| 摘要 |
An initial certificate is provided that enables an initial two-way secured communication session between a user computing device and a trusted server. An initial secured communication session is established by the trusted server with the user computing device after receiving the one-time certificate. The trusted server receives identification information associated with the user of the user computing device, wherein the identification information includes a representation of the user's identity that has been confirmed as a function of biometrics and further includes a representation of the user computing device. Moreover, a replacement certificate is generated that is unique to the combination of the user and the user computing device, and transmits the replacement certificate to the user computing device. Thereafter, a two-way secured communication session is established, by the trusted server. |
| 主权项 |
1. A method for providing secure communication between a user computing device and a trusted server, the method comprising:
providing, via a distributed client software application, an initial certificate that enables an initial two-way secured communication session between the user computing device and the trusted server; establishing, by the trusted server, an initial secured communication session with the user computing device after receiving the initial certificate; causing, by the trusted server during the initial secured communication, generation of a replacement certificate that includes identification information associated with the user of the user computing device, wherein the identification information includes a representation of the user's identity that has been confirmed as a function of biometrics and further includes a representation of the user computing device; receiving, by the trusted server during a subsequent communication session with the user computing device, the replacement certificate with encoded information that represents that the user's identity has been verified; establishing, by the trusted server and using the replacement certificate with the encoded information, a two-way secured communication session with the user computing device; receiving, during the two-way secured communication session, a request to access an object; determining, by the trusted server, an object security level associated with the object and a subject security level associated the user; and allowing, by the trusted server for the user computing device, access to the object when the subject's security level is greater than or equal to the object's security level. |
