery feature conveys the request to Business 2 by placing a message in Business 2's in box in communication 232. Business 2 is provided with the information present in the active persona of Business 1.
  • Business 2 replies that they desire a relationship with Business 1 in communication 233. PAMS updates its database to show that a relationship has been established between Business 1 and Business 2. The Web Portal relays this information to Business 1 in communication 234. Business 1 may now send a message to Business 2. Business 1 can send digital messages to Business 2 and they can collaborate through the collaboration page.
  • In this example Business 2 had previously signed up with the PAMS. Business 2 decided not to allow all PAMS members to do business with them, as they only want to deal with companies possessing certain characteristics. Otherwise Business 1 would have been able to directly access Business 2 upon discovery.
  • Business 1 could desire an anonymous relationship in which case the persona would convey minimal information. Business 2 may decide to deal anonymously with Business 1 or may request additional information be provided in order to establish a relationship.
  • An advantage of the invention is that Business 2 benefits from an accelerated customer acquisition process. For example, Business 2 can establish an immediate approval profile. Based on the information the PAMS provides, Business 2 can immediately authorize the addition of a new customer since it can rely on the PAMS to ensure that the new customer satisfies the criteria of its immediate approval profile.
  • Business 2 in this example, is a browser user responding to a message received through the Discovery Portal. Business 2 could have alternatively been a Type B user such as a web site, responding in an automated manner to Business 1's messages. It could also alternatively be a Type C user such an application program, software bot, or device. If Business 2 had been a Type B user, after establishing a relationship, Business 2's web site access tables would have been updated by Business 2 to allow Business 1 access to the web site without needing to go through the typical web site sign on screens.
  • Business 1 does not directly access Business 2 through the PAMS as their interaction is mediated by the e-speak core
  • An implication of the relationship building process carried out by subsets of the PAMS membership which have formed relationships with each other, is the creation of virtual communities of trust which exist within the broader PAMS enrolled users.
  • EXAMPLE 2
  • Three Businesses Collaborate
  • Referring to FIG. 8, Business 1 (162) and Business 2 (165), both Type A users, have created a relationship as described previously in Example 1. In communication 241, Business 1 (162) initiates an collaboration session with Business 2 by selecting the “Collaboration” feature from the Discovery portal which causes the Collaboration Portal to be displayed by the Web Portal. Business 1 notifies Business 2 by selecting ‘Contact Partners’ from the Collaboration portal and selecting Business 2. In communication 242 a message is sent to Business 2 Discovery Portal's ‘Alert’ function, and/or to a mobile device, etc. which Business 2 has designated.
  • In this case these two businesses want to conduct a trade in which Business 1 is the buyer and Business 2 is the seller. Both parties have already signed onto (authenticated to) the PAMS.
  • When Business 2 accesses the Collaboration Portal it can exchange messages and documents with Business 1. In the communications labeled 243, Business 2 specifies that it wants to receive an assurance from a financial institution that Business 1 is credit worthy before concluding the contract and Business 1 and 2 agree to split the fees for the financial institution and to choose a financial institution that both organizations approve.
  • In communication 244, Business 2 accesses the Discovery Portal and issues a search request for a “credit rating agency”.
  • Business 1 and 2 both receive back the information which was discovered, in parallel communications 245, in this example identifying two potential service providers (D+B) and (@rating) as credit rating agencies.
  • After reviewing meta-data about the two rating services, Business 1 and Business 2 agree to utilize Business 3, @rating, which is a software application (a Type C Business). The discussion is shown as parallel communication lines 246, which is a communication between Business 1 and Business 2, mediated by e-speak 130. This agreement is captured in the discussion forum feature of the collaboration portal and logged in a permanent audit record in the communication labeled 247 between e-speak and Audit Provider 142 through Audit Agent 140. Audit Agent 140 continuously monitors e-speak for events to be memorialized in the permanent record.
  • While the selection process described in the example has been kept simple, it would have been possible to have found additional providers and compare them according to complex criteria, such as price, capability, response time, and the like.
  • In the series of communications labeled communication 248, Business 2 accesses Business 3's e-Service 166 under mediation of e-speak. Since Business 2 has already authenticated to the PAMS, and Business 3 allows access to its service to authenticated PAMS users, Business 2 did not need to go through Business 3's sign on procedures to obtain the credit report. In the pair of communications labeled 249, Business 1 and 2 discuss the credit report and once satisfied with Business 1's credit standing, Business 2 distributes a Trading Partner Agreement (TPA) to Business 1. Business 1 agrees to the contractual terms and conditions stated in the TPA and digitally signs the agreement. Business 2 digitally signs Business 1's purchase order. Deal documents are stored in the PAMS deal library, memorialized by Audit Provider 142.
  • Having utilized Business 3's service Business 2 could express an evaluation of the quality of service provided through the collaboration page. This evaluation would be part of Business 3's overall evaluation compiled by the PAMS.
  • In this example, Business 3 is software application, e-Service, it could also be a web site, or a human utilizing a browser. It is an important feature of the invention that a human user utilizing the discovery or collaboration portal could interact with a mix of automated and human counterparts.
  • The Collaboration portal is used to simultaneously interact with businesses for the purpose of completing a trade. The Collaboration Portal supports multi-company discussion through a discussion board, web-telephony, etc. The Collaboration portal provides a central point to manage the key process steps involved in concluding a trade. The Collaboration portal is an application maintained by the Web Portal.
  • Although a business may be unfamiliar to another business, they are willing to trade with unfamiliar partners because of the PAMS's assurance that they are dealing with an authentic business, with known characteristics. Once a business logs onto the PAMS, it becomes part of an integrated community. Businesses of Type A, B or C can assume that anyone accessing their sites/applications has already been authorized by the PAMS, therefore, the business itself does not need the overhead of a separate authentication mechanism.
  • EXAMPLE 3
  • An Exchange Outsources Authentication to the PAMS and Signs up all its Business Customers
  • Referring to FIG. 9, in this example an exchange 161 selects the PAMS to provide services to its business customers. In this case, the exchange comprises both a User Type A (it is able to interact with PAMS members through a browser) and a User Type B (its web site uses PAMS for access control).
  • The Exchange initiates the open account process with the PAMS by accessing the ‘become a member’ function on the PAMS's home page in the communication labeled 251. The Exchange opens an account with the PAMS, it provides all the information necessary for enrollment. The Exchange is instructed to complete a number of online forms which provide specifics on the Exchange and the employee(s) who will be enabled to utilized the PAMS service. The Exchange is also instructed to provide documents which support its authenticity such as SEC filings, etc. The exchange also provides information on its customer base to allow the PAMS to determine whether it will be able to accept all the exchange's customers as members. The PAMS investigates the provided information. In the course of the investigation the Exchange may be contacted multiple times to clarify existing or supply additional information. Customers may also be approached individually to provide any additional required information. The processing steps of the customer joining the PAMS follows the enrollment procedure as previously described.
  • An Exchange that meets membership policies is notified that their registration has been approved. Otherwise, their application is rejected.
  • The approved Exchange will personalize the service that the PAMS provides by selecting desired features from a list of available PAMS services. This includes which Authentication provider(s) its customers will utilize, whether the Discovery/Collaboration portal will be utilized by its customers, whether their customers are discoverable by other PAMS members, whether their customers can use personas and interact anonymously, obtain authentication insurance, receive service level analysis reports, etc.
  • In this case, the exchange just requires authentication and the ability to ‘private label’ the Discovery and Collaboration portal. Private labeling utilizes Frame-in-Frame techniques, to make the Discovery portal appear to be coming from the exchanges site in appearance, while actually being executed from the PAMS web server.
  • The Authentication Agent electronically provides the exchange with software necessary to authenticate its businesses and collaborate through a web browser in communication 252. After installation the interface is tested.
  • The Exchange's customers receive required software smart cards and the software needed to authenticate to the PAMS. Business 5, an importer 167 and Business 6, an exporter 169 are shown receiving their smart cards and software electronically in communications labeled 253.
  • Business 5 (167), an importer of textiles, has previously received his smart card and software. Business 5 is a Type A user. The importer signs on to the PAMS by accessing a PAMS home page that has been customized for the Exchange and the Exchange admits Business 5 to enter its site if authentication is confirmed following the procedure which has been previously described. The sign on and authentication process is shown as communication 254 which passes between Business 5 and the exchange web site through the Web Portal, e-speak and the Authentication Agent.
  • In communication 255, shown as a communication between Business 5 and the Exchange web site through the web portal 132 and mediated by e-speak 130 and recorded by Audit Provider 142 through the Audit Agent 140, Business 5 uses the Exchange's matching services to select a business partner, in this example, Business 6 (169), which is an exporter of textiles—a Type A user.
  • The importer, Business 5 issues a Purchase Order (PO) to the exporter, Business 6 using the PAMS Collaboration Portal. Business 5 digitally signs the PO. This transaction is shown as communication 256 proceeding from Business 5 to Business 6 through the Web Portal and mediated by E-speak. The signing is accomplished by Authentication Provider 122. The transaction is recorded by Audit Provider 142 through Audit Agent 140. The PAMS stores the PO in a deal folder. When the PO is delivered to Business 6, the PAMS sends a confirmation to Business 5 that the PO was delivered and received.
  • This illustration illustrates an important feature of the Persistent authentication and mediation service, that all communications among the Exchange 161, Business 5 (167) and Business 6 (169) are mediated by the PAMS, whose Audit Agent 140 monitors the transaction, compiles an audit trail, and makes information from the audit trail available to the interacting parties.
  • The exporter's processing policy specifies that before confirming the PO, online verification that the receivable can be immediately sold is required. The exporter, Business 6 (169), uses the Discovery portal to discover a factoring company to provide a cash advance against the future receivable and the request is conveyed to external provider 156 in communication 258 from Business 6 to External Provider 156.
  • The factoring company 156 reviews the transactions deal file, checks on the credit worthiness of both the exporter and the importer, reviews the reputation ratings and determines whether the transaction meets the factoring companies acceptance policy guidelines. In this example, the factoring company returns a digitally signed commitment that they will purchase the receivable once the goods are shipped in 25 communication 258, which is forwarded to Business 6 (not shown for legibility). An audit record is made of the commitment which is stored in the deal folder.
  • This step again illustrates the mediation feature of the invention. In this case the PAMS Audit Agent creates a record which is forensic evidence that the exporter properly followed policy and the financing check was actually done.
  • Business 6 then uses the collaboration portal discussion board to request clarification on the Exchanges transaction procedures in communication 259 and the Exchange uses the Collaboration portal discussion board to clarify their processes. The exchange is shown as communications 259, from Business 6 to the Exchange mediated by e-speak and the exchange's reply shown as communications 260.
  • Now that financing is assured, all of the exporter's policy steps have been completed. Communication 261 shows Business 6 sending the importer a signed PO confirmation. The signing is accomplished by Authentication Provider 122. The Audit Agent 140 who is monitoring e-speak picks the signed PO for memorialization and sends it to Audit Provider 142 (step not shown for legibility). Business 5 receives the confirmation in a communication 261. Business 6 prepares the goods for shipment.
  • This example illustrates the important persistent mediation feature of the invention. The PAMS has the ability to produce the persistent evidence that not only were the transactions signed on a particular time and date, but the entire transaction was monitored and documented at each step along way to the deal; the buyer's, seller's, and third parties' processes were met.
  • As a consequence, when a party signs a document, as well as acknowledging the document, there is a record that all of the required intermediate steps were completed. In this way, a legal transfer of risk/goods can be effected.
  • Non-repudiation is made possible by the forensic evidence that is collected which documents the commitment of the deal parties. A review of the transaction's audit trail supports the ability to ensure the transactions meet each party's policy requirements.
  • In the preceding example, the Exchange caused its customers to be enrolled for a subset of the complete service provided by the PAMS. An Fxchange customer could also sign up independently of the Exchange and have access to all the PAMS services.
  • Similarly, the Exchange could decide to form a relationship with another business member of the PAMS, for example, to allow the business member to have access to the Exchange's services without having to sign on (the same process is utilized as when establishing a relationship between any two businesses).
  • Detailed Registration Procedure
  • An overview of the enrollment process for registering a business with PAMS has been previously described and illustrated in FIG. 4. A more detailed explanation follows.
  • Referring to FIG. 4, three types of Authentication Providers are supported by PAMS: First, the default AP which resides in PAMS Agent (120).
  • Second, PAMS is designed to work with specialized AP's (122-124). An AP can specialize, for example, in authenticating mobile users, or in providing authentication insurance to users. AP's act as Certificate Authorities (CA) as long as they are certified and support standard X.509v3 certificates.
  • Third, PAMS can interface to a business's existing CA to generate software smartcards containing the user's certificate again, as long as they are certified and support standard X.509v3 certificates. The business's CA acts as a specialized AP.
  • External authentication providers are registered to the e-speak repository (130) by PAMS Agent and must adhere to the PAMS's standard e-speak contract.
  • Registration is composed of a number of functions:
    • 1. Discover Service. Multiple brokers could be utilized. For example, HP provides a directory to facilitate locating e-Services, in addition, UDDI standards are under development by Microsoft, IBM, and Ariba to outline a registry, transaction rules, and a business service directory for B2B commerce. PAMS's home page is located on the PAMS web server
    • 2. Provide Information. Registering to PAMS and obtaining a software smartcard involves the completion of registration forms, which are located on the PAMS web server. Information entered on the forms is validated to ensure its accuracy. Validation can take many forms and involve many sources of information. For example, if Dun and Bradstreet are used as a trusted third party for company information, validation may consist of verifying the company's web server application is associated with a particular Internet IP address, and the name has been assigned to it by Internic. In addition to providing data online, registration requests by individual companies need to be supported by a written application provided on company letterhead, and signed by an officer of the company. Under certain circumstances, a system administrator from a company who is registering its employees may be given the ability to enter data about its employees into PAMS's registration system.
    • 3. Generate keys. If the validation process for a company is successfully completed, the Authentication Agent generates a public/private key pair, and encrypts the public key. The Registration Authority (RA) within the Card Personalization Server, located on the application server in the Authentication Agent (as shown on FIG. 14), generates a public/private key pair and then encrypts the public key. The Authentication Agent sends the keys to the selected Authentication Provider.
    • 1. Generate Certificate. The Authentication Service Provider invokes the Certificate Authority within the Card Personalization Server to generate a digital certificate. A default ASP exists internally to the Authentication Agent, though the PAMS design allows for external AP's to register themselves with PAMS. External AP's communicate with PAMS through e-Services via the Internet or through a private network. A company can choose for its employees which AP it wants to utilize. For example, if a company has 1,000 employees, the company may want to issue cards that have limited functionality, but can authenticate at a low cost to most of its employees; some employees many be issued cards that support roaming, at an additional cost. Employees that can contractually commit the company may require a card that provides authentication insurance or longer key lengths. PAMS can generate software smart cards individually or in batch mode by utilizing WebFort's™ “Batch Utility”.
    • 5. Camouflage and Download. The Authentication Agent then camouflages the private key using an activation code and places the software smart card in a card database on the database server. The business employee obtains their software smart card(s) by accessing the card database from the PAMS Home Page. Each employee of Type A downloads the client software plug-in from the Database server required to make use of the PAMS service. Type B businesses need to download the server application from the Database server to the server on which the business's application resides that PAMS will be authenticating access to. Type C businesses will either download the plug-in or an app-let depending on the type of device PAMS will be authenticating. Once the software has been downloaded it is installed.
    • 6. Initialize and Personalize the Smart Card. The business employee activates their software smart card(s) by accessing the card database from the PAMS Home Page and entering their user name and activation code. The employee picks a personal identification number (PIN) for the card(s). The business employee can personalize the software smart card by entering non-validated information about interests, needs, etc. The business employee can also create multiple personas, which represent subsets of the validated and non-validated information. Upon activation, OpenAccount is performed by PAMS to add a new entity to the customer data base, the e-speak repository and to invoke the Audit service.
      PAMS Normal Request Workflow
  • FIG. 15 shows a flow diagram of the normal PAMS workflow. After a request is successfully authenticated, a session token, a.k.a cookie, is generated and returned to client for subsequent access. The cookie is only valid within a fixed time frame and subject to certain pre-defined conditions, e.g., user logs out, that may invalidate it any time. The client uses the cookie to access resources as allowed without further need for authentication.
  • The entire authentication process is always monitored and logged by the audit agent. The audit agent, as instrumented by system policies, can also monitor certain events that happen later in the authenticated session. Events such as document signing will always be audited, unless explicitly disabled by the PAMS.
  • PAMS Usage Examples in XML
  • This section uses XML syntax exclusively to describe request/response interactions within PAMS. However, XML is not the only data transfer format in PAMS. ESIP-based exchange, for instance, is more suitable in cases where performance and programmatic flexibility are paramount. In fact, e-speak even allows a hybrid approach where the payload of a ESIP message can be XML data.
  • Vocabulary Definitions in e-Speak Schemas
  • PAMS defines several custom vocabularies. Here they are defined in e-speak XML schemas, although they can be equivalently defined using J-ESI, e-speak's Java programming interface. For more details, see Chapter 14 of the E-speak Programmer's Guide.
  • Vocabularies in e-speak are Core-managed resources, and they are handled by e-speak directly.
  • Persona Vocabulary
  • The following XML shows a sample request that creates a persona vocabulary:
    <s:Envelope xmlns:s=‘http://schemas.xmlsoap.org/soap/envelope/’>
      <s:Header>
      <e:route xmlns:e=‘http://www.e-speak.net/schema/header’>
       <e:to encoding=‘ESURL’>esip://pams.com:2950/
       core/core/Service/Create
       </e:to>
       <e:from encoding=‘ESURL’>esip://tcportal:2950/
       account/administrator
       </e:from>
      </e:route>
      <e:context xmlns:e=‘http://www.e-speak.net/schema/header’>
       </e:sessionToken>...cookie... </e:sessionToken>
      </e:context>
     </s:Header>
     <s:Body>
      <service name=“PAMS-Persona-Vocab” xmlns=“http://www.e-
    speak.net/schema/core”>
       <!--Attributes that describe persona vocabulary in
       e-speak's base vocabulary -->
       <description>
        <attr name=”Name”>
         <value>PAMS-Persona-Vocab</value>
        </attr>
        <attr name=”Type”>
        <value>Vocabulary</value>
        <attr name=”Description”>
         <value>PAMS persona vocabulary</value>
        </attr>
     </attr>
       </description>
       <schema name=”PAMS-Agent-Vocab”>
        <!-globally unique indentification -->
       <element name=”Guid” type=”String”/>
       <element name=”EmployeeID” type=”Integer”/>
       <element name=”EmployeeType” type=”String”/>
       <element name=”Title” type=”String”/>
       <element name=”Address” type=”String”/>
       <element name=”AuthorizationLevel” type=”short”/>
       <element name=”AuthorizationAmount” type=”double”/>
        <!-user's non-validated data -->
        <element name=”userData” type=”String”/>
      </schema>
      </service>
     </s:Body>
    </s:Envelope>

    Business Entity Vocabulary
  • The following XML shows a sample request that creates a business entity vocabulary:
    <s:Envelope xmlns:s=‘http://schemas.xmlsoap.org/soap/envelope/’>
     <s:Header>
      <e:route xmlns:e=‘http://www.e-speak.net/schema/header’>
       <e:to encoding=‘ESURL’>esip://pams.com:2950/core/
       core/Service/Create
       </e:to>
       <e:from encoding=‘ESURL’>esip://tcportal:2950/
       account/administrator
       </e:from>
      </e:route>
      <e:context xmlns:e=‘http://www.e-speak.net/schema/header’>
       </e:sessionToken>...cookie... </e:sessionToken>
      </e:context>
     </s:Header>
     <s:Body>
      <service name=“PAMS-BusinessEntity-Vocab” xmlns=“http://
    www.e-speak.net/schema/core”>
        <!--Attributes that describe business entity vocabulary in
    e-speak's base vocabulary -->
        <description>
        <attr name=”Name”>
         <value> PAMS-BusinessEntity-Vocab</value>
        </attr>
        <attr name=”Type”>
        <value>Vocabulary</value>
        <attr name=”Description”>
         <value>PAMS business entity vocabulary</value>
        </attr>
     </attr>
       </description>
       <schema name=”PAMS-BusinessEntity-Vocab”>
        <element name=”Address” type=”String”/>
        <element name=”ServiceDescription” type=”String”/>
         <element name=”DUNSNumber” type=”String”/>
         <element name=”SICCode” type=”String”/>
         <! - unique business entity identification →
         <element name=”Guid” type=”String”/>
       </schema>
      </service>
     </s:Body>
    </s:Envelope>

    Authentication Service Provider Vocabulary
  • The following sample request in XML creates the authentication service provider vocabulary:
    <s:Envelope xmlns:s=‘http://schemas.xmlsoap.org/soap/envelope/’>
     <s:Header>
      <e:route xmlns:e=‘http://www.e-speak.net/schema/header’>
       <e:to encoding=‘ESURL’>esip://pams.com:2950/core/
       core/Service/Create
       </e:to>
       <e:from encoding=‘ESURL’>esip://tcportal:2950/
       account/administrator
       </e:from>
      </e:route>
      <e:context xmlns:e=‘http://www.e-speak.net/schema/header’>
       </e:sessionToken>...cookie...</e:sessionToken>
      </e:context>
     </s:Header>
     <s:Body>
      <service name=“PAMS-AuthenticationProvider-Vocab”
    xmlns=“http://www.e-speak.net/schema/core”>
       <!--Attributes that describe business entity vocabulary in
    e-speak's base vocabulary -->
       <description>
        <attr name=”Name”>
        <value>PAMS-AuthenticationProvider-Vocab</value>
        </attr>
        <attr name=”Type”>
        <value>Vocabulary</value>
        <attr name=”Description”>
        <value>PAMS authentication provider vocabulary</value>
        </attr>
     </attr>
       </description>
       <schema name=”PAMS-AuthenticationProvider-Vocab”>
        <element name=”Address” type=”String”/>
        <element name=”ServiceDescription” type=”String”/>
         <element name=”ServiceLevel” type=”String”/>
         <element name=”Cost” type=”float”/>
         <!-authentication method -->
         <element name =”AuthMethod” type=”String”/>
         <!-key length -->
         <element name=”keyLength” type=”Integer”/>
         <!- identity of the service provider that determines
         its privileges -->
         <element name=”IdentityDataEncoding” type=”String”/>
         <element name=”IdentityData” type=”String”/>
       </schema>
      </service>
     </s:Body>
    <s:Envelope>

    Audit Service Provider Vocabulary
  • The following sample request in XML creates the audit service provider vocabulary:
    <s:Envelope xmlns:s=‘http://schemas.xmlsoap.org/soap/envelope/’>
     <s:Header>
      <e:route xmlns:e=‘http://www.e-speak.net/schema/header’>
       <e:to encoding=‘ESURL’>esip://pams.com:2950/core/
       core/Service/Create
       </e:to>
       <e:from encoding=‘ESURL’>esip://tcportal:2950/
       account/administrator
       </e:from>
      </e:route>
      <e:context xmlns:e=‘http://www.e-speak.net/schema/header’>
       </e:sessionToken>...cookie...</e:sessionToken>
      </e:context>
     </s:Header>
     <s:Body>
      <service name=“PAMS-AuditProvider-Vocab” xmlns=“http://www.e-
    speak.net/schema/core”>
       <!--Attributes that describe business entity vocabulary
    in e-speak's base vocabulary -->
       <description>
       <attr name=”Name”>
        <value>PAMS-AuditProvider-Vocab</value>
       </attr>
       <attr name=”Type”>
       <value>Vocabulary</value>
       <attr name=”Description”>
        <value>PAMS audit provider vocabulary</value>
       </attr>
     </attr>
       </description>
       <schema name=”PAMS-AuditProvider-Vocab”>
       <element name=”Address” type=”String”/>
       <element name=”ServiceDescription” type=”String”/>
       <element name=”ServiceLevel” type=”String”/>
       <element name=”Cost” type=”float”/>
       <!-audit method -->
       <element name =”AuditMethod” type=”String”/>
       <!- identity of the service provider that determines its privileges -->
        <element name=”IdentityDataEncoding” type=”String”/>
        <element name=”IdentityData” type=”String”/>
       </schema>
      </service>
     </s:Body>
    </s:Envelope>

    Service Registration in PAMS
  • This section describes how PAMS service providers register their services.
  • Service Registration Example
  • The following XML request example shows how an authentication service registers using the pre-registered PAMS vocabulary. The request is processed by the service provider administration console.
  • The URL element within the service Data element indicates that this service is accessible through a URL link.
  • The following XML shows a sample request:
    <? xml version=‘1.0’ ?>
    <s:Envelope xmlns:s=‘http://schemas.xmlsoap.org/soap/envelope/’>
     <s:Header>
      <e:route xmlns:e=‘http://www.e-speak.net/schema/header’>
       <e:to encoding=‘ESURL’>esip://pams.com:2950/core/
       core/Service/Create
       </e:to>
       <e:from encoding=‘ESURL’>esip://esportal.com:2950/
       account/testUser
       </e:from>
      </e:route>
      <e:context xmlns:e=‘http://www.e-speak.net/schema/header’>
       </e:sessionToken>...</e:sessionToken>
      </e:context>
     </s:Header>
     <s:Body>
      <service name=“Cost-Effective-Authentication” xmlns=“http://www.e-
    speak.net/schema/core”>
      <serviceData>
        <URL>http://www.cea.com/pams</URL>
      </serviceData>
      <description>
       <vocabulary PAMS-AuthenticationProvider-Vocab</vocabulary>
       <attr name=”Name”>
         <value> Cost-Effective-Authentication </value>
       </attr>
       <attr name=”ServiceDescription”>
         <value>provides cost-effective authentication service</value>
       </attr>
       <attr name=” AuthMethod”>
         <value>...</value>
       <attr name=”ServiceLevel”>
        <value>Full</value>
       </attr>
      </description>
       </service>
     </s:Body>
    </s:Envelope>

    Business Client Lookup
  • The following XML request example shows how business clients are located using the pre-registered PAMS vocabulary. Client lookups are handled by e-speak directly.
  • Client Lookup Example
  • The following XML shows a sample request that tries to locate clients:
       <? xml version=‘1.0’ ?>
       <s:Envelope xmlns:s=‘http://schemas.xmlsoap.org/soap/envelope/’>
       <s:Header>
       <e:route xmlns:e=‘http://www.e-speak.net/schema/header’>
       <e:to encoding=‘ESURL’>esip://pams.com:2950/core/core/
       Service/Find
       </e:to>
       <e:from encoding=‘ESURL’>esip://esportal.com:2950/
       account/testUser
       </e:from>
       </e:route>
      <e:context xmlns:e=‘http://www.e-speak.net/schema/header’>
       </e:sessionToken>...</e:sessionToken>
      </e:context>
     </s:Header>
     <s:Body>
       <query>
        <result>$allInfo</result>
        <where>
         <vocabulary prefix=”vocab” src=”PAMS-BusinessEntity-Vocab”/>
          <condition>
          vocab:ServiceLevel = “Full”
          </condition>
        </where>
       </query>
     </s:Body>
    </s:Envelope>

    Business Client Registration
  • A business client or employee registers using the Persona vocabulary. Unlike the other examples shown, the resource handler for user registration is not initially part of e-speak Core; instead, it is handled by PAMSportal's user registration module, as indicated by the e:to attribute in example below. However, if some of the user registrations are to be discoverable through e-speak, then the registration module can internally register the entries with e-speak through the standard service registration mechanism.
  • Client Registration Example
    <s:Envelope xmlns:s=‘http://schemas.xmlsoap.org/soap/envelope/’>
     <s:Header>
      <e:route xmlns:e=‘http://www.e-speak.net/schema/header’>
      <e:to encoding=‘ESURL’>esip://tcportal.com:2950/Service/
      Account/register
      </e:to>
      <e:from encoding=‘ESURL’>esip://tcportal:2950/account/user
      </e:from>
      </e:route>
      <e:context xmlns:e=‘http://www.e-speak.net/schema/header’>
      </e:sessionToken>...cookie...</e:sessionToken>
      </e:context>
     </s:Header>
     <s:Body>
     <service name=“PAMS-Portal-User-Register” xmlns=“http://www.e-
    speak.net/schema/core”>
      <!--Attributes that describe persona vocabulary in e-speak's base
      vocabulary -->
      <description>
       <vocabulary> PAMS-Persona-Vocab</vocabulary>
      </description>
      <attr name=>
       <attr name=”EmployeeID”>
        <value> 169 </value>
       </attr>
       <attr name=”EmployeeType”>
        <value> FT</value>
        </attr>
        <attr name=”Title”>
         <value>manager</value>
        </attr>
        <attr name=”Address”>
         <value>1000 Gateway Blvd., San Jose, CA</value>
        </attr>
        <attr name=”AuthorizationLevel”>
         <value>3</value>
       </attr>
       <attr name=”AuthorizationAmount”>
        <value>100000</value>
       </attr>
      </service>
     </s:Body>
    </s:Envelope>

    Register Agent Services
  • Both authentication and audit agents are registered with e-speak through the same XML template. Here is an instance of that template for the authentication agent service:
    <? xml version=‘1.0’ ?>
    <s:Envelope xmlns:s=‘http://schemas.xmlsoap.org/soap/envelope/’>
     <s:Header>
      <e:route xmlns:e=‘http://www.e-speak.net/schema/header’>
       <e:to encoding=‘ESURL’>esip://pams.com:2950/core/core/
       Service/Create
       </e:to>
       <e:from encoding=‘ESURL’>esip://esportal.com:2950/account/
       administrator
       </e:from>
      </e:route>
      <e:context xmlns:e=‘http://www.e-speak.net/schema/header’>
       </e:sessionToken>...</e:sessionToken>
      </e:context>
     </s:Header>
     <s:Body>
      <service name=“Authentication-Agent” xmlns=“http://www.e-
    speak.net/schema/core”>
       <serviceData>
        <URL>http://www.cea.com/pams</URL>
       </serviceData>
       <description>
        <attr name=”Name”>
         <value>Authentication-Agent</value>
        </attr>
        <attr name=”ServiceDescription”>
         <value>PAMS's authentication agent service</value>
        </attr>
       </description>
        </service>
     </s:Body>
    </s:Envelope>

    PAMS System Setup and Configuration
  • The steps for system setup and configuration are as follows:
      • 1. Install Hardware
      • 2. Install Software
      • 3. Start Software Services
  • The hardware configuration is described in FIG. 14. PC's can be standard machines with 100 Meg of hard disk space and 32 Meg of memory. Windows 2000/95 are some of the operating systems that can be used. Servers can also be standard machines available from HP, Sun, etc., UNIX or Windows NT 4.0/SP4 are some of the operating systems that can be used. Servers should have a minimum of 100 Meg of disk space and 256M of memory.
  • Install Software
  • Arcot—Software Setup
  • Arcot's WebFort™ comes with four setup programs for installing the WebFort™ components. Each of these components are required for configuring PAMS:
    • (a) Policy module—This component generates certificates for software smart cards using the Microsoft Certificate Server. Generation of certificates within the PAMS Authentication Agent is the default operating mode when an external Authentication Provider is not being utilized.
    • (b) Registration Authority—This system generates requests for certificates and sends them to the Certificate Authority. Also included is the personalization console, which is used to issue and manage software smart cards.
    • (c) Card Service—This program supports the activation of software smart cards and provides the ability for card roaming.
    • (d) Broadcast Service—The system is responsible for updating the authentication servers when software smart cards are revoked.
      HP—Software Setup
    • (a) Obtain the latest version of the e-speak software from the developer's site.
    • (b) To install the Windows NT version, download file es_x0301.exe. This is a self-extracting zip file.
    • (c) In addition to the e-speak code, the following software products are required:
      • Oracle 8.0 for the backend database with thin client JDBC driver
      • Java™ Servlet Development Kit (JSDK) 2.0, this is available at http://java.sun.com/products/serviet
      • WebAccess solution Java Servlet Development Kit (JSDK) 2.0
      • Apache web server and Apache Jserv
    • (d) e-speak is then configured for the NT environment. This process is explained in the e-speak implementation guide page 14.
      Start Software Service
    • 1. Start Arcot WebFort™. WebFort™ services are straight forward and are explained in the WebFort™ manual. For example, if WebFort™ is loaded on a Windows NT environment, WebFort TMservices would be started using the Services Utility of the Control Panel. The Services Utility will list the Authentication service, and the Broadcast service. Click ‘Start’ to initiate services. The personalization console and the server management console are started from the NT Start Menu.
    • 2. Start HP e-speak. Starting e-speak can be done by changing to the <installDir> and entering ‘.\espeak’ to start the e-speak core and basic services.
      Start Agent Services
  • The system is started by the following steps:
      • 1. Start the e-speak core.
      • 2. Create and register PAMS vocabularies.
      • 3. Register PAMS Agents
      • 4. Register PAMS service providers as e-speak services.
  • In the second step, the PAMS agents also register the default authentication and audit service handlers with e-speak. Since these agents are system default, they can simply be called by name by other PAMS portal modules.
  • Once a vocabulary has been created, the implementation of the service interface is created. Specific instructions on creation of the interface can be obtained from the current version of the e-speak manual. The following steps are indicative of the steps involved.
    • 1. Define the interface that describes the Arcot APT's so that it conforms to e-speak IDL.
    • 2. Create a new ESServiceElement. Set the value of the vocabulary attributes and provide the implementation to the service element. The service is then registered and started so that the service can be found and utilized by others. This is done by connecting to the e-speak core (as prevously done) and then creating the PAMS agent service. Each service is defined by creating a file ‘PAMSAgent.xml’ to register the service. PAMAgent.xml has beeb previously presented in the section entitled “Register Agent Services”.
    • 3. Indicative steps to create and deploy the PAMS Agent service: java PAMSAuthAgentService PAMSAgentVocabulary.xml
    • 4. PAMSAuthAgentServicejava registers the service: ESConnection session=new ESConnection(PropertyFile1”);
    • 5. The service element is created and an implementation object is associated with it: ESServiceElement servElem=new ESServiceElement(session, essd); servElem.setImplementation(new PAMSAuthAgentServiceImp( );
    • 6. The service is registered
      ESAccessor accessor=servElem.register( ); (refer to prior section entitled “Register Agent Services” for an equivalent registration done in XML)
    • 7. The service is advertised to the core(s):
      servElem.advertise( );
    • 8. The service is started:
      servElem.start( );
      Register PAMS Vocabularies
  • See prior vocabulary definitions in XML format. Fach XML vocabulary can be registered simply by sending the request through the Webaccess component of e-speak.
  • Register PAMS Service Providers
  • This is done by PAMS's administration console. The procedure will be different depending on whether the service provider is internal or external. Internal service provider comes with a service description file describing full details of the service. The console picks up the configuration file for registration. External service provider, on the other hand, is typically discovered through e-speak's advertising service. In the case where the service's ESURL is known, the discovery step can be skipped, and the console can connect to the service directly through e-speak.
  • Although the present invention has been described in considerable detail with reference to certain preferred versions thereof, other versions are possible. Therefore the spirit and scope of the appended claims should not be limited to the preferred versions herein.

Claims (8)

1. A method for conducting authenticated business transactions involving communications using microprocessor equipped devices to communicate over a distributed network, the method being carried out by an on-line authentication service available on the distributed network, comprising the acts of:
a) enrolling a multiplicity of users with a closed authentication infrastructure, wherein enrolling comprises obtaining and verifying the identity and other credentials of the multiplicity of users and providing each user with a unique secret necessary for later authentication to said on-line authentication service and storing the verified identity and other credentials in at least one database;
b) authenticating a plurality of the multiplicity of users to said on-line authentication service using each user's unique secret to produce a plurality of authenticated users; and
c) enabling a plurality of groups each group comprising at least two of said plurality of authenticated users to conduct interactions with each other comprising a plurality of messages under persistent mediation of said on-line authentication service, such that each of the plurality of messages passes through said on-line authentication service and is directly monitored by said on-line authentication service.
2. The method of claim 1, further comprising the act of providing each of the at least two users in an interaction verified information about each other user in the interaction in an intelligible form before beginning the interaction whereby each user may decide whether to proceed with an interaction based on the verified information provided by the on-line authentication service.
3. The method of claim 1 wherein persistent mediation of an interaction further comprises the acts of directly compiling an audit trail of an interaction and making the audit trail available to the at least two users in the interaction in an intelligible form at any time during the interaction at the option of the at least two users and wherein the audit trail comprises at least some of the content of the plurality of messages in the interaction.
4. The method of claim 1 wherein the unique secret comprises a private encryption key, and said closed authentication infrastructure comprises a pseudo-PKI system of a type which cryptographically camouflages a user's private encryption key in a software container, whereby the user's camouflaged private key will generate a correct response to an authentication challenge if a proper access code is entered, but often generates an incorrect but plausible response which if used will provide a notice to the on-line authentication service of a security attack on the camouflaged key.
5. The method of claim 4, wherein enrolling a multiplicity of users further comprises the act of providing each of said multiplicity of users with a public key encrypted on a certificate which can only be decrypted using a secret key under exclusive control of the on-line authentication service, whereby the pseudo-PKI system operates as a closed authentication infrastructure and the on-line authentication service is capable of authenticating users without storing a cryptographic key of the user other than during the act of authenticating.
6. A method for conducting authenticated business transactions involving communications using microprocessor equipped devices to communicate over a distributed network, the method being carried out by an on-line persistent authentication and mediation service available on the distributed network comprising the acts of:
a) enrolling users seeking enrollment in the persistent authentication and mediation service, to produce a multiplicity of enrolled users, wherein enrolling comprises obtaining and verifying the identity and other credentials of the multiplicity of users and providing each user with a unique secret necessary for later authentication to said on-line persistent authentication and mediation service;
b) storing the verified identity and other credentials in at least one database;
c) receiving on-line requests from enrolled users for authentication to the on-line authentication service;
d) authenticating enrolled users seeking authentication to the persistent authentication and mediation service using each enrolled user's unique secret, so as to maintain a plurality of authenticated users;
e) receiving requests from authenticated users to be connected to particular other authenticated users;
f) connecting groups of at least two authenticated users under persistent mediation of the persistent authentication and mediation service and enabling the at least two authenticated users which are connected to conduct an interaction comprising a plurality of messages;
g) repeating act (f) to produce a plurality of groups of connected users;
h) mediating the interaction among the at least two users of each of said plurality of groups of connected users such that each message in the interaction passes through the persistent authentication and mediation service; and
i) directly compiling an audit trail of the interaction and making information from the audit trail available to the at least two users of each group of connected users during the interaction in an intelligible form wherein the audit trail contains at least some of the content of the plurality of messages in the interaction.
7. The method of claim 6, wherein the act of authenticating users comprises using an authentication method of the users' choosing.
8. The method of claim 6, wherein the act of compiling an audit trail comprises using an audit trail method of the users' choosing.
US11/197,955 2000-08-30 2005-08-05 Method, system and service for conducting authenticated business transactions Abandoned US20060020783A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US11/197,955 US20060020783A1 (en) 2000-08-30 2005-08-05 Method, system and service for conducting authenticated business transactions

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US22936800P 2000-08-30 2000-08-30
US09/875,088 US6957199B1 (en) 2000-08-30 2001-06-05 Method, system and service for conducting authenticated business transactions
US11/197,955 US20060020783A1 (en) 2000-08-30 2005-08-05 Method, system and service for conducting authenticated business transactions

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US09/875,088 Continuation US6957199B1 (en) 2000-08-30 2001-06-05 Method, system and service for conducting authenticated business transactions

Publications (1)

Publication Number Publication Date
US20060020783A1 true US20060020783A1 (en) 2006-01-26

Family

ID=35066266

Family Applications (2)

Application Number Title Priority Date Filing Date
US09/875,088 Expired - Fee Related US6957199B1 (en) 2000-08-30 2001-06-05 Method, system and service for conducting authenticated business transactions
US11/197,955 Abandoned US20060020783A1 (en) 2000-08-30 2005-08-05 Method, system and service for conducting authenticated business transactions

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US09/875,088 Expired - Fee Related US6957199B1 (en) 2000-08-30 2001-06-05 Method, system and service for conducting authenticated business transactions

Country Status (1)

Country Link
US (2) US6957199B1 (en)

Cited By (95)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020038358A1 (en) * 2000-08-08 2002-03-28 Sweatt Millard E. Method and system for remote television replay control
US20020083192A1 (en) * 2000-12-18 2002-06-27 Cora Alisuag Computer oriented record administration system
US20020087661A1 (en) * 2000-08-08 2002-07-04 Matichuk Chris E. One click web records
US20030105981A1 (en) * 2001-12-04 2003-06-05 Miller Lawrence R. System and method for single session sign-on
US20030229781A1 (en) * 2002-06-05 2003-12-11 Fox Barbara Lynch Cryptographic audit
US20040030888A1 (en) * 2002-08-08 2004-02-12 Roh Jong Hyuk Method of validating certificate by certificate validation server using certificate policies and certificate policy mapping in public key infrastructure
US20040070616A1 (en) * 2002-06-02 2004-04-15 Hildebrandt Peter W. Electronic whiteboard
US20050071448A1 (en) * 2003-09-29 2005-03-31 International Business Machines Corporation Mobile application and content provisioning using web services technology
US20050086496A1 (en) * 2001-11-28 2005-04-21 Leif Sandberg Method for registering and enabling pki functionalities
US20060276171A1 (en) * 2005-06-06 2006-12-07 Sms.Ac, Inc. Billing system and method for micro-transactions
US20060277092A1 (en) * 2005-06-03 2006-12-07 Credigy Technologies, Inc. System and method for a peer to peer exchange of consumer information
US20070123229A1 (en) * 2005-09-07 2007-05-31 Sms.Ac, Inc. Automated billing and distribution platform for application providers
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070162377A1 (en) * 2005-12-23 2007-07-12 Credigy Technologies, Inc. System and method for an online exchange of private data
US20070260556A1 (en) * 2005-06-06 2007-11-08 Michael Pousti System and method for verification of identity for transactions
US20070266034A1 (en) * 2006-03-08 2007-11-15 Michael Pousti Automatic generation of application pod
US20080028206A1 (en) * 2005-12-28 2008-01-31 Bce Inc. Session-based public key infrastructure
US20080052373A1 (en) * 2006-05-01 2008-02-28 Sms.Ac Systems and methods for a community-based user interface
US20080178004A1 (en) * 2006-01-24 2008-07-24 Huawei Technologies Co., Ltd. Method, system and authentication centre for authenticating in end-to-end communications based on a mobile network
US20080195579A1 (en) * 2004-03-19 2008-08-14 Kennis Peter H Methods and systems for extraction of transaction data for compliance monitoring
US20080261561A1 (en) * 2007-04-20 2008-10-23 Telefonaktiebolaget Lm Ericsson (Publ) Secure Soft SIM Credential Transfer
US20080287095A1 (en) * 2006-03-20 2008-11-20 Sms.Ac Systems and methods for generation, registration and mobile phone billing of a network-enabled application with one-time opt-in
US20090024614A1 (en) * 2006-09-06 2009-01-22 Sms.Ac Systems and methods for online content searching
US20090100261A1 (en) * 2007-09-28 2009-04-16 Hirokazu Aoshima Method and system for mediation of authentication within a communication network
US20090125817A1 (en) * 2007-11-08 2009-05-14 International Business Machines Corporation System and method for sharing data
US20090132232A1 (en) * 2006-03-30 2009-05-21 Pegasystems Inc. Methods and apparatus for implementing multilingual software applications
US20100017891A1 (en) * 2005-09-26 2010-01-21 Heiko Thierbach Method of Controlling a Browser Window
US20100076955A1 (en) * 2006-12-19 2010-03-25 Koninklijke Kpn N.V. The Hague, The Netherlands Data network service based on profiling client-addresses
US20100131765A1 (en) * 2008-11-26 2010-05-27 Microsoft Corporation Anonymous verifiable public key certificates
US20100190497A1 (en) * 2008-12-11 2010-07-29 Christopher David Pudney Telecommunications network access rejection
US20100235623A1 (en) * 2009-03-11 2010-09-16 Wic Cdn Inc. Methods and systems for identity verification
US20100235637A1 (en) * 2007-06-22 2010-09-16 Gemalto, Sa Method of Preventing Web Browser Extensions from Hijacking User Information
US20100313012A1 (en) * 2007-12-03 2010-12-09 China Iwncomm Co., Ltd. light access authentication method and system
US7890751B1 (en) * 2003-12-03 2011-02-15 Comtech Ef Data Corp Method and system for increasing data access in a secure socket layer network environment
US20110113245A1 (en) * 2009-11-12 2011-05-12 Arcot Systems, Inc. One time pin generation
US20110113237A1 (en) * 2009-11-06 2011-05-12 Arcot Systems, Inc. Key camouflaging method using a machine identifier
US20110145899A1 (en) * 2009-12-10 2011-06-16 Verisign, Inc. Single Action Authentication via Mobile Devices
US20110202985A1 (en) * 2008-10-23 2011-08-18 Fujitsu Limited Authentication system, authentication server, and sub-authentication server
US20110208663A1 (en) * 2004-03-19 2011-08-25 Kennis Peter H Extraction of transaction data for compliance monitoring
US8095793B1 (en) * 2009-12-30 2012-01-10 In-Circuit Solutions Inc. Digital rights management apparatus and method
US8160960B1 (en) 2001-06-07 2012-04-17 Jpmorgan Chase Bank, N.A. System and method for rapid updating of credit information
US8185940B2 (en) 2001-07-12 2012-05-22 Jpmorgan Chase Bank, N.A. System and method for providing discriminated content to network users
CN102625159A (en) * 2012-02-23 2012-08-01 深圳市龙视传媒有限公司 Closed loop-type security authentication method for business system portals and system adopting same
US8250525B2 (en) 2007-03-02 2012-08-21 Pegasystems Inc. Proactive performance management for multi-user enterprise software systems
US20120260092A1 (en) * 2009-10-29 2012-10-11 Nec Europe Ltd. Method for supporting a reputation mechanism in a network and network
US8301493B2 (en) 2002-11-05 2012-10-30 Jpmorgan Chase Bank, N.A. System and method for providing incentives to consumers to share information
US8335704B2 (en) 2005-01-28 2012-12-18 Pegasystems Inc. Methods and apparatus for work management and routing
US8479157B2 (en) 2004-05-26 2013-07-02 Pegasystems Inc. Methods and apparatus for integration of declarative rule-based processing with procedural programming in a digital data-processing evironment
US8505079B2 (en) * 2011-10-23 2013-08-06 Gopal Nandakumar Authentication system and related method
US8514825B1 (en) 2011-01-14 2013-08-20 Cisco Technology, Inc. System and method for enabling a vehicular access network in a vehicular environment
US8533802B2 (en) * 2011-10-23 2013-09-10 Gopal Nandakumar Authentication system and related method
US8538844B1 (en) 1998-12-23 2013-09-17 Jpmorgan Chase Bank, N.A. System and method for integrating trading operations including the generation, processing and tracking of and trade documents
US8566957B2 (en) * 2011-10-23 2013-10-22 Gopal Nandakumar Authentication system
US8713656B2 (en) * 2011-10-23 2014-04-29 Gopal Nandakumar Authentication method
US20140189796A1 (en) * 2011-09-27 2014-07-03 Nomura Research Institute, Ltd. Group definition management system
US8800014B2 (en) 2011-10-23 2014-08-05 Gopal Nandakumar Authentication method
US8811177B1 (en) 2011-11-03 2014-08-19 Jpmorgan Chase Bank, N.A. Method and system for implementing a network analysis tool for endpoints deployments
US8838634B1 (en) * 2012-03-30 2014-09-16 Emc Corporation Custom user parallel data import and export
WO2014142996A1 (en) * 2013-03-15 2014-09-18 Hewlett-Packard Development Company, L.P. Sending encrypted data to a service provider
US8850218B2 (en) 2009-09-04 2014-09-30 Ca, Inc. OTP generation using a camouflaged key
US8849716B1 (en) 2001-04-20 2014-09-30 Jpmorgan Chase Bank, N.A. System and method for preventing identity theft or misuse by restricting access
US8880487B1 (en) 2011-02-18 2014-11-04 Pegasystems Inc. Systems and methods for distributed rules processing
US8924335B1 (en) 2006-03-30 2014-12-30 Pegasystems Inc. Rule-based user interface conformance methods
CN104270359A (en) * 2014-09-25 2015-01-07 同济大学 Credibility certification system and method for network transaction
US20150058218A1 (en) * 2013-08-26 2015-02-26 Xiaoxiong ZHANG Transaction Processing Method and Apparatus
US20150271343A1 (en) * 2014-03-20 2015-09-24 Infosys Limited Methods and systems for providing telecommunication services from disparate telecommunication service providers
US9195936B1 (en) 2011-12-30 2015-11-24 Pegasystems Inc. System and method for updating or modifying an application without manual coding
US20150341794A1 (en) * 2014-05-23 2015-11-26 Qualcomm Incorporated Secure relay of discovery information in wireless networks
US9237167B1 (en) * 2008-01-18 2016-01-12 Jpmorgan Chase Bank, N.A. Systems and methods for performing network counter measures
US9576140B1 (en) * 2009-07-01 2017-02-21 Dell Products L.P. Single sign-on system for shared resource environments
US9678719B1 (en) 2009-03-30 2017-06-13 Pegasystems Inc. System and software for creation and modification of software
JP6219459B1 (en) * 2016-07-27 2017-10-25 株式会社三菱東京Ufj銀行 Contract conclusion server used for conclusion of electronic contract and method of conclusion of electronic contract
JP2018018536A (en) * 2017-09-27 2018-02-01 株式会社三菱東京Ufj銀行 Contract server used for concluding electronic contract and method for concluding electronic contract
US9894067B1 (en) 2015-12-03 2018-02-13 Amazon Technologies, Inc. Cross-region roles
US9900160B1 (en) 2015-12-03 2018-02-20 Amazon Technologies, Inc. Asymmetric session credentials
US10148710B2 (en) 2013-11-27 2018-12-04 At&T Intellectual Property I, L.P. Method, computer-readable storage device and apparatus for establishing persistent messaging sessions
US20190014105A1 (en) * 2017-07-09 2019-01-10 Abdullah Rashid Alsaifi Certification System
US10182044B1 (en) 2015-12-03 2019-01-15 Amazon Technologies, Inc. Personalizing global session identifiers
US10198723B2 (en) 2013-07-15 2019-02-05 Mastercard International Incorporated Systems and methods for facilitating multi-party payment transactions
US10277569B1 (en) * 2015-12-03 2019-04-30 Amazon Technologies, Inc. Cross-region cache of regional sessions
US10316154B2 (en) 2014-12-09 2019-06-11 Arkema Inc. Compositions and methods for crosslinking polymers in the presence of atmospheric oxygen
US10390074B2 (en) 2000-08-08 2019-08-20 The Directv Group, Inc. One click web records
US10467200B1 (en) 2009-03-12 2019-11-05 Pegasystems, Inc. Techniques for dynamic data processing
US10469396B2 (en) 2014-10-10 2019-11-05 Pegasystems, Inc. Event processing with enhanced throughput
US10504148B2 (en) 2014-05-23 2019-12-10 Qualcomm Incorporated Peer-to-peer relaying of discovery information
WO2020055401A1 (en) * 2018-09-12 2020-03-19 Visa International Service Association Checkout with mac
CN111275517A (en) * 2020-01-14 2020-06-12 拉扎斯网络科技(上海)有限公司 Link information display method and device, storage medium and terminal
US10698599B2 (en) 2016-06-03 2020-06-30 Pegasystems, Inc. Connecting graphical shapes using gestures
US10698647B2 (en) 2016-07-11 2020-06-30 Pegasystems Inc. Selective sharing for collaborative application usage
US10735198B1 (en) 2019-11-13 2020-08-04 Capital One Services, Llc Systems and methods for tokenized data delegation and protection
US11044275B2 (en) * 2010-03-30 2021-06-22 Authentic8, Inc. Secure web container for a secure online user environment
US11048488B2 (en) 2018-08-14 2021-06-29 Pegasystems, Inc. Software code optimizer and method
WO2022131932A1 (en) * 2020-12-17 2022-06-23 Xero Limited Systems and methods for matching entities
US11567945B1 (en) 2020-08-27 2023-01-31 Pegasystems Inc. Customized digital content generation systems and methods
US11606350B2 (en) 2020-09-15 2023-03-14 The Toronto-Dominion Bank Initiating provisioning of an existing account based on an unauthenticated request

Families Citing this family (189)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IL128720A (en) * 1999-02-25 2009-06-15 Cidway Technologies Ltd Method for certification of over the phone transactions
US20120209743A1 (en) * 1999-05-12 2012-08-16 Mesaros Gregory J Multiple Criteria Buying and Selling Model
WO2002021397A1 (en) * 2000-09-08 2002-03-14 United States Postal Service Mediated electronic messaging with value-added services
US7330830B1 (en) 2000-10-25 2008-02-12 Thomson Financial Inc. Distributed commerce system
US7305360B1 (en) * 2000-10-25 2007-12-04 Thomson Financial Inc. Electronic sales system
US7287089B1 (en) * 2000-10-25 2007-10-23 Thomson Financial Inc. Electronic commerce infrastructure system
AU2002235142A1 (en) * 2000-11-27 2002-06-03 Nextworth, Inc. Anonymous transaction system
US8015600B2 (en) * 2000-12-22 2011-09-06 Oracle International Corporation Employing electronic certificate workflows
US7802174B2 (en) 2000-12-22 2010-09-21 Oracle International Corporation Domain based workflows
US8095624B2 (en) * 2000-12-28 2012-01-10 CenterBeam Inc. Architecture for serving and managing independent access devices
JP2002259718A (en) * 2001-02-28 2002-09-13 Fujitsu Ltd Contents providing method and program, contents user menu information database registering method, contents request program, contents user registering program, and fee requesting program
US7302634B2 (en) 2001-03-14 2007-11-27 Microsoft Corporation Schema-based services for identity-based data access
US7024662B2 (en) 2001-03-14 2006-04-04 Microsoft Corporation Executing dynamically assigned functions while providing services
ATE315309T1 (en) * 2001-03-22 2006-02-15 Nortel Networks Ltd FLEXIBLE CUSTOMIZATION OF NETWORK SERVICES
US9948644B2 (en) 2001-03-26 2018-04-17 Salesforce.Com, Inc. Routing messages between applications
US7788399B2 (en) 2001-03-26 2010-08-31 Salesforce.Com, Inc. System and method for mapping of services
US7689711B2 (en) 2001-03-26 2010-03-30 Salesforce.Com, Inc. System and method for routing messages between applications
US7080139B1 (en) 2001-04-24 2006-07-18 Fatbubble, Inc Method and apparatus for selectively sharing and passively tracking communication device experiences
US7120928B2 (en) * 2001-06-15 2006-10-10 Dinesh Sheth Secure selective sharing of account information on an internet information aggregation system
CA2450834C (en) * 2001-06-18 2013-08-13 Daon Holdings Limited An electronic data vault providing biometrically protected electronic signatures
US7814014B2 (en) * 2001-06-25 2010-10-12 International Business Machines Corporation Providing dual number access electronic wallet
US8751647B1 (en) 2001-06-30 2014-06-10 Extreme Networks Method and apparatus for network login authorization
US7805378B2 (en) * 2001-07-10 2010-09-28 American Express Travel Related Servicex Company, Inc. System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions
US7543738B1 (en) * 2001-07-10 2009-06-09 American Express Travel Related Services Company, Inc. System and method for secure transactions manageable by a transaction account provider
US8239531B1 (en) * 2001-07-23 2012-08-07 At&T Intellectual Property Ii, L.P. Method and apparatus for connection to virtual private networks for secure transactions
WO2003015000A1 (en) * 2001-08-08 2003-02-20 Trivium Systems Inc. Workflow engine for automating business processes in scalable multiprocessor computer platforms
GB2378782B (en) * 2001-08-16 2005-04-13 Sun Microsystems Inc Message brokering
US20040201682A1 (en) * 2001-08-22 2004-10-14 Lou Chauvin System, method and software product for allowing a consumer to order image products over a communication network from a plurality of different providers
US8688764B2 (en) * 2001-08-22 2014-04-01 Intellectual Ventures Fund 83 Llc System, method and software product for ordering image products using images stored on a digital storage device from a plurality of order terminals
US7840934B2 (en) * 2001-08-29 2010-11-23 Hewlett-Packard Development Company, L.P. Method and system for integrating workflow management systems with business-to-business interaction standards
US7444676B1 (en) * 2001-08-29 2008-10-28 Nader Asghari-Kamrani Direct authentication and authorization system and method for trusted network of financial institutions
US20030061232A1 (en) * 2001-09-21 2003-03-27 Dun & Bradstreet Inc. Method and system for processing business data
GB2380368B (en) * 2001-09-27 2005-06-22 Ibm A method and system for communication via a computer network
US10019683B1 (en) * 2001-10-04 2018-07-10 Jda Software Group, Inc. Facilitating the negotiation of standards for inter-enterprise collaboration between trading partners
US7721193B2 (en) * 2001-10-18 2010-05-18 Bea Systems, Inc. System and method for implementing a schema object model in application integration
US7610390B2 (en) * 2001-12-04 2009-10-27 Sun Microsystems, Inc. Distributed network identity
EP1321853A3 (en) * 2001-12-10 2009-12-23 Sap Ag Dynamic component transfer based on resource negotiations between computer systems
US20070061472A1 (en) * 2001-12-19 2007-03-15 Chen Li Identifier management in message transmission system
US20030115153A1 (en) * 2001-12-19 2003-06-19 Chen Li Identifier management in message transmission system
US7370356B1 (en) * 2002-01-23 2008-05-06 Symantec Corporation Distributed network monitoring system and method
US20030149870A1 (en) * 2002-02-04 2003-08-07 Wookey Michael J. Remote services wide area network connection anti-spoofing control
US7260617B2 (en) * 2002-03-04 2007-08-21 International Business Machines Corporation Method, system, and article of manufacture for implementing security features at a portal server
US9544297B2 (en) * 2002-03-08 2017-01-10 Algorithmic Research Ltd. Method for secured data processing
US7398398B2 (en) * 2002-03-16 2008-07-08 Trustedflow Systems, Inc. Authenticated and metered flow control method
US7614081B2 (en) * 2002-04-08 2009-11-03 Sony Corporation Managing and sharing identities on a network
US7478126B2 (en) * 2002-04-08 2009-01-13 Sony Corporation Initializing relationships between devices in a network
AU2003246823A1 (en) * 2002-04-12 2003-10-27 Thomson Licensing S.A. Method for the anonymous authentication of a data transmitter
US9886309B2 (en) 2002-06-28 2018-02-06 Microsoft Technology Licensing, Llc Identity-based distributed computing for device resources
US7392375B2 (en) * 2002-09-18 2008-06-24 Colligo Networks, Inc. Peer-to-peer authentication for real-time collaboration
US7991827B1 (en) 2002-11-13 2011-08-02 Mcafee, Inc. Network analysis system and method utilizing collected metadata
US7493614B2 (en) * 2003-03-31 2009-02-17 Microsoft Corporation System architecture and related methods for dynamically adding software components to extend functionality of system processes
US7039655B2 (en) * 2003-04-07 2006-05-02 Mesoft Partners, Llc System and method for providing a digital media supply chain operation system and suite of applications
US7269733B1 (en) * 2003-04-10 2007-09-11 Cisco Technology, Inc. Reliable embedded file content addressing
US8260673B2 (en) * 2003-05-09 2012-09-04 International Business Machines Corporation Method, system and computer program product for selective data disclosure and contract negotiation in an E-marketplace based on predetermined preferences
US20040225616A1 (en) * 2003-05-09 2004-11-11 Arnold Gordon K. Method, system and computer program product for third-party verification of anonymous e-marketplace transactions using digital signatures
US7568107B1 (en) * 2003-08-20 2009-07-28 Extreme Networks, Inc. Method and system for auto discovery of authenticator for network login
JP4303541B2 (en) * 2003-09-02 2009-07-29 株式会社日立製作所 Search method and search broker
US20050080909A1 (en) 2003-10-10 2005-04-14 Anatoliy Panasyuk Methods and apparatus for scalable secure remote desktop access
US7321970B2 (en) * 2003-12-30 2008-01-22 Nokia Siemens Networks Oy Method and system for authentication using infrastructureless certificates
US7836301B2 (en) * 2004-03-10 2010-11-16 Harris Steven M Computer program for securely viewing a file
US7590685B2 (en) 2004-04-07 2009-09-15 Salesforce.Com Inc. Techniques for providing interoperability as a service
US7802007B2 (en) 2004-05-19 2010-09-21 Salesforce.Com, Inc. Techniques for providing connections to services in a network environment
US7649854B2 (en) * 2004-05-19 2010-01-19 Bea Systems, Inc. System and method for providing channels in application servers and transaction-based systems
US8280948B1 (en) * 2004-06-08 2012-10-02 Persony Inc. System and method for enabling online collaboration amongst a plurality of terminals using a web server
US7958546B2 (en) * 2004-06-29 2011-06-07 International Business Machines Corporation Identity access management system
US8621215B1 (en) 2004-06-30 2013-12-31 Google Inc. Methods and systems for creating monetary accounts for members in a social network
US7681242B2 (en) * 2004-08-26 2010-03-16 Novell, Inc. Allocation of network resources
US9645712B2 (en) 2004-10-01 2017-05-09 Grand Central Communications, Inc. Multiple stakeholders for a single business process
US20060080256A1 (en) * 2004-10-12 2006-04-13 Yucel Karabulut Method and system for establishing a trustworthy supplier
US20060085253A1 (en) * 2004-10-18 2006-04-20 Matthew Mengerink Method and system to utilize a user network within a network-based commerce platform
US8996485B1 (en) * 2004-12-17 2015-03-31 Voltage Security, Inc. Web site verification service
US7509628B2 (en) * 2004-12-23 2009-03-24 Microsoft Corporation Extensibility framework for developing front office (CRM) workflow automation components
US20060178898A1 (en) * 2005-02-07 2006-08-10 Babak Habibi Unified event monitoring system
US8086853B2 (en) * 2005-03-18 2011-12-27 Microsoft Corporation Automatic centralized authentication challenge response generation
US20060230279A1 (en) * 2005-03-30 2006-10-12 Morris Robert P Methods, systems, and computer program products for establishing trusted access to a communication network
US20060230278A1 (en) * 2005-03-30 2006-10-12 Morris Robert P Methods,systems, and computer program products for determining a trust indication associated with access to a communication network
US8473470B1 (en) * 2005-05-23 2013-06-25 Bentley Systems, Incorporated System for providing collaborative communications environment for manufacturers and potential customers
US20060265737A1 (en) * 2005-05-23 2006-11-23 Morris Robert P Methods, systems, and computer program products for providing trusted access to a communicaiton network based on location
US20060271460A1 (en) * 2005-05-31 2006-11-30 Ebay Inc. Method and system to provide user created social networks in a distributed commerce system
US8082213B2 (en) * 2005-06-27 2011-12-20 Jarlath Lyons Method and system for personalized online security
US8839450B2 (en) 2007-08-02 2014-09-16 Intel Corporation Secure vault service for software components within an execution environment
US7953980B2 (en) 2005-06-30 2011-05-31 Intel Corporation Signed manifest for run-time verification of software program identity and integrity
CA2620993A1 (en) * 2005-09-02 2007-03-08 Ecmarket Inc. Method and system for exchanging business documents
US20070061396A1 (en) * 2005-09-09 2007-03-15 Morris Robert P Methods, systems, and computer program products for providing service data to a service provider
US20070136197A1 (en) * 2005-12-13 2007-06-14 Morris Robert P Methods, systems, and computer program products for authorizing a service request based on account-holder-configured authorization rules
US8230487B2 (en) 2005-12-21 2012-07-24 International Business Machines Corporation Method and system for controlling access to a secondary system
US20070150299A1 (en) * 2005-12-22 2007-06-28 Flory Clive F Method, system, and apparatus for the management of the electronic files
US20070209081A1 (en) * 2006-03-01 2007-09-06 Morris Robert P Methods, systems, and computer program products for providing a client device with temporary access to a service during authentication of the client device
US8706560B2 (en) 2011-07-27 2014-04-22 Ebay Inc. Community based network shopping
US7996270B2 (en) * 2006-03-30 2011-08-09 Ebay Inc. Community based network shopping
US7764951B2 (en) * 2006-04-20 2010-07-27 Cisco Technology, Inc. Techniques for tracking communication frequency across communication modalities
KR20070110779A (en) * 2006-05-15 2007-11-20 김성주 Integration authentication method and integration authentication sever
US20070288602A1 (en) * 2006-06-09 2007-12-13 Ebay Inc. Interest-based communities
US7783718B2 (en) * 2006-06-15 2010-08-24 Microsoft Corporation Locating services using compiled scopes
US7639629B2 (en) * 2006-07-28 2009-12-29 Microsoft Corporation Security model for application and trading partner integration
EP2069981A4 (en) * 2006-09-01 2010-12-22 Pelletsales Com Llc System and method for facillitating transactions in a distribution network
CN100555939C (en) * 2006-09-20 2009-10-28 北京飞天诚信科技有限公司 A kind of based on network method for protecting software
US7917754B1 (en) * 2006-11-03 2011-03-29 Intuit Inc. Method and apparatus for linking businesses to potential customers through a trusted source network
US20080177655A1 (en) * 2007-01-23 2008-07-24 David Zalik Systems and methods of underwriting business credit
US7913178B2 (en) * 2007-01-31 2011-03-22 Ebay Inc. Method and system for collaborative and private sessions
US9660812B2 (en) * 2007-02-28 2017-05-23 Red Hat, Inc. Providing independent verification of information in a public forum
US20080262961A1 (en) * 2007-04-17 2008-10-23 First Data Corporation Merchant Credit Risk Monitoring
US20080263645A1 (en) * 2007-04-23 2008-10-23 Telus Communications Company Privacy identifier remediation
WO2008150533A2 (en) * 2007-06-01 2008-12-11 Ften, Inc. Method and system for monitoring market data to identify user defined market conditions
US20080319858A1 (en) * 2007-06-14 2008-12-25 Denk Jr William E Automated system to determine, store, and share the relevance of information, and to assign trust to that information
US20080319909A1 (en) * 2007-06-25 2008-12-25 Perkins George S System and method for managing the lifecycle of encryption keys
AP2684A (en) * 2007-07-23 2013-06-12 Fio Corp data associated with biological and environmental test subjects A method and system for collating, storing, analyzing and enabling access to collected and analyzed
US7945482B2 (en) 2007-08-23 2011-05-17 Ebay Inc. Viewing shopping information on a network-based social platform
US7720722B2 (en) 2007-08-23 2010-05-18 Ebay Inc. Sharing shopping information on a network-based social platform
US7925747B2 (en) * 2007-10-18 2011-04-12 Neustar, Inc. System and method for sharing web performance monitoring data
US8347374B2 (en) * 2007-11-15 2013-01-01 Red Hat, Inc. Adding client authentication to networked communications
US8949470B2 (en) * 2007-12-31 2015-02-03 Genesys Telecommunications Laboratories, Inc. Federated access
US8510796B2 (en) * 2008-01-25 2013-08-13 Oracle International Corporation Method for application-to-application authentication via delegation
US20090193507A1 (en) * 2008-01-28 2009-07-30 Wael Ibrahim Authentication messaging service
US8255324B2 (en) * 2008-09-02 2012-08-28 Ebay Inc. Systems and methods for facilitating financial transactions over a network with a gateway adapter
US8112262B1 (en) 2008-09-30 2012-02-07 Interactive TKO, Inc. Service modeling and virtualization
US8145450B2 (en) 2008-12-23 2012-03-27 Novell, Inc. Techniques for distributed testing
US8301690B2 (en) * 2009-02-06 2012-10-30 International Business Machines Corporation Correlator system for web services
US8190757B1 (en) * 2009-03-31 2012-05-29 Symantec Corporation Systems and methods for automatically binding client-side applications with backend services
JP4950369B1 (en) * 2009-04-08 2012-06-13 テレフオンアクチーボラゲット エル エム エリクソン(パブル) Method for privacy management in an identity network, physical entity and computer program therefor
US8296200B2 (en) * 2009-05-21 2012-10-23 Oracle International Corporation Collaborative financial close portal
US8886569B2 (en) * 2009-06-30 2014-11-11 Ebay Inc. System and method for location based mobile commerce
DE102009031817A1 (en) * 2009-07-03 2011-01-05 Charismathics Gmbh Method for display, examination and distribution of digital certificates for use in public key infrastructure, involves evaluating confidential status for certificate of certificate owner
CA2813938A1 (en) * 2009-10-06 2011-04-14 Deloitte Development, Llc Systems and methods for providing and commercially exploiting online persona validation
CA2779276A1 (en) * 2009-10-28 2011-05-05 Ften, Inc. Method and system for monitoring financial market trading activity to establish and track aggregate trading limits based on trading sub-limits assigned by prime brokers for particular trading entities
EP2494512A4 (en) 2009-10-28 2013-08-07 Ften Inc Intraday risk management data cloud system controlling execution of orders
US8909916B2 (en) 2009-11-30 2014-12-09 Red Hat, Inc. Using a PKCS module for opening multiple databases
US8626898B2 (en) * 2009-12-17 2014-01-07 At&T Intellectual Property I, Lp System and method for application alert tracking in an Internet protocol television system
WO2011080762A1 (en) * 2009-12-30 2011-07-07 Infosys Technologies Limited Partner portal solution for financial sector
US20110173052A1 (en) * 2010-01-12 2011-07-14 Bank Of America Corporation Enhanced Knowledge Management
WO2011097161A1 (en) * 2010-02-02 2011-08-11 Ften, Inc. Methods and system for canceling orders for financial articles of trades
US9070146B2 (en) * 2010-02-04 2015-06-30 Playspan Inc. Method and system for authenticating online transactions
US9356991B2 (en) 2010-05-10 2016-05-31 Litera Technology Llc Systems and methods for a bidirectional multi-function communication module
US9037637B2 (en) 2011-02-15 2015-05-19 J.D. Power And Associates Dual blind method and system for attributing activity to a user
US8615517B1 (en) 2011-06-20 2013-12-24 Foto-Kem Industries, Inc. Systems and methods for metadata-based workflows for content creation and media distribution
US9298918B2 (en) 2011-11-30 2016-03-29 Elwha Llc Taint injection and tracking
US9621404B2 (en) 2011-09-24 2017-04-11 Elwha Llc Behavioral fingerprinting with social networking
US9083687B2 (en) 2011-09-24 2015-07-14 Elwha Llc Multi-device behavioral fingerprinting
US9729549B2 (en) 2011-09-24 2017-08-08 Elwha Llc Behavioral fingerprinting with adaptive development
US9825967B2 (en) 2011-09-24 2017-11-21 Elwha Llc Behavioral fingerprinting via social networking interaction
US9298900B2 (en) 2011-09-24 2016-03-29 Elwha Llc Behavioral fingerprinting via inferred personal relation
US9348985B2 (en) 2011-11-23 2016-05-24 Elwha Llc Behavioral fingerprint controlled automatic task determination
US20130133054A1 (en) * 2011-09-24 2013-05-23 Marc E. Davis Relationship Based Trust Verification Schema
US9015860B2 (en) 2011-09-24 2015-04-21 Elwha Llc Behavioral fingerprinting via derived personal relation
US9230089B2 (en) 2012-07-16 2016-01-05 Ebay Inc. User device security manager
WO2013151852A1 (en) 2012-04-01 2013-10-10 Authentify, Inc. Secure authentication in a multi-party system
US20140006781A1 (en) * 2012-06-23 2014-01-02 Pomian & Corella, Llc Encapsulating the complexity of cryptographic authentication in black-boxes
US20140136290A1 (en) * 2012-11-09 2014-05-15 Target Brands, Inc. Vendor management and maintenance system
US9118674B2 (en) 2012-11-26 2015-08-25 Bank Of America Corporation Methods and processes for storing and utilizing state information for service providers
US8898681B1 (en) 2013-02-22 2014-11-25 Ca, Inc. Mainframe virtualization
US9558105B2 (en) 2013-03-15 2017-01-31 Ca, Inc. Transactional boundaries for virtual model generation
US9032505B1 (en) 2013-03-15 2015-05-12 Wells Fargo Bank, N.A. Creating secure connections between distributed computing devices
US10122656B2 (en) 2013-08-05 2018-11-06 Oath Inc. Systems and methods for managing electronic communications
US10025839B2 (en) 2013-11-29 2018-07-17 Ca, Inc. Database virtualization
US9602541B2 (en) * 2014-03-06 2017-03-21 Facebook, Inc. Granting permission to act on behalf of a user in a social networking system
US9727314B2 (en) 2014-03-21 2017-08-08 Ca, Inc. Composite virtual services
US9531609B2 (en) 2014-03-23 2016-12-27 Ca, Inc. Virtual service automation
US9595023B1 (en) 2014-05-21 2017-03-14 Plaid Technologies, Inc. System and method for facilitating programmatic verification of transactions
US9449346B1 (en) 2014-05-21 2016-09-20 Plaid Technologies, Inc. System and method for programmatically accessing financial data
AP2017009835A0 (en) * 2014-08-29 2017-03-31 Ruan & Riana Familie Trust System and method for electronic payments
US9477454B2 (en) 2015-02-12 2016-10-25 Ca, Inc. Automated software deployment
US10003591B2 (en) 2015-09-08 2018-06-19 Plaid Technologies, Inc. Secure permissioning of access to user accounts, including secure deauthorization of access to user accounts
US10296445B2 (en) 2015-09-13 2019-05-21 Ca, Inc. Automated system documentation generation
US10628420B2 (en) 2015-12-18 2020-04-21 Ca, Inc. Dynamic virtual service
US10726491B1 (en) 2015-12-28 2020-07-28 Plaid Inc. Parameter-based computer evaluation of user accounts based on user account data stored in one or more databases
US10984468B1 (en) 2016-01-06 2021-04-20 Plaid Inc. Systems and methods for estimating past and prospective attribute values associated with a user account
US9886365B2 (en) 2016-01-07 2018-02-06 Ca, Inc. Transactional boundaries for software system debugging
US10154098B2 (en) 2016-01-07 2018-12-11 Ca, Inc. Transactional boundaries for software system profiling
US9983856B2 (en) 2016-01-08 2018-05-29 Ca, Inc. Transaction flow visualization
US10341214B2 (en) 2016-03-30 2019-07-02 Ca, Inc. Scenario coverage in test generation
US9946639B2 (en) 2016-03-30 2018-04-17 Ca, Inc. Transactional boundaries for virtualization within a software system
US9898390B2 (en) 2016-03-30 2018-02-20 Ca, Inc. Virtual service localization
US10114736B2 (en) 2016-03-30 2018-10-30 Ca, Inc. Virtual service data set generation
US10394583B2 (en) 2016-03-31 2019-08-27 Ca, Inc. Automated model generation for a software system
US10069958B1 (en) 2017-07-20 2018-09-04 Bank Of America Corporation Dynamic mobile authorization advancement system
US11468085B2 (en) 2017-07-22 2022-10-11 Plaid Inc. Browser-based aggregation
US10878421B2 (en) 2017-07-22 2020-12-29 Plaid Inc. Data verified deposits
EP3484097A1 (en) * 2017-11-08 2019-05-15 Siemens Aktiengesellschaft Method and validating device for validating a digital certificate
US10616230B2 (en) * 2018-01-23 2020-04-07 Salesforce.Com, Inc. Managing authorization tokens for calling third-party vendors
US10616352B2 (en) * 2018-01-24 2020-04-07 Salesforce.Com, Inc. Integrating third-party vendors' APIs
US10628599B2 (en) * 2018-02-14 2020-04-21 Fmr Llc Generating and deploying customized software containers
UA126387U (en) * 2018-03-22 2018-06-11 Єлизавета Валеріївна Лапіна SYSTEM OF COLLECTION, STORAGE AND SECURED TRANSMISSION OF DATA FOR VERIFICATION OF USE OF SPECIALISTS ON SPECIALIZED PORTS
US11316862B1 (en) 2018-09-14 2022-04-26 Plaid Inc. Secure authorization of access to user accounts by one or more authorization mechanisms
US11455571B2 (en) 2019-06-14 2022-09-27 Bank Of America Corporation Data structure tool
US11086991B2 (en) 2019-08-07 2021-08-10 Advanced New Technologies Co., Ltd. Method and system for active risk control based on intelligent interaction
US11171879B2 (en) * 2020-01-02 2021-11-09 Wipro Limited System and method of sharing edge computing resources
US11710181B1 (en) 2020-01-10 2023-07-25 Cboe Exchange, Inc. Exchange risk controls
US11887069B2 (en) 2020-05-05 2024-01-30 Plaid Inc. Secure updating of allocations to user accounts
US11327960B1 (en) 2020-10-16 2022-05-10 Plaid Inc. Systems and methods for data parsing

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030004894A1 (en) * 1996-04-26 2003-01-02 Rowney Kevin T. B. System, method and article of manufacture for secure network electronic payment and credit collection
US20030095726A1 (en) * 1999-05-25 2003-05-22 Silverbrook Kia Sensing device for sensing coded marks
US6598027B1 (en) * 1999-11-16 2003-07-22 Xs, Inc. Systems, methods and computer program products for conducting regulation-compliant commercial transactions of regulated goods via a computer network
US20040128257A1 (en) * 2001-03-28 2004-07-01 Okamoto Steve Atsushi Method and apparatus for administering one or more value bearing instruments

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5812670A (en) * 1995-12-28 1998-09-22 Micali; Silvio Traceable anonymous transactions
US5850442A (en) 1996-03-26 1998-12-15 Entegrity Solutions Corporation Secure world wide electronic commerce over an open network
US5815665A (en) * 1996-04-03 1998-09-29 Microsoft Corporation System and method for providing trusted brokering services over a distributed network
EP1097425A1 (en) * 1998-06-19 2001-05-09 Protx Limited Verified payment system
AU4607801A (en) * 1999-10-28 2001-05-08 Brivo Systems, Inc. System and method for providing access to an unattended storage device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030004894A1 (en) * 1996-04-26 2003-01-02 Rowney Kevin T. B. System, method and article of manufacture for secure network electronic payment and credit collection
US20030095726A1 (en) * 1999-05-25 2003-05-22 Silverbrook Kia Sensing device for sensing coded marks
US6598027B1 (en) * 1999-11-16 2003-07-22 Xs, Inc. Systems, methods and computer program products for conducting regulation-compliant commercial transactions of regulated goods via a computer network
US20040128257A1 (en) * 2001-03-28 2004-07-01 Okamoto Steve Atsushi Method and apparatus for administering one or more value bearing instruments

Cited By (178)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8538844B1 (en) 1998-12-23 2013-09-17 Jpmorgan Chase Bank, N.A. System and method for integrating trading operations including the generation, processing and tracking of and trade documents
US20020083153A1 (en) * 2000-08-08 2002-06-27 Sweatt Millard E. Method and system for remote television replay control
US20020087661A1 (en) * 2000-08-08 2002-07-04 Matichuk Chris E. One click web records
US9171851B2 (en) 2000-08-08 2015-10-27 The Directv Group, Inc. One click web records
US10320503B2 (en) 2000-08-08 2019-06-11 The Directv Group, Inc. Method and system for remote television replay control
US20020038358A1 (en) * 2000-08-08 2002-03-28 Sweatt Millard E. Method and system for remote television replay control
US9654238B2 (en) 2000-08-08 2017-05-16 The Directv Group, Inc. Method and system for remote television replay control
US10390074B2 (en) 2000-08-08 2019-08-20 The Directv Group, Inc. One click web records
US8949374B2 (en) 2000-08-08 2015-02-03 The Directv Group, Inc. Method and system for remote television replay control
US7917602B2 (en) * 2000-08-08 2011-03-29 The Directv Group, Inc. Method and system for remote television replay control
US7328276B2 (en) * 2000-12-18 2008-02-05 Coranet Solutions, Llc Computer oriented record administration system
US20020083192A1 (en) * 2000-12-18 2002-06-27 Cora Alisuag Computer oriented record administration system
US10380374B2 (en) 2001-04-20 2019-08-13 Jpmorgan Chase Bank, N.A. System and method for preventing identity theft or misuse by restricting access
US8849716B1 (en) 2001-04-20 2014-09-30 Jpmorgan Chase Bank, N.A. System and method for preventing identity theft or misuse by restricting access
US8160960B1 (en) 2001-06-07 2012-04-17 Jpmorgan Chase Bank, N.A. System and method for rapid updating of credit information
US8185940B2 (en) 2001-07-12 2012-05-22 Jpmorgan Chase Bank, N.A. System and method for providing discriminated content to network users
US7690027B2 (en) * 2001-11-28 2010-03-30 Telenor Asa Method for registering and enabling PKI functionalities
US20050086496A1 (en) * 2001-11-28 2005-04-21 Leif Sandberg Method for registering and enabling pki functionalities
US7987501B2 (en) 2001-12-04 2011-07-26 Jpmorgan Chase Bank, N.A. System and method for single session sign-on
US8707410B2 (en) 2001-12-04 2014-04-22 Jpmorgan Chase Bank, N.A. System and method for single session sign-on
US20030105981A1 (en) * 2001-12-04 2003-06-05 Miller Lawrence R. System and method for single session sign-on
US20040070616A1 (en) * 2002-06-02 2004-04-15 Hildebrandt Peter W. Electronic whiteboard
US7596692B2 (en) * 2002-06-05 2009-09-29 Microsoft Corporation Cryptographic audit
US20030229781A1 (en) * 2002-06-05 2003-12-11 Fox Barbara Lynch Cryptographic audit
US20040030888A1 (en) * 2002-08-08 2004-02-12 Roh Jong Hyuk Method of validating certificate by certificate validation server using certificate policies and certificate policy mapping in public key infrastructure
US7478236B2 (en) * 2002-08-08 2009-01-13 Electronics And Telecommunications Research Institute Method of validating certificate by certificate validation server using certificate policies and certificate policy mapping in public key infrastructure
US8301493B2 (en) 2002-11-05 2012-10-30 Jpmorgan Chase Bank, N.A. System and method for providing incentives to consumers to share information
US7353512B2 (en) * 2003-09-29 2008-04-01 International Business Machines Corporation Mobile applications and content provisioning using web services technology
US20050071448A1 (en) * 2003-09-29 2005-03-31 International Business Machines Corporation Mobile application and content provisioning using web services technology
US7890751B1 (en) * 2003-12-03 2011-02-15 Comtech Ef Data Corp Method and system for increasing data access in a secure socket layer network environment
US20080195579A1 (en) * 2004-03-19 2008-08-14 Kennis Peter H Methods and systems for extraction of transaction data for compliance monitoring
US8694347B2 (en) 2004-03-19 2014-04-08 Oversight Technologies, Inc. Extraction of transaction data for compliance monitoring
US20110208663A1 (en) * 2004-03-19 2011-08-25 Kennis Peter H Extraction of transaction data for compliance monitoring
US8959480B2 (en) 2004-05-26 2015-02-17 Pegasystems Inc. Methods and apparatus for integration of declarative rule-based processing with procedural programming in a digital data-processing environment
US8479157B2 (en) 2004-05-26 2013-07-02 Pegasystems Inc. Methods and apparatus for integration of declarative rule-based processing with procedural programming in a digital data-processing evironment
US8335704B2 (en) 2005-01-28 2012-12-18 Pegasystems Inc. Methods and apparatus for work management and routing
US20060277092A1 (en) * 2005-06-03 2006-12-07 Credigy Technologies, Inc. System and method for a peer to peer exchange of consumer information
US20070260556A1 (en) * 2005-06-06 2007-11-08 Michael Pousti System and method for verification of identity for transactions
US8073774B2 (en) 2005-06-06 2011-12-06 Sms.Ac, Inc. Billing system and method for micro-transactions
US20060276171A1 (en) * 2005-06-06 2006-12-07 Sms.Ac, Inc. Billing system and method for micro-transactions
US20070123229A1 (en) * 2005-09-07 2007-05-31 Sms.Ac, Inc. Automated billing and distribution platform for application providers
US7826822B2 (en) 2005-09-07 2010-11-02 Sms.Ac, Inc. Automated billing and distribution platform for application providers
US7826829B2 (en) 2005-09-07 2010-11-02 Sms.Ac, Inc. Automated billing and distribution platform for application providers
US20100130163A1 (en) * 2005-09-07 2010-05-27 Sms.Ac, Inc. Automated billing and distribution platform for application providers
US20100017891A1 (en) * 2005-09-26 2010-01-21 Heiko Thierbach Method of Controlling a Browser Window
US8812697B2 (en) * 2005-09-26 2014-08-19 Koninklijke Kpn N.V. Method of controlling a browser window
US8560456B2 (en) * 2005-12-02 2013-10-15 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070162377A1 (en) * 2005-12-23 2007-07-12 Credigy Technologies, Inc. System and method for an online exchange of private data
US8219808B2 (en) * 2005-12-28 2012-07-10 Bce Inc. Session-based public key infrastructure
US20080028206A1 (en) * 2005-12-28 2008-01-31 Bce Inc. Session-based public key infrastructure
US7984298B2 (en) * 2006-01-24 2011-07-19 Huawei Technologies Co., Ltd. Method, system and authentication centre for authenticating in end-to-end communications based on a mobile network
US8468353B2 (en) * 2006-01-24 2013-06-18 Huawei Technologies Co., Ltd. Method, system and authentication centre for authenticating in end-to-end communications based on a mobile network
US20110258447A1 (en) * 2006-01-24 2011-10-20 Huawei Technologies Co., Ltd. Method, system and authentication centre for authenticating in end-to-end communications based on a mobile network
US20080178004A1 (en) * 2006-01-24 2008-07-24 Huawei Technologies Co., Ltd. Method, system and authentication centre for authenticating in end-to-end communications based on a mobile network
US8090699B2 (en) 2006-03-08 2012-01-03 Sms.Ac, Inc. Automatic generation of application pod
US20070266034A1 (en) * 2006-03-08 2007-11-15 Michael Pousti Automatic generation of application pod
US20080287095A1 (en) * 2006-03-20 2008-11-20 Sms.Ac Systems and methods for generation, registration and mobile phone billing of a network-enabled application with one-time opt-in
US8924335B1 (en) 2006-03-30 2014-12-30 Pegasystems Inc. Rule-based user interface conformance methods
US10838569B2 (en) 2006-03-30 2020-11-17 Pegasystems Inc. Method and apparatus for user interface non-conformance detection and correction
US9658735B2 (en) 2006-03-30 2017-05-23 Pegasystems Inc. Methods and apparatus for user interface optimization
US20090132232A1 (en) * 2006-03-30 2009-05-21 Pegasystems Inc. Methods and apparatus for implementing multilingual software applications
US20080052373A1 (en) * 2006-05-01 2008-02-28 Sms.Ac Systems and methods for a community-based user interface
US20090024614A1 (en) * 2006-09-06 2009-01-22 Sms.Ac Systems and methods for online content searching
WO2008067313A3 (en) * 2006-11-27 2009-04-09 Sms Ac System and method for verification of identity for transactions
WO2008067313A2 (en) * 2006-11-27 2008-06-05 Sms.Ac System and method for verification of identity for transactions
US20100076955A1 (en) * 2006-12-19 2010-03-25 Koninklijke Kpn N.V. The Hague, The Netherlands Data network service based on profiling client-addresses
US8250525B2 (en) 2007-03-02 2012-08-21 Pegasystems Inc. Proactive performance management for multi-user enterprise software systems
US9189361B2 (en) 2007-03-02 2015-11-17 Pegasystems Inc. Proactive performance management for multi-user enterprise software systems
US20080261561A1 (en) * 2007-04-20 2008-10-23 Telefonaktiebolaget Lm Ericsson (Publ) Secure Soft SIM Credential Transfer
US8712474B2 (en) 2007-04-20 2014-04-29 Telefonaktiebolaget L M Ericsson (Publ) Secure soft SIM credential transfer
US8527757B2 (en) * 2007-06-22 2013-09-03 Gemalto Sa Method of preventing web browser extensions from hijacking user information
US20100235637A1 (en) * 2007-06-22 2010-09-16 Gemalto, Sa Method of Preventing Web Browser Extensions from Hijacking User Information
US20090100261A1 (en) * 2007-09-28 2009-04-16 Hirokazu Aoshima Method and system for mediation of authentication within a communication network
US8091035B2 (en) * 2007-11-08 2012-01-03 International Business Machines Corporation System and method for sharing data
US20090125817A1 (en) * 2007-11-08 2009-05-14 International Business Machines Corporation System and method for sharing data
US8560847B2 (en) * 2007-12-03 2013-10-15 China Iwncomm Co., Ltd. Light access authentication method and system
US20100313012A1 (en) * 2007-12-03 2010-12-09 China Iwncomm Co., Ltd. light access authentication method and system
US9237167B1 (en) * 2008-01-18 2016-01-12 Jpmorgan Chase Bank, N.A. Systems and methods for performing network counter measures
US20110202985A1 (en) * 2008-10-23 2011-08-18 Fujitsu Limited Authentication system, authentication server, and sub-authentication server
US8782760B2 (en) * 2008-10-23 2014-07-15 Fujitsu Limited Authentication system, authentication server, and sub-authentication server
US9621341B2 (en) * 2008-11-26 2017-04-11 Microsoft Technology Licensing, Llc Anonymous verifiable public key certificates
US20100131765A1 (en) * 2008-11-26 2010-05-27 Microsoft Corporation Anonymous verifiable public key certificates
US20100190497A1 (en) * 2008-12-11 2010-07-29 Christopher David Pudney Telecommunications network access rejection
US8565764B2 (en) * 2008-12-11 2013-10-22 Vodafone Intellectual Property Licensing Limited Telecommunications network access rejection
US20100235623A1 (en) * 2009-03-11 2010-09-16 Wic Cdn Inc. Methods and systems for identity verification
US8572681B2 (en) 2009-03-11 2013-10-29 Wic Cdn Inc. Methods and systems for identity verification
US10467200B1 (en) 2009-03-12 2019-11-05 Pegasystems, Inc. Techniques for dynamic data processing
US9678719B1 (en) 2009-03-30 2017-06-13 Pegasystems Inc. System and software for creation and modification of software
US9576140B1 (en) * 2009-07-01 2017-02-21 Dell Products L.P. Single sign-on system for shared resource environments
US8850218B2 (en) 2009-09-04 2014-09-30 Ca, Inc. OTP generation using a camouflaged key
US9003187B2 (en) * 2009-10-29 2015-04-07 Nec Europe Ltd. Method for supporting a reputation mechanism in a network and network
US20120260092A1 (en) * 2009-10-29 2012-10-11 Nec Europe Ltd. Method for supporting a reputation mechanism in a network and network
US20110113237A1 (en) * 2009-11-06 2011-05-12 Arcot Systems, Inc. Key camouflaging method using a machine identifier
US8533460B2 (en) * 2009-11-06 2013-09-10 Computer Associates Think, Inc. Key camouflaging method using a machine identifier
US8843757B2 (en) 2009-11-12 2014-09-23 Ca, Inc. One time PIN generation
US20110113245A1 (en) * 2009-11-12 2011-05-12 Arcot Systems, Inc. One time pin generation
US20110145899A1 (en) * 2009-12-10 2011-06-16 Verisign, Inc. Single Action Authentication via Mobile Devices
US8095793B1 (en) * 2009-12-30 2012-01-10 In-Circuit Solutions Inc. Digital rights management apparatus and method
US11838324B2 (en) 2010-03-30 2023-12-05 Authentic8, Inc. Secure web container for a secure online user environment
US11044275B2 (en) * 2010-03-30 2021-06-22 Authentic8, Inc. Secure web container for a secure online user environment
US8848608B1 (en) 2011-01-14 2014-09-30 Cisco Technology, Inc. System and method for wireless interface selection and for communication and access control of subsystems, devices, and data in a vehicular environment
US10979875B2 (en) 2011-01-14 2021-04-13 Cisco Technology, Inc. System and method for wireless interface selection and for communication and access control of subsystems, devices, and data in a vehicular environment
US8718797B1 (en) 2011-01-14 2014-05-06 Cisco Technology, Inc. System and method for establishing communication channels between on-board unit of vehicle and plurality of nodes
US8863256B1 (en) 2011-01-14 2014-10-14 Cisco Technology, Inc. System and method for enabling secure transactions using flexible identity management in a vehicular environment
US8989954B1 (en) 2011-01-14 2015-03-24 Cisco Technology, Inc. System and method for applications management in a networked vehicular environment
US10117066B2 (en) 2011-01-14 2018-10-30 Cisco Technology, Inc. System and method for wireless interface selection and for communication and access control of subsystems, devices, and data in a vehicular environment
US9036509B1 (en) 2011-01-14 2015-05-19 Cisco Technology, Inc. System and method for routing, mobility, application services, discovery, and sensing in a vehicular network environment
US9083581B1 (en) 2011-01-14 2015-07-14 Cisco Technology, Inc. System and method for providing resource sharing, synchronizing, media coordination, transcoding, and traffic management in a vehicular environment
US9860709B2 (en) 2011-01-14 2018-01-02 Cisco Technology, Inc. System and method for real-time synthesis and performance enhancement of audio/video data, noise cancellation, and gesture based user interfaces in a vehicular environment
US8514825B1 (en) 2011-01-14 2013-08-20 Cisco Technology, Inc. System and method for enabling a vehicular access network in a vehicular environment
US9154900B1 (en) 2011-01-14 2015-10-06 Cisco Technology, Inc. System and method for transport, network, translation, and adaptive coding in a vehicular network environment
US9888363B2 (en) 2011-01-14 2018-02-06 Cisco Technology, Inc. System and method for applications management in a networked vehicular environment
US8705527B1 (en) 2011-01-14 2014-04-22 Cisco Technology, Inc. System and method for internal networking, data optimization and dynamic frequency selection in a vehicular environment
US8903593B1 (en) 2011-01-14 2014-12-02 Cisco Technology, Inc. System and method for analyzing vehicular behavior in a network environment
US9654937B2 (en) 2011-01-14 2017-05-16 Cisco Technology, Inc. System and method for routing, mobility, application services, discovery, and sensing in a vehicular network environment
US9277370B2 (en) 2011-01-14 2016-03-01 Cisco Technology, Inc. System and method for internal networking, data optimization and dynamic frequency selection in a vehicular environment
US9270743B2 (en) 2011-02-18 2016-02-23 Pegasystems Inc. Systems and methods for distributed rules processing
US8880487B1 (en) 2011-02-18 2014-11-04 Pegasystems Inc. Systems and methods for distributed rules processing
US20140189796A1 (en) * 2011-09-27 2014-07-03 Nomura Research Institute, Ltd. Group definition management system
US9858399B2 (en) * 2011-09-27 2018-01-02 Rakuten, Inc. Group definition management system
US20140230036A1 (en) * 2011-10-23 2014-08-14 Gopal Nandakumar Authentication Method
US8713656B2 (en) * 2011-10-23 2014-04-29 Gopal Nandakumar Authentication method
US8800014B2 (en) 2011-10-23 2014-08-05 Gopal Nandakumar Authentication method
US8566957B2 (en) * 2011-10-23 2013-10-22 Gopal Nandakumar Authentication system
US9112847B2 (en) * 2011-10-23 2015-08-18 Textile Computer Systems, Inc. Authentication method
US8505079B2 (en) * 2011-10-23 2013-08-06 Gopal Nandakumar Authentication system and related method
US8533802B2 (en) * 2011-10-23 2013-09-10 Gopal Nandakumar Authentication system and related method
US8811177B1 (en) 2011-11-03 2014-08-19 Jpmorgan Chase Bank, N.A. Method and system for implementing a network analysis tool for endpoints deployments
US10069706B1 (en) 2011-11-03 2018-09-04 Jpmorgan Chase Bank, N.A. Method and system for implementing a network analysis tool for endpoints deployments
US9195936B1 (en) 2011-12-30 2015-11-24 Pegasystems Inc. System and method for updating or modifying an application without manual coding
US10572236B2 (en) 2011-12-30 2020-02-25 Pegasystems, Inc. System and method for updating or modifying an application without manual coding
CN102625159A (en) * 2012-02-23 2012-08-01 深圳市龙视传媒有限公司 Closed loop-type security authentication method for business system portals and system adopting same
US8838634B1 (en) * 2012-03-30 2014-09-16 Emc Corporation Custom user parallel data import and export
CN105052071A (en) * 2013-03-15 2015-11-11 惠普发展公司,有限责任合伙企业 Sending encrypted data to a service provider
US10397201B2 (en) 2013-03-15 2019-08-27 Entit Software Llc Sending encrypted data to a service provider
WO2014142996A1 (en) * 2013-03-15 2014-09-18 Hewlett-Packard Development Company, L.P. Sending encrypted data to a service provider
US10970702B2 (en) 2013-07-15 2021-04-06 Mastercard International Incorporated Systems and methods for facilitating multi-party payment transactions
US10198723B2 (en) 2013-07-15 2019-02-05 Mastercard International Incorporated Systems and methods for facilitating multi-party payment transactions
US20150058218A1 (en) * 2013-08-26 2015-02-26 Xiaoxiong ZHANG Transaction Processing Method and Apparatus
US10438193B2 (en) * 2013-08-26 2019-10-08 Xiaoxiong ZHANG Transaction processing method and apparatus
US10701116B2 (en) 2013-11-27 2020-06-30 At&T Intellectual Property I, L.P. Method, computer-readable storage device and apparatus for establishing persistent messaging sessions
US10148710B2 (en) 2013-11-27 2018-12-04 At&T Intellectual Property I, L.P. Method, computer-readable storage device and apparatus for establishing persistent messaging sessions
US20150271343A1 (en) * 2014-03-20 2015-09-24 Infosys Limited Methods and systems for providing telecommunication services from disparate telecommunication service providers
US9438749B2 (en) * 2014-03-20 2016-09-06 Infosys Limited Methods and systems for providing telecommunication services from disparate telecommunication service providers
US10504148B2 (en) 2014-05-23 2019-12-10 Qualcomm Incorporated Peer-to-peer relaying of discovery information
US20150341794A1 (en) * 2014-05-23 2015-11-26 Qualcomm Incorporated Secure relay of discovery information in wireless networks
US11562397B2 (en) 2014-05-23 2023-01-24 Qualcomm Incorporated Peer-to-peer relaying of discovery information
US11159941B2 (en) 2014-05-23 2021-10-26 Qualcomm Incorporated Secure relay of discovery information in wireless networks
US10142847B2 (en) * 2014-05-23 2018-11-27 Qualcomm Incorporated Secure relay of discovery information in wireless networks
CN104270359A (en) * 2014-09-25 2015-01-07 同济大学 Credibility certification system and method for network transaction
US11057313B2 (en) 2014-10-10 2021-07-06 Pegasystems Inc. Event processing with enhanced throughput
US10469396B2 (en) 2014-10-10 2019-11-05 Pegasystems, Inc. Event processing with enhanced throughput
US10316154B2 (en) 2014-12-09 2019-06-11 Arkema Inc. Compositions and methods for crosslinking polymers in the presence of atmospheric oxygen
US10717829B2 (en) 2014-12-09 2020-07-21 Arkema Inc. Compositions and methods for crosslinking polymers in the presence of atmospheric oxygen
US9900160B1 (en) 2015-12-03 2018-02-20 Amazon Technologies, Inc. Asymmetric session credentials
US11671425B2 (en) 2015-12-03 2023-06-06 Amazon Technologies, Inc. Cross-region requests
US10182044B1 (en) 2015-12-03 2019-01-15 Amazon Technologies, Inc. Personalizing global session identifiers
US10680827B2 (en) 2015-12-03 2020-06-09 Amazon Technologies, Inc. Asymmetric session credentials
US10277569B1 (en) * 2015-12-03 2019-04-30 Amazon Technologies, Inc. Cross-region cache of regional sessions
US9894067B1 (en) 2015-12-03 2018-02-13 Amazon Technologies, Inc. Cross-region roles
US10701071B2 (en) 2015-12-03 2020-06-30 Amazon Technologies, Inc. Cross-region requests
US10698599B2 (en) 2016-06-03 2020-06-30 Pegasystems, Inc. Connecting graphical shapes using gestures
US10698647B2 (en) 2016-07-11 2020-06-30 Pegasystems Inc. Selective sharing for collaborative application usage
JP6219459B1 (en) * 2016-07-27 2017-10-25 株式会社三菱東京Ufj銀行 Contract conclusion server used for conclusion of electronic contract and method of conclusion of electronic contract
JP2018018238A (en) * 2016-07-27 2018-02-01 株式会社三菱東京Ufj銀行 Contract server used for concluding electronic contract and method for concluding electronic contract
WO2019012320A1 (en) * 2017-07-09 2019-01-17 Alsaifi Abdullah Rashid Certification system
US20190014105A1 (en) * 2017-07-09 2019-01-10 Abdullah Rashid Alsaifi Certification System
US10841294B2 (en) * 2017-07-09 2020-11-17 Abdullah Rashid Alsaifi Certification system
JP2018018536A (en) * 2017-09-27 2018-02-01 株式会社三菱東京Ufj銀行 Contract server used for concluding electronic contract and method for concluding electronic contract
US11048488B2 (en) 2018-08-14 2021-06-29 Pegasystems, Inc. Software code optimizer and method
WO2020055401A1 (en) * 2018-09-12 2020-03-19 Visa International Service Association Checkout with mac
US11700129B2 (en) 2019-11-13 2023-07-11 Capital One Services, Llc Systems and methods for tokenized data delegation and protection
US10735198B1 (en) 2019-11-13 2020-08-04 Capital One Services, Llc Systems and methods for tokenized data delegation and protection
CN111275517A (en) * 2020-01-14 2020-06-12 拉扎斯网络科技(上海)有限公司 Link information display method and device, storage medium and terminal
US11567945B1 (en) 2020-08-27 2023-01-31 Pegasystems Inc. Customized digital content generation systems and methods
US11606350B2 (en) 2020-09-15 2023-03-14 The Toronto-Dominion Bank Initiating provisioning of an existing account based on an unauthenticated request
WO2022131932A1 (en) * 2020-12-17 2022-06-23 Xero Limited Systems and methods for matching entities

Also Published As

Publication number Publication date
US6957199B1 (en) 2005-10-18

Similar Documents

Publication Publication Date Title
US6957199B1 (en) Method, system and service for conducting authenticated business transactions
CN111095327B (en) System and method for verifying verifiable claims
US8195569B2 (en) E-bazaar featuring personal information security
US6223291B1 (en) Secure wireless electronic-commerce system with digital product certificates and digital license certificates
US6463534B1 (en) Secure wireless electronic-commerce system with wireless network domain
US6539093B1 (en) Key ring organizer for an electronic business using public key infrastructure
US20070277013A1 (en) Method for transmitting protected information to a plurality of recipients
JP2008529136A (en) Method and system for performing data exchange on financial transactions over public networks
US7342918B2 (en) Transaction card information access web service
US20020162003A1 (en) System and method for providing trusted browser verification
WO1998003927A9 (en) Personal information security and exchange tool
CN111460457A (en) Real estate property registration supervision method, device, electronic equipment and storage medium
KR20080094000A (en) Method and apparatus for establishing peer-to-peer karma and trust
Balfe et al. Securing peer-to-peer networks using trusted computing
EP1170926A2 (en) Personal information security and exchange tool
Karjoth Secure mobile agent-based merchant brokering in distributed marketplaces
Kuntze et al. Trusted ticket systems and applications
Yeh et al. Applying lightweight directory access protocol service on session certification authority
KR100781610B1 (en) Method of improving security in electronic transactions
JPH11203323A (en) Method for managing electronic commercial transaction information and computer readable recording medium for recording information management client program
Hazari Challenges of implementing public key infrastructure in Netcentric enterprises
US8275670B2 (en) Electronic sales and contracting
Li A hybrid peer-to-peer framework for supply chain visibility
Carbonell et al. Security analysis of a new multi-party payment protocol with intermediary service.
Ruiz et al. Speed protocol: Smartcard-based payment with encrypted electronic delivery

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION