1. Field of the Invention
The invention relates to a system and method for conducting authenticated business transactions over an open multi-platform public network.
2. Description of the Prior Art
The formation of the World Trade Organization and the general reduction in barriers to trade often referred to—as globalization, which has taken place in the past decade, has resulted in a great expansion of international global trade. Global trade requires a special infrastructure to support transactions. Differences in customs, legal systems, language and currencies increase the complexity and risk of conducting business internationally. Global trading partners often mitigate the risks by engaging banks to intermediate transactions. Trading partners are willing to pay a significant fee of approximately 1% of the goods value to banks in exchange for reducing trading risk by substituting the creditworthiness of the bank for the buyer. Another way to mitigate global risks and avoid large bank fees is through leveraging strong relationships between trading partners. In this method, the buyer and seller have established a trusted relationship prior to the transaction, which gives the seller enough confidence to ship the goods subject to later collection, usually upon invoice. The ability to leverage trusted long term relationships is certainly advantageous, but is becoming increasing difficult, especially over the Internet. Global traders looking to quickly establish new trading relationships to increase sales or to reduce costs must either go through a time consuming process to develop the relationship over time, or incur a risk since verifying the identity of the trading partner in another country is difficult. In any event, the ability to quickly form trusted business relationships is becoming mission critical and central to this capability is the ability to globally ensure the identity of each trading partner.
The development of the public Internet and a multiplicity of e-businesses and electronic marketplaces (e-markets) are providing potential counterparts with the theoretical possibility to meet each other and conduct efficient real time trade on a global basis. Electronic commerce has already demonstrated its ability to add efficiency to markets by real time brokering of goods and services in the consumer arena. In the current consumer applications, authentication, payment and credit are generally handled by a simple user-id/password approach for identification and credit card or off-line arrangement for payment. Most business applications also use user-id/password for authentication. This level of authentication, alone, is not sufficient to satisfy the needs for large world wide e-commerce markets.
An alternative and more certain approach to authentication than user-id/password is the use of public key infrastructure (PKI). PKI involves distributing a public key and a private key to users. A message encrypted with the private key can be decrypted with the public key. A common way of using PKI for authentication is to distribute the public key along with a message encrypted by the users private key. The validity of the public key is assured by distributing it in the form of a certificate which has been signed with the private key of a trusted certifying agent. The certificate can be verified using the well known public key of the certifying agent, and the user's public key can be used to decrypt the original message to authenticate the user by verifying that the message was encrypted using the user's private key.
The security of PKI is totally dependent on the security of the private key which is often protected by a hardware key such as a smart card to assure its security. Such systems are quite effective for authentication within a limited enterprise, but are impractical for authentication among a great many users as in global trade, because of the cost and complexity of managing the hardware keys on a large scale. Another drawback of such a system is that there is no effective way to deal with a major breach of security without notifying users of the system, since certificates are self-authenticating.
Another technique known as software camouflaging has been developed by Arcot Systems Inc. and has been described the paper “Software Smart Cards via Cryptographic Camouflage” by D. Hoover and N. Kausik (1999 IEEE Symposium on Security and Privacy”) which similar to the hardware PKI described above solves some of the objections to PKI. The Arcot technique protects the private key by means of a cryptographic camouflage, which provides similar security benefits to hardware based PKI for closed public-key infrastructure, where messages are only verified by pre-defined trusted entities. This restriction occurs since the method requires that the user's public key be distributed on a certificate in an encrypted form which can only be decrypted by a secret key. The software camouflaging technique is more readily scaled to large numbers of users and curing breach of security is less of an issue since authentication is only handled by a limited number of servers. No means is provided, however, for non-trusted entities to accomplish validation. For this reason the technique could be called pseudo PKI.
The current generation of e-commerce applications is directed towards establishing authentication of clients to a particular Internet based services, i.e. connecting a user to a particular Internet based business with which the user is aware and where the user establishes an identification relationship of some type prior to transacting business. Authentication is carried out by each business, by some suitable means whereby he can recognize a person who has previously established a relationship. Several models have become popular. In one simple model, the user knows the URL address of an e-business and contacts the business. The user and business establish a relationship according to a protocol established by the business and thereafter the user authenticates himself according to the protocol, often entering a user name and password which are compared to values stored in a database on the business' server. In another common model the user is directed to a choice of businesses by a portal, whereupon the experience is similar to previous model. Still another class of e-businesses follow the structure of an exchange, where the exchange business establishes relationships with potential buyers and sellers who offer to buy or sell goods or services, such offers being matched in some way—by the exchange. In the exchange model, the actual transaction is usually consummated (payment, shipping, other infra-structure) outside of the exchange directly between the buyer and seller. In all of these models authentication is handled ad hoc according to the protocol set up by the Internet business owner, and in the case of the exchange possibly multiple times by the principals themselves.
One advanced model that has been proposed for providing world wide web service provider sites to consumers is that proposed in U.S. Pat. No. 5,815,665. In that patent an online brokering service is proposed which provides user authentication and billing services to allow consumer users to anonymously and securely purchase online services from service provider sites (e.g., World Wide Web sites) over a distributed public network. The user is authenticated by a returning a response to a challenge generated by the brokering service which is encrypted with the user's password. The brokering service authenticates the user by decrypting the response using the broker's copy of the password which it has on file. The user's anonymity and billing security are protected because they are held only by the broker rather than being distributed among a variety of service providers. The broker keeps each user's access rights to each service provider on record and provides these to the service provider at each session. Service providers generate a billing event message for each service utilized by the user and independently sends each billing event message to the brokering service. The brokering service bills the consumer for services used. While providing an important improvement to the art, U.S. Pat. No. 5,815,665 has a number of deficiencies which limit its use for promoting global trade transactions. First, the degree of authentication is limited to the security of a password, and the password is stored along with the identity of the consumer on the brokering services database. Second, the service is asymmetric. It is fundamentally based on interaction between two unequal parties, a service provider and a user interacting in a particular way which is defined by the nature of the service provider's web site application. There are no extensions to allow for the two parties to interact and forge a unique deal. Of particular importance in this regard, is that brokering service does not independently mediate the interaction between the user and the service provider but must rely on the report of the user's activities provided by the service provider through the billing event messages, thus allowing for disagreements or repudiation between the user and service provider. Also, there is no provision for the users of the multiple service providers to interact.
Another model of authentication involves providing infrastructure for existing business partners to securely share their information and computational resources among partners and allocate access among different users. These systems may provide limited access to users over a public network such as the Internet, but often involve the use of special network hardware for full access or a VPN. These systems are only available for users with a preexisting relationship and do not provide a method for forming a secure trust relationship over a public network. They do not provide a method to simultaneously connect arbitrary combinations of users.
The established models do not make optimal use of the Internet to promote global trade. First they leave the users to establish a multiplicity of relationships with different trade partners. The user has to know of the existence of the business and establish a relationship of trust and a basis for future authentication on an ad hoc basis. Also the type of transaction which can take place directly over the Internet is limited to simple transactions which are carried out in the predetermined format determined by the business owner, since the only relationship which has been established is between the user and the business and between the business and certain pre-determined infrastructure providers which have been chosen. This limitation precludes e-commerce transactions which are much more complicated than the standard models which were previously described. For instance, there is no way to make a deal for purchase of a commodity on the sellers Internet business site, and then “shop around” for infrastructure such as financing, shipping, and insurance specific to the unique deal between the buyer and seller. An even more desirable capability which cannot be currently implemented would be for a buyer along with a key partner on another computer to simultaneously shop around to purchase infrastructure from a variety of vendor-infrastructure provider combinations to optimize a particular procurement. It will be readily apparent that the Internet would be ideal for such optimized purchases if there was a way for appropriate trade partners and infrastructure providers to meet and reliably authenticate their identities.
There is a need for an improved authentication system, service and method with the security advantages of hardware smart card PKI which can be practically applied on a very large scale, even on a global basis, over the public Internet so that potential trade partners can reliably locate each other, authenticate each others' identity with great confidence, and establish trusted relationships over the Internet.
There is a need for an improved authentication system, service and method which provides an authenticated environment for collaboration between trade partners of different types on an equal basis to formulate complex business transactions.
There is a need for an improved authentication system, service and methods which provides for collaboration between business partners in an authenticated environment mediated by a third party so as to prevent repudiation of the collaboration.