摘要 |
<p>An electronic commerce system includes a broker computer system having a database of scrip representing a form of currency, a vendor computer system having a database containing products which may be exchanged for the scrip, a consumer computer system with which a user may initiate transactions with the scrip, and an agent computer system to which the consumer can delegate rights to perform actions with the scrip. To delegate actions on scrip, the delegator provides the delegatee with a delegation having a list of the delegated actions. In addition, the delegator determines a delegation scrip secret (DSS) and a delegation pass phrase (DPP) and securely passes these to the delegatee. The delegatee uses the DSS to authenticate itself to servers accepting the scrip and uses the DPP to encrypt the DSS while the scrip is stored by the delegatee. To perform an action with delegated scrip, the delegatee sends a request for the action to a server. The request includes the action, the scrip, the delegation, and a request stamp (RS) calculated using the DSS. The server validates the request by recalculating the RS. When server provides the delegatee with new scrip having multiple delegations, the server encrypts the new DSS"s for each delegation. The delegatee uses the old DSS"s to decrypt the DSS"s for the new scrip. The delegatee stores the encrypted DSS for delegations for which the delegatee does not know the DSS.</p> |