Claims
- 1. A method for securing electronic transactions between business partners in a limited access electronic network, wherein the limited access electronic network is accessible only to authorized business partners who have obtained digital certificates from a certification authority, the method comprising:
selecting a certification authority accessible over a public network; designating at least one individual as a registration agent authorized to authenticate the identity of employees who require digital certificates for the purpose of secure e-mail intranet transactions or conducting electronic business transactions with said business partners in said limited access electronic network; authenticating the registration agent; pre-registering the employees with the certification authority, wherein the employees are authenticated by the registration agent; authenticating the employees; issuing a digital certificate to the at least one of the employees.
- 2. The method of claim 1, wherein said limited access electronic network employs public key infrastructure technology.
- 3. The method of claim 1, wherein said limited access electronic network comprises at least one server accessible only to said authenticated business partners who have obtained digital certificates through the Internet or a direct, dial-up connection, and wherein said server of said limited access network has no direct link to a host server that provides content to the server of said limited access network.
- 4. The method of claim 1, wherein said the step of authenticating the employees further comprises
providing to the certification authority a personal identification code and a PIN.
- 5. The method of claim 1, wherein the step of pre-registering the employees further comprises
providing the identity information of the employees to the certification
- 6. A method for issuing digital certificates as online credentials to business partners trading in an extranet, the method comprising:
providing a certification authority, wherein the certification authority is capable of issuing digital certificates; identifying a registration agent, the registration agent having the authority to identify employees entitled to receive the digital certificates; pre-registering the employees entitled to receive the digital certificates, the pre-registration being done by the registration agent; requesting a pre-registered employee to enter pre-registration information; and issuing a digital certificate to the pre-registered employee if the pre-registration information entered by the pre-registered employee matches the pre-registration information in the database for that employee.
- 7. The method of claim 6 further comprising:
generating a user identification code and a personal identification number (PIN) for the pre-registered employee; and directing the pre-registered employee to obtain a digital certificate by using the secure web site.
- 8. The method of claim 6, wherein the registration agent identifies at the least one registration individual, said at the least one registration individual having the authority to identify employees entitled to receive digital certificates.
- 9. The method of claim 8, wherein the at least one registration individual is responsible for pre-registering employees entitled to receive digital certificates.
- 10. The method of claim 6, wherein the registration agent has the authority to revoke the digital certificate already issued to an employee, the revocation comprises
removing the employee from a list of authenticated users.
- 11. The method of claim 6, wherein the revocation further comprises invalidating the digital certificate already issued to the employee, and informing extranet host about the invalid digital certificate.
- 12 A system for securing electronic transaction between business partners in an extranet the system comprising:
a certification authority system coupled to the extranet, wherein the certification authority system comprises
a certification authority server, wherein the certification authority server has a user interface and is capable of generating digital certificates, and a certification authority database, wherein the certification authority database tracks individuals entitled to receive a digital certificate; and a firewall server connecting the extranet to the Internet, wherein a registration agent can pre-register with the certification authority individuals entitled to receive digital certificates and to transact with other business partner, the pre-registered individuals are listed in the certification authority database, the certification authority is responsible for authenticating the identity of a business partner requesting a digital certificate, and the certification authority is capable of issuing a digital certificate that can be used as an online credential to access the extranet to the business partner.
CROSS-REFERENCE TO RELATED APPLICATION
[0001] The application claims priority to U.S. Provisional Application Serial No. 60/218,149, entitled “System and Method for Secure Electronic Transactions,” filed on Jul. 14, 2000.
Provisional Applications (1)
|
Number |
Date |
Country |
|
60218149 |
Jul 2000 |
US |