| CPC H04L 9/3247 (2013.01) [H04L 63/102 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. A computing system comprising:
one or more processors; and
one or more computer-readable hardware storage devices having thereon computer-executable instructions that are structured such that, when executed by the one or more processors, cause the computing system to:
receive, at a second entity, a first verifiable credential from a first entity, the first verifiable credential being cryptographically signed by the first entity using a decentralized identifier (DID) of the first entity, the first verifiable credential comprising a security indicator specifying a security posture of the second entity that is based on one or more security settings being implemented by the second entity;
generate, at the second entity, a second verifiable credential, the second verifiable credential embedding the first verifiable credential therein; and
provide the second verifiable credential to a third entity, the second verifiable credential being configured to cause the third entity to verify the cryptographic signature of the first entity with a public key associated with the DID of the first entity to determine that the first verifiable credential is valid and that the one or more security settings being implemented by the second entity are in compliance with security policies of the third entity.
|