Method and Apparatus for Managing Authentication in a Decentralized or Distributed Network of Cyber- Physical Systems

摘要

A Method and Apparatus is disclosed for Multi-Agent Authentication in a decentralized or distributed network of Cyber-Physical Systems for the purpose of enhancing the overall Utility of Agency and Ownership. This Apparatus consists of an End Agent Authentication Device (an “Authenticator”) that is necessary in all authentication processes, and this invention defines an End Agent State Machine, and a set of nine distributed authentication processes that are enabled by this Authenticator. This Method acknowledged the ability for an Authenticated End Agent to have its Semantic Data Model managed by its Authenticated Owner. This Method enhances security and reduces complexity by allowing the Authenticator to execute these nine processes in both decentralized or distributed network configurations.;An Example of this Method and Apparatus in use is a scenario with an internet-connected non-Authenticator Device (a “Non-Authenticator End Agent”) in a commercial/retail location whereby the Owner (an “Owner Interested Agent”) of that Device, very likely the Owner of the commercial/retail location, has Authenticated that Device using their Authenticator (an “Authenticator End Agent”) on a Decentralized or Distributed Network. In this example, the owner has pre-defined the Semantics of that Device's End Agent Sub-Class(es), State Machine Sub-Classes (if any), and its Classes and Attributed of Service to commercial/retail customers in the Device's “Semantic Data Model”. As a function of that Semantic Data Model, the owner has defined the Sub-Classes of commercial/retail customers (“Non-Owner Interested Agents”) who have the Permission to Authenticate with the internet-connected Device, be served by the Device, and in certain circumstances even Control the Device, within the Parameters set by the Owner of that Device in the Device's Semantic Data Model. When this Non-Owner Authentication occurs, an Owner-defined limited-to-significant set of capabilities are made available by the End Agent to the Non-Owner Interested Agent without compromising the notion in the Semantic Data Model of Ownership, Control and/or Authentication.