69
`
`EP0946022A2
`
`70
`
`The procedure of lVakePAT. MergePAT and
`[0317]
`TransP/SI’ is similar to that descrbed above with refer-
`ence to Fig. 21, except that the AID should be replaced
`by the link information ofthe AID and the AID list should
`be replaced by the link specifying AID list. Also, the pro-
`cedure of SpfrtPAT is similar to that described above
`with reference to Fig. 22, except mat the AID should be
`replaced by the link information of the AID and the AID
`list should be replaced by the link specitying AID list
`[0318] Here. in the proceduresot Fig. 21 and Hg. 2,
`the link specifying AID list generation is carried out
`accorcfing to Fig. 49 as follows. Namely, a tuffer length
`is determined first (step 89011) and a butter is gener-
`ated (step S9012). Then. the link information of the
`holder AID is copied to a vacant region of the generated
`buffer (step S9017). That. the link irrlomation of the
`member AID is copied to a vacant region at the resulting
`butter (step $9018), and if the nod member AID acists
`(step S9015 YES). the stat S9018 is repeated
`[0319] Next. the determination of the link information
`of the holda AID will be descrbed. Each of the Make-
`PAT, the MergePAT. the SplitPAT, and the TransPAT com-
`mands is defined to have two or more arguments. where
`AID, PAT. or Enabler can be specified as an argument.
`In this case, the PAT processing device specifies the link
`information of the holder AID ofthe PAT to be outputted
`after executing each command according to the follow-
`ing rules
`
`IO
`
`15
`
`‘ Case of the MakePAT:
`For the MakePAT command. it is defined that
`AIDs are to be specified for the first argument to the
`N.fl1ar9un-ef-|t(N_—_2'3‘ neaoluoc
`blers are to be specified for the N+1 -th and subse-
`quent arguments For exarmle.
`they can be
`specified as follows.
`
`85
`
`- - - - - - - -, AIDN.
`Mal-rePAT AID1, AID2.
`Enabler
`of
`AIDE,
`Enabler
`of
`AID‘,
`~ - - -- -- -.EnabIerofAIDN
`
`The PAT processing device interprets the link
`information of AID of the first argument of the Make-
`PAT command as the link irlfornation the holder
`AID.
`
`Only when one of the Enablers ol the N+t-th
`and subsequent arguments corresponds to the AID
`of the first argument. the PAT processing device
`specifies the link infomlation of this AID (that is the
`link intorrnation of the AID of the first argument) as
`the link intormation of the holder AID at the PAT to
`be outputted after arecuting the Mal<ePAT com-
`mand.
`
`'
`
`Case of the MergePAT:
`For the MergePAT command. it is defined that
`PATs are to be specified for thefirst argument to the
`N-thargument(N=2.3.
`-
`-
`- - -
`-
`- -)andEna-
`bier is to be specified for the N+t-th argument
`
`50
`
`..
`
`Namely,theycanbespecifiedasfollows.
`
`MergePATPA|’,PAT2 - - - ~ - -' - PATN Ena-
`bIerofAlD
`
`The PAT processing device interprets the link
`infon'nationottt'leholdaAtDotthePATottl'netirst
`argument of the MergePAT command as the link
`informationofthehoIderAIDofthePAl'tobeout-
`puttedatterexecutingthe MergePATcomrnand.
`Only when the Enabler of the N+1 -th argument
`corresponds tothe holder AID ot the PAT of the fist
`argument. the PAT processing device specifies the
`Iink intormationofthis AID (thatisthe link informa-
`tionofthehoIderAlDotthePAl'ofthetirstargu-
`merlt)asthefirtkinfom\ationotthel1o|derAlDof
`the PATtobeoutputted after executing the Merge-
`PATcommand.
`CaseottheSptitPAT:
`FortheSpIitPAToommand. itisdefinedthat
`PATisIobespecifiedforthefirstargtm1a1t.asetot
`oneormoreAlDsgroupedtngethabysornepre-
`scrbedsynbolshssurnedtobeparenthesesoin
`this example) are to be specified tor the second
`argumenttotheN-Ihargurnent(N=3,4,
`- - - - - - --).andEnablerist:obespecitiedfor
`theN+1-thargurnenf. Namely.theycanbespeci-
`tiedasfoflows
`
`(N911)
`P571
`5051957
`N022)
`(N021
`- - . - . . .-
`cuoolcnc
`(NDN1
`NDN2
`Atom) rambler of AID
`
`The PA!‘ processing device interprets the link
`inbm1ation0ffl'leInldaAlDoHhePATdthefist
`a'gurnentoIthe SplitPATcommand asthe link infor-
`mationotthehohterAlDotthePATtobeoutputted
`after executing the SptitPAT command.
`Only whenthe Enabler of the N+t-th argument
`corresponds tothe holder AID of the PAT otthe first
`argument. the PAT processing device specifies the
`link information of this AID (that is the link informa-
`tionoftheholderAlDofIhe PAI'otthefirstargu-
`ment)Ias the link information of the holder AID of
`the PAT to be outputted after executing the SpfrtPAT
`command.
`Case at the TransPAT:
`For the TransPAT commarld. it is defined that
`PATs are to be specified for the first argument and
`the second argument, an AID is to be specified for
`the third argument. and Enablers are to be sped-
`fied for the fourth argument and the fifth argument.
`Namely. they can be specified as follows.
`
`TransPAT PAT1 PAT2 AID Enabler of AID1 Ena-
`bler of AID2
`
`The PAT processing device interprets the link
`
`Petitioner Apple Inc. — Exhibit 1002, p. 3501
`
`Petitioner Apple Inc. - Exhibit 1002, p. 3501
`
`

`
`71
`
`EP0946022A2
`
`72
`
`information ct AID of the third argument as the link
`information otthe holder AID otthe PATtobeout~
`putted after executing the TransPAT command pro-
`vided that the link inlormation of AID of the third
`argument of the TransPAT command is contained in
`the PAT at the second argument
`Only when the Enabler oi the fourth argument
`corresponds to both the PAT of the tirst argument
`and the PAT of the second argument and the Ena-
`bier ofthe fifth argument conspondsto the AID oi
`the third argument.
`the PAT processing device
`specifies the link information of the AID of the third
`argument as the link information oi the holder AID
`ot the PAT to be outputted atter executing the Trans-
`PAT command.
`Next. the determination of the link intormations
`of the member AlDs will be described The defini-
`tions ot the MakePAT, the MergePAT, the SplitPAT.
`and the TransPAT commands are as desabed
`
`above. The PAT processing device mecities the link
`inforrnations of the member AlDs oi the PAT to be
`outputted after executing each command according
`to the following rules
`Case at the MalrePAT:
`Only when the link information of the holder
`AID of the P/(T to be outputted after executing the
`MakePAT oonanand ‘s tormally determined, the PAT
`processing darice interprets all the link informa-
`tionsoftheAIDsotthesecond andsubsequent
`arguments of the MakePAT command as the link
`informationsotthememberAlDs otthe PATtobe
`outputted after executing the MakePAT command.
`The PAT processing device specifies only the
`link intormations of those AlDs among all the AlDs
`of the second and subsequent arguments which
`conespond to the Enablers specified by the N-+1-th
`and subsequent arguments as the link informations
`otthe member AIDsof the PAT to be outputted after
`executing the MakePAT command.
`Case at the MergePAT:
`Only when the link intormation oi the holder
`Alootthe PA1'tobeoutputted afterexecutingthe
`MergePAT command is formally determined, the
`PAT processing device specifies the link interma-
`tions ot the member AlDs ot all the PATs specified
`by the first to N-th arguments of the MergePAT as
`the link intormations of the member AlDs of the PAT
`to be outputted atter executing the MergePAT com-
`mand.
`
`Case of the SpIitPAT:
`Only when the link information ot the holder
`AID of the PAT to be outputted after executing the
`SplitPAT command is fomtally determined. the PAT
`processing device specifies the link information of
`the member AID ot the PAT specified by the first
`argument of the SpfrtPAT conrnand as the link infor-
`mation of the menber AID of the PAT to be output-
`ted after executing the SpIitPAT command. At this
`
`10
`
`15
`
`37
`
`point, the link inlomations ofthemerrber AlDs are
`distrbuted into diffaent PAl's in urfits ct parenthe-
`seso. Forexarrpleinthewseot:
`
`PAT
`SDIHPAT
`noonoocc
`
`AID-22)
`(AID21
`(AID11)
`cocon--o
`(NDN1
`Atom
`Atom) Enabter ot AID
`
`(AlDN1AlDN2 - - - - - - - - ArDN,,,)vraIbethe link infor-
`mationsotthemerrberAIDsotditferentPATshavinga
`common link information of holderAlD.
`'
`CaseolTransPAT:
`Only when the link information of the holder
`AID ot the PATto beoumutted alter exewting the
`TransPAT command is formally determined, the PAT
`processing device aaeciliesallthelink informations
`of the member AlDs remaining afta excluding the
`lir1kirrfonrtati<>ncitttiemermerAIDthatissdwed—
`uledtobeanewhoIderAlDtromalthe§nkinfor-
`rratiorIsotthemen1:erAlDsottI1ePATspecitiedby
`thefnst argument otthe TransPRI' contnand and
`theIrril<irt§on11atiorisotthemerriberAlDsottI1ePAr
`specitiedbythesecondatgurnentesthefirikirrfor-
`nationsolthemerrberAlDsotthePATtobeout—
`putted after eracuting the TransPAT command.
`ThevaiticationotthepropernessottheEna-
`bier in this seventh entzodiment is the same as
`descrbedaI:ovewithreterericetoI'-‘rg.24.Also.tt1is
`veriricationofthepropemessottheEnableriscorn-
`mon to the MakePN. the MergePAT. the SpitPKr
`andtheTransPAI'.
`
`Next. the eighth enbodment ot the email
`[0320]
`access control scheme accnlfing to the present ‘man-
`tion will be desaibed in detait
`[0321]
`lnthiseigtrthenbodment.theOlDisgivenby
`a real email address
`[0322] ThePAT'sanintornationcomprisingtwoor
`morereaIemailaddresses.theholderindet.theva1idity
`period. the transfer control flag and the PAT processing
`device identifier (orthe
`oi the PAT processing
`obiectonthenetwork),whichissigned using asecret
`kzeyotthe PATprccessingdevice(orthe Pfirprocessing
`object on the network).
`[0323]
`Here. one of the real email addresses is a
`holder email address of this PAT. Where the change of
`the information contained inthe PATsuch as an addtion
`of email adtress to the PAT. a deletion of email address
`from the PAT. a change of the validity period in the PAT,
`a change of the transfer control flag value in the PA‘I',
`etc., an be made by presenting the holder email
`address and an Enabler containing the holder email
`address to the PAT processing device (or the PAT
`processing object on the network).
`[0324] On the other hand. the email addresses other
`than the holder email address that are contained in the
`PAT are all member email addresses, where a change
`
`Petitioner Apple Inc. — Exhibit 1002, p. 3502
`
`Petitioner Apple Inc. - Exhibit 1002, p. 3502
`
`

`
`73
`
`EP094-6022A2
`
`74
`
`of the information contained in the PAT cannot be made
`even when the member email address and an Enabler
`containing the menber emafl address are presented to
`the PAT processing derice (or the PAT processing object
`on the network).
`[0325] The holder index is a numerical data for identi-
`lylngthe holder enail address. which isdelined totake
`a value 1 when the holder email address is a top email
`address in the email address list formed trom the holder
`entail address and the member email addresses, a
`value 2 when the holder email address is a second
`email aidress from thetqaofthe email address list, or
`a value n when the holds email address is an n-th email
`address from the top of the email address list
`[0326] The transfer control flag value is defined to take
`either 0 or 1.
`[0327] The holder email address is defined to be a real
`ermil address which iswritten at aposition speciied by
`the holder index in the email ackiress list The menber
`email addresses are ddined to be all
`the email
`addresses other than the holder email address.
`[0328]
`The validityperiod isdefinedbyanyoneor
`oon1binationotthenumberottimesforwlid1thePATis
`available. the absolute time (UTC) by which the PET
`beoomesunavailable. theabsolutetime(UTC) bywhich
`the PAT becomes available, and the relative time (life-
`time) since the PAT becomes available until it becomes
`unavailable.
`
`[0:29] The identifier of the PAT processing device (or
`thePATprocessingobieclonthenetwork)isdefmedas
`aseria.lnumberotthePATprocessingdevice(oranrfis-
`tinguished name of the PKI’ processing object on the
`network). The secret key at the PAT processing device
`(or the PATprocessing object on the network) is delined
`to be uniquely corresponding to the identifier.
`[0330] Also in this eighth embodiment. an Enabler is
`defined as an identitier corresponding to the real email
`address. The Enabler is an infonnation comprising a
`character string uniquely indicating that it is an Enabler
`and a real email address itzselt, which is signed using the
`secret key of the PAT processing device or the PAT
`processing object on the network
`[0331] The generation of the PAT in this eighth embod-
`iment is carried out as follows.
`[0332] Here. a directory will be descrbed as an exam-
`ple of the PAT processing daject on the network The
`directory manages the real email address and the dis-
`closed information ot the user in correspondence. and
`outputs the PAT upon receiving the search conditions
`presented from an arbitrary user.
`[0333] The user transnits the real email address and
`the search conditions to the directory. Then, the direc-
`tory acquires all
`the real email addresses which
`uniquely correspond to the disclosed information that
`satisfies thae search conditions. Then, the directory
`generates a real email address list from the real email
`address otthe user who presented the search condi-
`tions and all the real entail addresses acquired as a
`
`10
`
`15
`
`5
`
`40
`
`50
`
`55
`
`search result Then. the directory appends the holder
`index value. the validity period value. the transfer control
`flag value, and the distinguished name ot the directory
`to the real email address Fla. Fnafly. thedrrectory signs
`the resultingdatausingasecretkayofthedirectory.
`andtransmitsitasthe PATtotheuservimopresented
`the search condtions
`
`Next. the email access control in this eighth
`[0334]
`embodiment is married out as follows
`[0335] Thesenderspecifiestherealerrafl addressot
`the sender in From: line. and “[PA‘l]@{real domain of
`sender]' in T0: line of a nail.
`-
`[0336] Thescsacquiresanernailreceivedbyan
`MTA (Message Transfer Agent) such as SMTP (Sinple
`Mail Transter Protocol). and carries out the authentica-
`tion bythe following procature
`
`(1) The signature at the FRI’ is verified using the
`pi.bliclaeyotthePA1'.
`Whe'nthePAl'istoundtohavebeenattered.
`theernailiscfiscardedandtheprocessingistermi-
`naietl.
`when the PAT is found to have been not
`altered. the totlowingprocessing (2) is executed.
`(2)1'hesearchiscarriedoutbypresentirIglhe
`sender‘sreal ernailaddresstothe PAT.
`'
`Whenareal amiluidrthatcontpletely
`matcheswitt1thesertder'srealerrtailatt1ressisnot
`cor1tainedi1thePA1'.flteemailisdis¢ardedaridtl1e
`processingisternirlated.
`when a real anal addrx that completely
`nratr:heswiththesender’sreal ernailaddressis
`ccI't‘tai5rtedinthePA1'.thetoIowingproce$irig(3)is
`enecuted
`
`(8)'lhevalitityperiodvalueotthePATise\aluated.
`WhenthePKl'isotnsidethevali:§typeriod.the
`email is drstnrclai and the processing is termi-
`nated.
`WhenthePKI'iswitl'rinthe validity period. the
`following processing (4) is executed.
`mwhetherornottoautlienticatethesenderis
`determined by reterring tothe transfer control flag
`valueofthePAT.
`when the value is 1. the challengelresponse
`authaiticationbetweenthescsandthesender is
`carriedout, andthesignatureotthe senderisveri-
`tied. When the signature is vafid. the recipient is
`specified andthe PATisattached. when the signa-
`ture is invalid,
`the email
`is discarded and the
`processing is terminated.
`when the value is 0. the rec'pient is specified
`and the PAT is attached without executing the chal-
`lengelresponse authentication.
`
`[0337] An exemplary challengelrwponse authentica-
`tion between the SOS and the sender in this eight
`embodiment can be carried out as tollows.
`
`[0338]
`
`First. the SOS generates an arbitrary informa-
`
`Petitioner Apple Inc. — Exhibit 1002, p. 3503
`
`Petitioner Apple Inc. - Exhibit 1002, p. 3503
`
`

`
`75
`
`EP0946022A2
`
`76
`
`tion such as a timestamp. tor ararrple. and transnits
`the generated information to the sender.
`[0339] Then. the sender generates the secret key and
`the public key. signs the received inlorrration using the
`secret key. and transmits it along with the public key.
`[0340]
`The SCS then verifies the signature of the
`received information using the public key presented
`from the sender. When the signature is valid. the recipi-
`errt is specified and the PAT is attached. When the sig-
`nature is invalid,
`the email
`is discarded and the
`processing is terninated.
`[0341] The specifying of the recipient and the attach-
`ing ot the PAT at the SCS in this eighth anbodiment can
`be canied out as follows.
`
`First, the SCS carries out the search by pre-
`[0342]
`senting the sender's real email address to the PAT. so as
`to acquire all the real email addresses which do not
`conpletely match the senders real email address.
`Then, all these acquired real email addresses are spec-
`ified as reciplenrs real entail addreses.
`[0343] Next. the SOS attaches the PAT to an arbitrary
`position inthe email in crdertctransmit the PATto all
`the rec'pient's email addressesso as to be able to real-
`ize the bidirectional communications. Finally, the SCS
`gives the ermil to the MTA
`[0344] The receiving retusal with respect to the PAT at
`the SCS in this eighth embodiment can be carried an
`as follows.
`
`Receiving refusal setting: 'lhe bidirectional
`[0345]
`authenticationiscarriedoutbyartarbilrseyniemrs
`between the user and the SCS5. Then. the usertrans-
`mits a registration ccmrrand. his/her own real email
`address, and arbitrary PATs to the S03 5. That, the
`SCS 5 next verifies the signature at each received PAT
`using a public key of the ADS. Those PATs with the
`invalid signature are discarded by the SCS 5. When the
`signature is valid. the SCS 5 carries out the search by
`presenting the received real email address to each PAT.
`For each of those PATs which contain the real enell
`address that completely matches with the received real
`entail address, the SCS 5 presents the registration com-
`mand and the PAT to the storage device such that the
`PAT is registered into the storage device. Those PATs
`which do not contain the real email address that com-
`pletely matches with the received real email address
`are discarded by the SCS 5 without storing them into
`the storage device.
`[0346] Receiving retusal execution: The SCS 5 carries
`out the search by presenting the PAT to the storage
`device. When a PAT that corrpletely matches the pre-
`sented PAT is registered in the storage device. the nail
`is discarded. When a PAT that completely matches the
`present PAT is not registered in the storage device. the
`mail is not discarded.
`[0347]
`Receiving refusal wncellation: The bidirec-
`tional authentication is carried out by an arbitrary
`means between the user and the SOS 5. Then. the user _
`presents his/her own real email address to the SCS 5.
`
`10
`
`I5
`
`Then. the SCS 5 next presents the presented real email
`address as a search condition to the storage device and
`acquire all the PATs that contain the presented real
`email addrex. and then tresents all the acquired PATs
`totheuser.Then.the userselectsallthe PATstcrwhich
`the receiving refusal is to be cancelled by referring to all
`the PATs presented from the SCS 5. and transmits all
`the selected PATs along with a deletion comrrand to the
`S08 5. Upon receiving the deletion command and all
`the PATs tor which the receiving rehsal is to be can-
`celled. the SOS 5 presents the deletion command and
`all the PATs received from the user to the storage
`detice, such that all the received PATs are deleted from
`the storage device.
`[0348]
`The editing ot the PAT in this eighth enbodi-
`mentmnbecarriedoutaslotlows.
`
`[0349] The MakePAT. the MergePRl', the SpfrtPAT. and
`the Tra.rsPAT processings for the PAT using real email
`addressesas its elements can be obtained irorn the the
`MakePAT. the MergePAT. the Split?/Tl’. and the Tran-sPKl'
`proce$ingsforthePATusingAtDsasitselemerrts
`desubedabove. by repb.cingtheAlDbylhe real email
`addressandIheEnablerotAlDby1heEnablerofreaI
`ernefl addres.
`
`[0350] ANulioperatorisanintnrmation corrprisinga
`datawhich isurtiquelyindit-atirtgthatitis Milland which
`hasatormatottherealemaieddress,whidiissigned
`bythesecretkeyotthePA‘I’processingdeviceorthe
`PAT processing daject on the netimrlc
`[0351]
`sirrilarty.theGodoperatorisartintcrrrta§or1
`comprising“ adatawhich‘ isuniqudy
`thatitis
`Goda1dwl1ict1trasaforrrtatottt'iereatetrailacttress.
`whicttissigitatbytttesecralreyoittief-Wl'procesairtg’
`devicecrthePATpmce$ingcbjectorIthenetwoa1L
`[0352]
`‘lheEnablarctNi£operatcrisanintorniation
`comprisingadatawhichisuniquely indicafatgthatitis
`EnableraridtheNulioperatoritselt,vwricl1issigr\edby
`thesecrakeyotthePAT prccessingdevice orthe PAT .
`processing object on the network
`[0353]
`The prccessings involving the Ndl operator
`art! the God operator can be obtained trom the
`processings tor the PAT using AlDs as its elements
`described above, by replacing the AID by the real email
`address. the Enabler at AID bythe Enabler or real email
`address. the Null-AID by the Null operator. the God-AID
`by the God operator. and the Enabler ct Null-AID by the
`Enabler ot Null operator.
`[0354] As desaibed. according to the present inven-
`tion, a_PAT is used for verifying the access right of a
`sender and the email access control among users is
`carried out when the verilication result is valid. so that it
`becomes poswle to disclose the information indicative
`of characteristics of a user while concealing the true
`identification of a user and canying out communications
`appropriately according to this disclosed information
`while preventing conventionally possible attacks from a
`third person. In addition. even when a recipient receives
`an attack fron1 a sender who maliciously utilizes the
`
`50
`
`39
`
`Petitioner Apple Inc. — Exhibit 1002, p. 3504
`
`Petitioner Apple Inc. - Exhibit 1002, p. 3504
`
`

`
`77
`
`EPO946 022 A2
`
`78
`
`‘ anonymity, damages of a redpient due to that attack
`can be minimized.
`
`Also, according to the present invention, the
`[0355]
`generation and the content change ot the personalized
`accesstidretcanbemadebytheinitiativeotauserby
`using an AID assigned to each user and an Enabler
`dfined in oorreqaondence to the AID. so that
`it
`bwomes possble to appropriately manage information
`suchasthal ofa pointotcontactcteach merrberctthe
`group communiration (mailing list. etc.) which changes
`dynamically.
`[0356] Also. according to the present invention, a Nutt-
`AID and an Erlabler of Null-AID (‘an be introduced in
`order to carry out the generation of a new PAT (Make-
`PA'|') and the merging ot PATs (MergePAT) without giv-
`ing the member AID and the Enabler of the member AlD
`to the holder at the PAT. so that it becomes possble to
`prevent the pretending using the member AID.
`[0357]
`Also, according to the present invention. the
`Null-AID can be used only as the holder AID ofthe PAT
`(the Null-AID cannot be used as the merrber AID). that
`S PAT<AlDN,_,. I AlD,,,emb.,,1,
`‘ ' ' ' ‘ ‘ ' ',
`AlDme,,,,,e,N > is allowed. but PAT<AIDhdde,
`I AIDNuu,
`Alomembonv NDmembei2-
`' ‘ ‘ ' ' ‘ ' '- Amnmiiberu >
`is not allowed, so that the holder at PAT<AlD,.,,da, | AID-
`mme, > cannot produce PAT<AID,M | AlDm,m,,e, >
`from this PAT-:AlD,,dde, | AID,m,,,,,e, > as long as the
`holder does not know Enabler of AlDme,,¢,,,
`[0358]
`Also. according to the present invention." a
`God~AlDcanbeintroducedinordertosetuparead
`oniyattnbutetothe PAT, sothat itbecomespossbleto
`fix the participants in the group communication.
`[0359]
`Also. according to the present invention. the
`link information tor uniquely specifying the AID can be
`introduced and the PAT can be given in terms of the link
`information such that the PAT does not contain the AID
`itself. so that it becomes possible to realize the receiving
`retusd function without using the AID itself.
`[0360]
`It is to be noted that. besides those already
`mentioned above, many modifications am variations of
`the above embodiments may be made without depart-
`ing trom the novel and advantageous features of the
`’ present invention. Accordingly, all such rnodifications
`and variations are intended to be included within the
`scope of the appended claims.
`
`Claims
`
`communications between the sender and the
`receiver; and
`oontrollirg accesses between the sender and
`theredpientbyveritying anaccessrightcfthe
`sender with respect to the recbient according
`to the personalized access ticket at the secure
`
`2. The method of ctaim 1, wherein at the controlling
`step the secure comrnunication service authenti-
`cates the personalized access ticket presented by
`the sender. and refuses a delivery of the email
`when the personalized access ticket presented by
`the sender has been altered.
`
`10
`
`15
`
`3. Themethodotciaimzwhereinthepersonalized
`accessticlcetissignedbyasecretkeyotasecure
`processing device which issued the personalized
`accessticlnet andatthecontrollingstepthesecure
`cornniuriit2fioriserviceatrlhenticatesthepersornl-
`izedaccesstidtetbyverilyingasignatureoithe
`secure processing device it
`the persondized
`accessticketusingapubticlneyotthesecure
`processingdevice
`
`4. Themethodofclairntwhereinattlriereceiving
`step the secure oornmunication service also
`receives the sender's identfncation presented by
`theserideralorigvwtltfliepersorzafizedaccess
`tictcet.arIdattl1eoortti'ottirtgstepthesecurecorn-
`rnrnicat$onservicet:t1eds\rmettiertt'teseridei’s
`iderrliiirxtiortpresentedbythes-enderiscorlfiirled
`inthepersonalizedaccessticlretxxeserrtedbythe
`sender.andrdusesaddiveryottheana‘lwhen
`thesender'sideritifi<:ationpresentedbyttiesender
`isnotcontainedinthepersonalizedeooestiolret
`presentedbythesender.
`
`5. The method of claim 1. wherein the personalized
`access ticket also contains a validity period indicat-
`ingaperiodforwhidtthepersonalizedaccess
`ticket is valid. and at the controlling step the secure
`communication service chedrs the validity period’
`contained in the personattzed access tidcet pre-
`sented bythe senderandrettsesadeliveryotthe
`email when the persoralized access ticket pre-
`sented by the sender contains the validity period
`that has already been expired.
`
`6. The method of claim 5. wherein the validity period
`ot the personalized access ticket is set by a trusted
`third party.
`
`1. A method of email access control, comprising the
`steps of:
`
`50
`
`receiving a personalized access ticket contain-
`ing a sender's identification and a rec‘pient's
`identification in correspondence. which is pre-
`sented by a sender who wishes to send an
`email to a recipient so as to specify the recipi-
`ent as en intended destination otthe email. at a
`secure communication service for connecting
`
`55
`
`7. The method of ciaim 1. further comprising the step
`of:
`
`issuing the personalized access ticket to the
`sender at a directory service tor managing an
`
`Petitioner Apple Inc. — Exhibit 1002, p. 3505
`
`Petitioner Apple Inc. - Exhibit 1002, p. 3505
`
`

`
`79
`
`EP0946022A2
`
`80
`
`identification of each registrant and a disclosed
`information of each registrant which has a
`lower seaecy than a personal information, in a
`state which is accessible for search by unspec-
`ified many.
`in response to search conditions
`specified by the sender, by using an identifica-
`tion of a registrant whose disclosed information
`matches the search condtions as the recipi-
`ents identification and the sender's identifica-
`tion specified by the sender along with the
`search conditions.
`
`The method of claim 1, further comprising the stqa
`of:
`
`registering in advance the personalized access
`ticket containing an identification of a specific
`user from which a delivery of enails to a me-
`cilic registrant is to be refused as the sender's
`identification and an identification at the spe-
`citic registrant as the recipient‘s
`at the secure communication service;
`wherein the controlling step the secure oom-
`municetion service reluses a delivery ol the
`ermil from the sender when the personalized
`access ticket presented by the sender is regis-
`tered therein in advance atthe registering step
`
`The method of claim 8, further comprising the step
`Of:
`.
`
`deleting the personalized access ticket regis-
`tered at the secure communication service
`upon request from the specific registrant who
`registered the personalized access ticket atthe
`registering step.
`
`10. The method of claim 1. wherein the personalized
`access ticket also contains a transfer control flag
`indicating whether or not the sender should be
`authenticated by the secure communication serv-
`ice, and at the controlling step, when the transfer
`control flag contained in the personalized access
`ticket indicates that the sender should be authenti-
`cated. the secure communication service authenti-
`cates the sender's identification presented by the
`sender and refuses a delivery of the email when an
`authentication of the sender's identification tails.
`
`. The method of ctaim 10, wherein the authentication
`of the sender's identification is realized by a chat-
`lenge/response procedure between the sender and
`the secure communication service.
`
`12.
`
`The method of claim 10. wherein the transfer con-
`trol flag of the personalized access ticket is set by a
`trusted third party.
`
`13.
`
`14.
`
`10
`
`‘I5
`
`15.
`
`25
`
`5
`
`16.
`
`17.
`
`18.
`
`The method of claim 1, wherein the senders identi-
`fication and the recipients identifitztion in the per-
`sonalized aocess ticket are given by real email
`addresses of the sender and the recipient,
`
`The method of claim 1, wherein the senders identi-
`ticationaridtheredpienfsiderttificationintheper-
`sonalizedaocessticketaregiven byanonymous
`identifications of the sender and the recipient.
`where an anonymous identification of each user
`contains at least one fragment of an official identiti-
`catlonofeach userbywhidt eachuserisuniquely
`identifiable by a certification authority.
`
`The method otdaim 14, wheeln the anonymous
`icle1tif'n<ztionofeactwserisanir1torn1atioricorrtain-
`ing the at least onefiagment of the otfidal identifi-
`aatiortofeachuserwtlidtissignedbythe
`certiiicatiorrault\orityusingasecretkeyoftttecer-
`titicationaulhority.
`
`Themethodaldairnt4,whereir1theofficialiderlti-
`ficationoleactnrserisacharacterstririguniquety
`assignedtoear:tuser'bythecerfiicatiortaumority
`andapufliclieyofeadtuserwhidraresignedbya
`secretkeyotthecertificationauthority.
`
`Themethodofclairn14,turthacorrprisingthestq)
`of:
`
`prohabiistically identifying an identity at the
`serrderbyreconstructingtheotficial identiiica—
`tiortotthesendebyiudgirtgiderrtityotaptt.n'al-
`ityotanortymousiderIfi'cr:ationso!tt1esertde:
`containedinapluralityotpersonatizedaccess
`ticlcetstsedbythesenda.
`
`The method of claim 1, wherein an anonymous
`iderrtificationoteachuserttatoontainsatleastone
`fragment of an official identitication of each user by
`which each user is uniquely identifiable by a certifi-
`mtioneuthorityandelinkintorrmtionoteach
`anonymous idewtification by which each anony-
`mous
`can be uniquely identitied are
`defined. and the senders identification and the
`recipients identification in the personalized awex
`tidxet are given by a link inforrration of the anony-
`mous idenfitication of the sender and a link informa-
`tion of the anonymous identifimtion of the recipiderrt.
`
`19.
`
`The method of claim 1. wherein the link information
`of each anonymous identification is an identifier
`uniquely assigned to each anonymous identifica-
`tion by the certification authority.
`
`20. The method of claim 18. further comprising the step
`of:
`
`55
`
`41
`
`Petitioner Apple Inc. — Exhibit 1002, p. 3506
`
`Petitioner Apple Inc. - Exhibit 1002, p. 3506
`
`

`
`81
`
`EP0946022A2
`
`82
`
`p
`
`robabilistically identifying an identity of the
`sender by reconstructing the official identifica-
`tion of the sender byjudging identity at a plural-
`ity of anonymous identifications ot the smder
`corresponding to the link information contained
`in a plurality ot personalized access tidrets
`used by the sender.
`
`21.
`
`22.
`
`23.
`
`The method ot claim 1, wherein the personalized
`access ticket contains a single senders itentifica-
`tion and a single recipient's identification in 1-to-1
`conespondence.
`'
`
`The method ot claim 1, wherein the personalized
`access ticket contains a single sendefs identifica-
`tion and a plurality at recipient's identifications in 1-
`tc>N correspondence. where N is an integer greater
`than 1.
`
`The method of claim 22. wherein one identification
`among the angle senders identification and the
`plurality of recipients identifications is a holder
`identification for identifying a holder of the personal-
`ized access ticket while other identifications among
`the single sender's identifitztion and the plurality of
`recipient's identifications are member identifica-
`tions for identifying members of a group to which
`the holder belongs
`
`24.
`
`The method ol claim 23. further comprising the step
`of:
`
`issuinganidenliticatior1otead'iuserendan
`enablerottheident:'ficatioriofeachuseriridi-
`eating a right
`to change the personalized
`access ticket containing the identification of
`each user as the holder identification, to each
`user at a certification authority, such that pre-
`scribed processing on the personalized access
`ticket can be carried out at a secure processing
`device only by a user who presented both the
`holder identification contained in the personal-
`ized aocess ticket amt the enabler correspond-
`ing to the holder identification to the secure