Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Method for reciprocal negotiation of trust between fixed token endpoints

IP.com Disclosure Number: IPCOM000012342D
Publication Date: 2003-Apr-30
Document File: 5 page(s) / 62K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method for reciprocal negotiation of trust between fixed token endpoints. Benefits include improved functionality and improved security.

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 42% of the total text.

Method for reciprocal negotiation of trust between fixed token endpoints

Disclosed is a method for reciprocal negotiation of trust between fixed token endpoints. Benefits include improved functionality and improved security.

Background

        � � � � � Conventional security mechanisms establish trust in individual users/systems and rely on them to use technology in appropriate ways in support of security policies.

        � � � � � Conventional approaches do not perform reciprocal negotiation. Both parties do not establish base trust first in the fixed token (FT) and extend it to other platform components. The security apparatus is not conventionally integrated with the identity creation protocol.

        � � � � � The first entity, called the agent, possesses sensitive information (SI). The second entity, called the attester, is the party to which the agent must disclose the SI to establish trust. Conventionally, the attester does not participate using a fixed token. Therefore, the agent is unable to specify hardware conditions in which disclosure of privacy-sensitive information is contained on the agent platform.

        � � � � � Additionally, protocols that disclose agent private information rely on external channels to communicate encryption key values. These channels are outside the control of the agent and require additional effort on behalf of the attester to correlate agent key values.

General description

        � � � � � The disclosed method enables two parties to establish trust in the computing machinery before other information and privileges are communicated. This approach increases opportunities for automation of negotiation safe and acceptable endpoint configurations. Establishment of safe endpoints provides underwriters of risk leeway in increasing transaction value without increasing risk.

        � � � � � The protocol is reciprocally applied to both parties allowing both sides the opportunity to evaluate acceptable risk.

Advantages

        � � � � � The disclosed method provides advantages, including:

•        � � � � Improved functionality due to reciprocal negotiation

•        � � � � Improved security due to reciprocal negotiation

Detailed description

        � � � � � The disclosed method involves two distributed entities each composed of a fixed token apparatus and software running on a general-purpose computing device. A third entity, the repository, stores and manages data that is common to both entities, but plays no significant role in trust negotiation (see Figure 1).

        � � � � � With the disclosed method, the agent’s information resides on a fixed token. The agent must build a dossier about the attester (software and hardware) and evaluate the risk to privacy from disclosing the SI. Likewise, the attester must build a dossier on the agent (software and hardware) and evaluate the risk to security from extending privileges to the agent.

        � � � � � The agent manages risk by controlling disclosure of the SI, which contains unique cryptographic identities that could be used to obtain per...