Search All Patents in Z-ARCHIVE-Cryptocurrency
Patent US9667427
Issued 2017-05-30
Systems And Methods For Managing Digital Identities
Systems and methods for managing digital identities. In some embodiments, a method is provided, comprising acts of: using a plurality of measurements taken from a user to generate an identifier for the user, the identifier comprising a cryptographic proof of the plurality of measurements; instantiating a digital identity representation associated with the identifier for the user, the digital identity representation comprising program code that implements rules for attestation; generating an electronic signature over the digital identity representation; and publishing the digital identity representation and the electronic signature to a distributed ledger system.
Much More than Average Length Specification
View the Patent Matrix® Diagram to Explore the Claim Relationships
USPTO Full Text Publication >
- 1. A computer-implemented method comprising acts of:
receiving a pointer to a badge for use in attesting to an identity of a user; using the pointer to access the badge from a digital identity representation in a distributed ledger system, wherein:
the digital identity representation is associated with an identifier for the user, the digital identity representation comprising program code that implements rules for attestation;
the badge comprises a plurality of attribute attestations corresponding respectively to a plurality of attributes; and
for each attribute of the plurality of attributes, the corresponding attribute attestation comprises a cryptographic proof;
receiving, via a channel outside the distributed ledger system, a plurality of values comprising, for each attribute of the plurality of attributes, a value corresponding to that attribute; identifying, from the badge, an entity that is responsible for verifying the badge; determining whether to trust the entity responsible for verifying the badge; and in response to determining that the entity responsible for verifying the badge is to be trusted, checking, for each attribute attestation of the plurality of attribute attestations, whether:
the attribute attestation is in a VERIFIED state;
the cryptographic proof in the attribute attestation is a valid proof of the received value corresponding to the attribute corresponding to the attribute attestation; and
the attribute attestation is electronically signed by the entity responsible for verifying the badge.
- 10. A computer-implemented method comprising:
receiving, via a distributed ledger system, a request to verify a first badge, the first badge comprising a plurality of attribute attestations corresponding respectively to a plurality of attributes for a user, wherein for each attribute of the plurality of attributes, the corresponding attribute attestation comprises a cryptographic proof; receiving, via a channel outside the distributed ledger system, a plurality of values comprising, for each attribute of the plurality of attributes, a value corresponding to that attribute; and for at least one attribute of the plurality of attributes:
identifying, from the first badge, a first attribute attestation corresponding to the at least one attribute, the first attribute attestation comprising a first cryptographic proof;
identifying, from the first attribute attestation, a pointer to a second badge;
using the pointer to access the second badge from the distributed ledger;
identifying, from the second badge, an entity that is responsible for verifying the second badge, and a second attribute attestation corresponding to the at least one attribute;
determining whether to trust the entity responsible for verifying the second badge; and
in response to determining that the entity responsible for verifying the second badge is to be trusted, checking whether:
(1) the second attribute attestation is in a VERIFIED state;
(2) the second cryptographic proof is a valid proof of the received value corresponding to the at least one attribute; and
(3) the second attribute attestation is electronically signed by the entity responsible for verifying the second badge.
- 13. A system comprising:
at least one processor; at least one non-transitory computer-readable medium having stored thereon instructions which, when executed, cause the at least one processor to:
receive a pointer to a badge for use in attesting to an identity of a user;
use the pointer to access the badge from a digital identity representation in a distributed ledger system, wherein:
the digital identity representation is associated with an identifier for the user, the digital identity representation comprising program code that implements rules for attestation;
identify, from the badge, a plurality of attribute attestations corresponding respectively to a plurality of attributes;
for each attribute of the plurality of attributes, identify, from the corresponding attribute attestation, a cryptographic proof;
receive, via a channel outside the distributed ledger system, a plurality of values comprising, for each attribute of the plurality of attributes, a value corresponding to that attribute;
identify, from the badge, an entity that is responsible for verifying the badge;
determine whether to trust the entity responsible for verifying the badge; and
in response to determining that the entity responsible for verifying the badge is to be trusted, check, for each attribute attestation of the plurality of attribute attestations, whether:
the attribute attestation is in a VERIFIED state;
the cryptographic proof in the attribute attestation is a valid proof of the received value corresponding to the attribute corresponding to the attribute attestation; and
the attribute attestation is electronically signed by the entity responsible for verifying the badge.
- 22. A system comprising:
at least one processor; at least one non-transitory computer-readable medium having stored thereon instructions which, when executed, cause the at least one processor to:
receive, via a distributed ledger system, a request to verify a first badge, the first badge comprising a plurality of attribute attestations corresponding respectively to a plurality of attributes for a user, wherein for each attribute of the plurality of attributes, the corresponding attribute attestation comprises a cryptographic proof;
receive, via a channel outside the distributed ledger system, a plurality of values comprising, for each attribute of the plurality of attributes, a value corresponding to that attribute; and
for at least one attribute of the plurality of attributes:
identify, from the first badge, a first attribute attestation corresponding to the at least one attribute, the first attribute attestation comprising a first cryptographic proof;
identify, from the first attribute attestation, a pointer to a second badge;
use the pointer to access the second badge from the distributed ledger;
identify, from the second badge, an entity that is responsible for verifying the second badge, and a second attribute attestation corresponding to the at least one attribute;
determine whether to trust the entity responsible for verifying the second badge; and
in response to determining that the entity responsible for verifying the second badge is to be trusted, check whether:
(1) the second attribute attestation is in a VERIFIED state;
(2) the second cryptographic proof is a valid proof of the received value corresponding to the at least one attribute; and
(3) the second attribute attestation is electronically signed by the entity responsible for verifying the second badge.