PARAMETER BASED KEY DERIVATION AND RESOURCE ACCESS DELEGATION
A computer-implemented method is provided. The method comprises: generating a signing key by performing at least: obtaining a key that is a shared secret between a client device and a computer system of a service; deriving, based at least in part on the shared secret and information indicating a dat...
Gespeichert in:
| Hauptverfasser: | , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng ; fre ; ger |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | O'NEILL, Kevin Ross ROTH, Gregory B FITCH, Nathan R CRAHEN, Eric D ILAC, Christian M BEHM, Bradley Jeffery BRANDWINE, Eric Jason |
| description | A computer-implemented method is provided. The method comprises: generating a signing key by performing at least: obtaining a key that is a shared secret between a client device and a computer system of a service; deriving, based at least in part on the shared secret and information indicating a date on which use of the signing key is to be restricted, a date key whose use is limited to the date; deriving, based at least in part on the date key and information indicating a region in which use of the signing key is to be restricted, a region key whose use is restricted to both the date and the region; and deriving, based at least in part on the region key and information indicating a service to which use of the signing key is to be restricted, a service key whose use is restricted to the date, the region, and the service; obtaining, at the computer system of the service, a canonicalized message from the client device and a first digital signature; deriving, at the computer system of the service, a second digital signature based at least in part on the canonicalized message and the signing key; and determining, at the computer system of the service, that the canonicalized message is authentic as a result of the first digital signature matching the second digital signature. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_EP3742300A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>EP3742300A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_EP3742300A13</originalsourceid><addsrcrecordid>eNrjZLANcAxy9HUNcQ1ScHIMdnVR8HaNVHBxDfIMcwzx9PdTcPRzUQhyDfYPDXJ2VXB0dnYNDgZK-7i6g6V5GFjTEnOKU3mhNDeDgptriLOHbmpBfnxqcUFicmpeakm8a4CxuYmRsYGBo6ExEUoAydspOQ</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>PARAMETER BASED KEY DERIVATION AND RESOURCE ACCESS DELEGATION</title><source>esp@cenet</source><creator>O'NEILL, Kevin Ross ; ROTH, Gregory B ; FITCH, Nathan R ; CRAHEN, Eric D ; ILAC, Christian M ; BEHM, Bradley Jeffery ; BRANDWINE, Eric Jason</creator><creatorcontrib>O'NEILL, Kevin Ross ; ROTH, Gregory B ; FITCH, Nathan R ; CRAHEN, Eric D ; ILAC, Christian M ; BEHM, Bradley Jeffery ; BRANDWINE, Eric Jason</creatorcontrib><description>A computer-implemented method is provided. The method comprises: generating a signing key by performing at least: obtaining a key that is a shared secret between a client device and a computer system of a service; deriving, based at least in part on the shared secret and information indicating a date on which use of the signing key is to be restricted, a date key whose use is limited to the date; deriving, based at least in part on the date key and information indicating a region in which use of the signing key is to be restricted, a region key whose use is restricted to both the date and the region; and deriving, based at least in part on the region key and information indicating a service to which use of the signing key is to be restricted, a service key whose use is restricted to the date, the region, and the service; obtaining, at the computer system of the service, a canonicalized message from the client device and a first digital signature; deriving, at the computer system of the service, a second digital signature based at least in part on the canonicalized message and the signing key; and determining, at the computer system of the service, that the canonicalized message is authentic as a result of the first digital signature matching the second digital signature.</description><language>eng ; fre ; ger</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20201125&DB=EPODOC&CC=EP&NR=3742300A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76419</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20201125&DB=EPODOC&CC=EP&NR=3742300A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>O'NEILL, Kevin Ross</creatorcontrib><creatorcontrib>ROTH, Gregory B</creatorcontrib><creatorcontrib>FITCH, Nathan R</creatorcontrib><creatorcontrib>CRAHEN, Eric D</creatorcontrib><creatorcontrib>ILAC, Christian M</creatorcontrib><creatorcontrib>BEHM, Bradley Jeffery</creatorcontrib><creatorcontrib>BRANDWINE, Eric Jason</creatorcontrib><title>PARAMETER BASED KEY DERIVATION AND RESOURCE ACCESS DELEGATION</title><description>A computer-implemented method is provided. The method comprises: generating a signing key by performing at least: obtaining a key that is a shared secret between a client device and a computer system of a service; deriving, based at least in part on the shared secret and information indicating a date on which use of the signing key is to be restricted, a date key whose use is limited to the date; deriving, based at least in part on the date key and information indicating a region in which use of the signing key is to be restricted, a region key whose use is restricted to both the date and the region; and deriving, based at least in part on the region key and information indicating a service to which use of the signing key is to be restricted, a service key whose use is restricted to the date, the region, and the service; obtaining, at the computer system of the service, a canonicalized message from the client device and a first digital signature; deriving, at the computer system of the service, a second digital signature based at least in part on the canonicalized message and the signing key; and determining, at the computer system of the service, that the canonicalized message is authentic as a result of the first digital signature matching the second digital signature.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZLANcAxy9HUNcQ1ScHIMdnVR8HaNVHBxDfIMcwzx9PdTcPRzUQhyDfYPDXJ2VXB0dnYNDgZK-7i6g6V5GFjTEnOKU3mhNDeDgptriLOHbmpBfnxqcUFicmpeakm8a4CxuYmRsYGBo6ExEUoAydspOQ</recordid><startdate>20201125</startdate><enddate>20201125</enddate><creator>O'NEILL, Kevin Ross</creator><creator>ROTH, Gregory B</creator><creator>FITCH, Nathan R</creator><creator>CRAHEN, Eric D</creator><creator>ILAC, Christian M</creator><creator>BEHM, Bradley Jeffery</creator><creator>BRANDWINE, Eric Jason</creator><scope>EVB</scope></search><sort><creationdate>20201125</creationdate><title>PARAMETER BASED KEY DERIVATION AND RESOURCE ACCESS DELEGATION</title><author>O'NEILL, Kevin Ross ; ROTH, Gregory B ; FITCH, Nathan R ; CRAHEN, Eric D ; ILAC, Christian M ; BEHM, Bradley Jeffery ; BRANDWINE, Eric Jason</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_EP3742300A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng ; fre ; ger</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>O'NEILL, Kevin Ross</creatorcontrib><creatorcontrib>ROTH, Gregory B</creatorcontrib><creatorcontrib>FITCH, Nathan R</creatorcontrib><creatorcontrib>CRAHEN, Eric D</creatorcontrib><creatorcontrib>ILAC, Christian M</creatorcontrib><creatorcontrib>BEHM, Bradley Jeffery</creatorcontrib><creatorcontrib>BRANDWINE, Eric Jason</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>O'NEILL, Kevin Ross</au><au>ROTH, Gregory B</au><au>FITCH, Nathan R</au><au>CRAHEN, Eric D</au><au>ILAC, Christian M</au><au>BEHM, Bradley Jeffery</au><au>BRANDWINE, Eric Jason</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>PARAMETER BASED KEY DERIVATION AND RESOURCE ACCESS DELEGATION</title><date>2020-11-25</date><risdate>2020</risdate><abstract>A computer-implemented method is provided. The method comprises: generating a signing key by performing at least: obtaining a key that is a shared secret between a client device and a computer system of a service; deriving, based at least in part on the shared secret and information indicating a date on which use of the signing key is to be restricted, a date key whose use is limited to the date; deriving, based at least in part on the date key and information indicating a region in which use of the signing key is to be restricted, a region key whose use is restricted to both the date and the region; and deriving, based at least in part on the region key and information indicating a service to which use of the signing key is to be restricted, a service key whose use is restricted to the date, the region, and the service; obtaining, at the computer system of the service, a canonicalized message from the client device and a first digital signature; deriving, at the computer system of the service, a second digital signature based at least in part on the canonicalized message and the signing key; and determining, at the computer system of the service, that the canonicalized message is authentic as a result of the first digital signature matching the second digital signature.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng ; fre ; ger |
| recordid | cdi_epo_espacenet_EP3742300A1 |
| source | esp@cenet |
| subjects | CALCULATING COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
| title | PARAMETER BASED KEY DERIVATION AND RESOURCE ACCESS DELEGATION |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-07T17%3A54%3A45IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=O'NEILL,%20Kevin%20Ross&rft.date=2020-11-25&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EEP3742300A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |