The present invention generally relates to digital governance. More
specifically, the present invention relates to a system and a method for implementing real time digital governance for online digital assets.
BACKGROUND
[002] As access to the internet is rapidly increasing worldwide, online
shopping of goods and services is becoming more popular among millions of users. In recent times, online shopping has emerged as a multibillion-dollar industry with huge potential for future expansion. The buying and selling of goods and services over the internet, popularly known as e-commerce, poses potential threats to the digital security of the online business entities and customers. Currently, phishing is the most common attack performed by fraudsters. Phishing involves sending a fraudulent message designed to trick an online customer into revealing sensitive information, such as bank account details, credit card information etc. to the attacker. Fraudsters can create phishing links, websites or mobile applications and monetize upon the collected data through unauthorised digital business assets.
[003] One of the common types of phishing is homograph/homoglyph
phishing, which involves the use of fake domain names, websites or emails closely resembling the originals. For example, a phishing link ‘www.exαmple.com’ can look like the actual website of a bank ‘www.example.com’ to an online customer. The use of a similar looking Cyrillic alphabet ‘α’ in place of ‘a’ enables the fraudster to collect account or credit card details of an online customer and to carry out unauthorised financial transactions. Another common type of phishing is typosquatting, wherein fraudsters rely on typographic errors made by internet users while inputting a website address into a web browser. For example, when a user mistakenly types ‘www.exemple.com’ or ‘www.exampel.com’ in place of the

actual bank website ‘www.example.com’, the user may be directed to similar looking websites created by fraudsters. Phishing exploits a common cognitive error wherein the users tend to read the text as a whole based on a few familiar letters and ignore misspelled letters.
[004] Pirated content is often distributed via open internet, this circulation
often hurts the content creators and licensed distributors. The monetisation of such content is done through digital advertising. Fraudsters often create websites and mobile applications to distribute pirated content, and make revenues by showing advertisements on these websites and mobile applications. The incentive to do piracy is delivered by promised demand in search and ability to show advertisements to churn heavy revenue. This money is often laundered and fuels piracy leaks.
[005] Brand Impersonation is a form of attack where the fraudster
impersonates a trusted brand to trick victims through click baits. This is very prevalent in email-marketing. Fraudsters mimic both private and public institutions to lure customers in click bait to run large scale advertisement fraud operations.
[006] Fake news is circulated via walled gardens by pushing in cash to
promote the content to citizens to alter their mindset through manipulation. Fake news is often monetised through open internet via advertisement fraud, which becomes a cash pipeline for fraudsters to spread misinformation and fake news.
[007] Fake websites and mobile applications are created without disclosing
real owners to steal consumer data for monetisation through advertisement networks. These websites and applications do often form supply side for advertisement networks who demonstrate to be a part of the digital adoption wave.
[008] Digital money laundering or data laundering is a form of fraud, where
consumers are incentivised to download a particular application i.e. by providing free 4g data, payment of credit card bills, checking of bank balance, and to get loans. These websites and applications steal data, and transfer the data behind the servers to monetise it through partner networks.

[009] Another digital fraud committed by the fraudsters is Denial of Service
(DoS) attack. DoS attack is a cyber-attack in which the fraudster seeks to make a machine or network resource inaccessible to its intended users by temporarily or indefinitely interrupting services of a host connected to the Internet. Denial of service is accomplished by flooding a targeted machine with huge number of requests until normal traffic is unable to be processed, resulting in denial of service to the users.
[0010] Further, an advanced form of DoS attack is Distributed Denial of
Service (DDoS), in which the incoming traffic flooding the victim originates from multiple sources. The DDoS attack uses more than one unique IP address or machines, often from thousands of hosts infected with malware. Multiple machines can generate higher attack traffic than one machine. The attack from multiple machines are harder to deal with compared to the attack from a single machine. The most common examples of DDoS attacks are User Datagram Protocol (UDP) flooding, SYN flooding, Domain Name System (DNS) amplification and reflected/ spoofed attack. The UDP flood attack can be initiated by sending a large number of UDP packets to random ports on a remote host such that the victimized system will be forced into sending many Internet Control Message Protocol (ICMP) packets, eventually leading it to be unreachable by other clients. In SYN flooding, an attacker initiates a connection to a server without finalizing the connection. The server has to spend resources waiting for half-opened connections, which can consume enough resources to make the system unresponsive to legitimate traffic. In DNS amplification, an attacker sends a DNS name look up request to a public DNS server, spoofing the source IP address of the targeted victim. The attacker tries to request as much information as possible, thus amplifying the DNS response that is sent to the targeted victim. Since the size of the request is significantly smaller than the response, the attacker is easily able to increase the amount of traffic directed at the target. Simple Network Management Protocol (SNMP) and Network Time Protocol (NTP) can also be exploited as reflector in an amplification attack. The reflected/ spoofed attack involves sending forged requests of some type to a very large number of computers that will reply to the requests. Using Internet

Protocol address spoofing, the source address is set to that of the targeted victim, which means all the replies will go to the target and floods the target.
[0011] The bank account or credit card details obtained through phishing may
be utilised for committing online shopping frauds. The fraudulently acquired financial details may be used to make online retail purchases without the consent of the card/account holder. Another form of online shopping fraud is through social engineering crimes wherein the fraudsters impersonate themselves as online sellers. These fake sellers may take advance payment for the product but will stop responding to the buyer afterwards. Identity theft is another online fraud wherein personal or financial information of another person is obtained fraudulently. The identity information thus obtained is used by the fraudster for making unauthorized transactions or purchases, in the other person’s name.
[0012] The e-commerce organisations and their customers need to be protected
from the rising threat of cybercrimes especially phishing attacks. This can be achieved through the implementation of digital governance. Digital governance is a framework for establishing accountability, roles, and decision-making authority for the digital presence of an individual user or an organization. The digital presence encompasses all online digital assets including websites, mobile applications, social media sites and other online products and services.
[0013] In the existing technologies, the regulatory authorities maintain a
database of blacklisted websites. When a user tries to access a particular website, the access is denied if the website is among the blacklisted websites, whereas the user is able to access all websites which are not there in the blacklist. In order to overcome website blocking by the authorities, fraudsters keep on creating and operating new websites. It is practically impossible to block all these websites by blacklisting in a timely manner. Moreover, the addition of more websites to the existing blacklist will become an unending task for the regulating authorities.
[0014] Therefore, there is a need for a digital governance system which
prevents the users from different forms of online digital frauds.

OBJECTS OF THE INVENTION
[0015] An object of the present invention is to provide a system for
implementing digital governance of online digital assets in real-time.
[0016] Yet another object of the present invention is to provide an automated
authentication method for eliminating fraudulent digital transactions.
[0017] Another object of the present invention is to provide a secured
environment to access online digital assets.
[0018] Still another object of the present invention is to provide protection to
the users against phishing attacks.
[0019] Another object of the present invention is to provide protection to the
users against online identity thefts.
[0020] Another object of the present invention is to provide protection to the
users against online frauds.
[0021] Yet another object of the present invention is to provide protection to
the users against DoS attacks.
[0022] Another object of the present invention is to provide protection to the
users against DDoS attacks.
SUMMARY OF THE INVENTION
[0023] The summary is provided to introduce aspects related to implementing
real time digital governance for online digital assets, and the aspects are further described below in the detailed description. This summary is not intended to identify essential features of the claimed subject matter nor is it intended for use in determining or limiting the scope of the claimed subject matter.

[0024] The present invention relates to a system and a method for
implementing real time digital governance for online digital assets. An encrypted identifier is generated using a public key on a repository of a plurality of repositories. The encrypted identifier is generated based on an input provided by an owner of an online digital asset. Details of the owner or a corporate entity registered in the name of the owner are stored in the repository. The encrypted identifier is shared with a server storing Domain Name System (DNS) information of the online digital assets. The online digital asset is validated by integrating the encrypted identifier with the DNS information of the online digital asset. The validation of the online digital asset is done in real time. An Internet Service Provider (ISP) receives a request from a user device to access the online digital asset. The ISP determines a validation status of the online digital asset by determining integration of the encrypted identifier, decrypting the encrypted identifier using a private key to obtain a decrypted identifier, and querying the decrypted identifier against validated records. The ISP receives an acknowledgement related to the validation status from the server. An access to the online digital asset is provided to the user device based on the acknowledgement obtained from the server.
[0025] In one aspect, the encrypted identifier is created using a public key
against the online digital asset belonging to the owner. The encrypted identifier is decrypted using a private key available with the ISP and a telecom regulatory authority.
[0026] In one aspect, access to the online digital asset is granted when a
positive acknowledgement is received by the ISP. Further, access to the online digital asset is denied when a negative acknowledgement is received by the ISP.
[0027] In one aspect, information indicating validation of the online digital
asset is shared with a telecom regulatory authority, and the ISP queries the validation status from the telecom regulatory authority.
[0028] Other aspects and advantages of the invention will become apparent
from the following description, taken in conjunction with the accompanying drawings, illustrating by way of example the principles of the invention.

BRIEF DESCRIPTION OF THE DRAWINGS
[0029] The accompanying drawings constitute a part of the description and are
used to provide further understanding of the present disclosure. Such accompanying drawings illustrate the embodiments of the present disclosure which are used to describe the principles of the present disclosure. The embodiments are illustrated by way of example and not by way of limitation in the figures of the accompanying drawings in which like references indicate similar elements. It should be noted that references to “an” or “one” embodiment in this disclosure are not necessarily to the same embodiment, and they mean at least one. In the drawings:
[0030] Fig. 1 illustrates a network connection diagram of a system for
implementing real time digital governance for online digital assets, in accordance with an embodiment of the present disclosure;
[0031] Fig. 2 illustrates a block diagram showing different components of a
server enabling implementation of real time digital governance for online digital assets, in accordance with an embodiment of the present disclosure; and
[0032] Fig. 3 illustrates a flow chart showing a method of performing real time
digital governance for online digital assets, in accordance with an embodiment of the present disclosure.
DETAILED DESCRIPTION OF THE INVENTION
[0033] The detailed description set forth below in connection with the
appended drawings is intended as a description of various embodiments of the present invention and is not intended to represent the only embodiments in which the present invention may be practiced. Each embodiment described in this disclosure is provided merely as an example or illustration of the present invention, and should not necessarily be construed as preferred or advantageous over other

embodiments. The detailed description includes specific details for the purpose of providing a thorough understanding of the present invention. However, it will be apparent to those skilled in the art that the present invention may be practiced without these specific details.
[0034] Fig. 1 illustrates a network connection diagram of a system 100 for
implementing real time digital governance for online digital assets. The term online digital assets correspond to websites, web applications, mobile applications, and other services or tools that are hosted online and are accessible by users. The system 100 includes a repository 102 storing information related to individuals and companies (government and corporate). The information stored in the repository 102 may be strictly managed by one or more government agencies. The repository 102 may comprise an individuals’ repository 102-2, an intra-jurisdictional corporate repository 102-4, and an extra-jurisdictional corporate repository 102-6. The individuals’ repository 102-2 may store details of individuals owning online digital assets. The intra-jurisdictional corporate repository 102-4 may store information of owners of corporate entities registered in a country where the system 100 is implemented. The extra-jurisdictional corporate repository 102-6 stores information of owners of corporate entities registered outside the country where the system 100 is implemented.
[0035] The repositories 102 may be connected with a server 104. The server
104 may be configured to store Domain Name System (DNS) information of the online digital assets registered in the country where the system 100 is implemented. DNS is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet. DNS translates domain names to IP addresses so that web browsers can load online digital assets.
[0036] Database of a telecom regulatory authority 106 may also be connected
with the server 104. The server 104 may be accessible through Internet Service Providers (ISPs) 108-2 to 108-n. An ISP is an organization that provides access to the Internet and other related services, such as website building and virtual hosting. ISP serves as the access point or the gateway that provides a user (for example user

device 112), access to everything available on the Internet (for example an online digital asset hosted on a server 110). Henceforth, the ISPs 108-2 to 108-n are collectively referred as ISP 108.
[0037] Using a public key over the repository 102, an owner of an online digital
asset generates an encrypted identifier. The encrypted identifier is shared with the server 104. Over the server 104, the owner of the online digital asset will integrate the encrypted identifier with corresponding DNS information for validation of the online digital asset. The ISP 108 may determine validation status of an online digital asset whose access request is received from a user. In order to determine the validation status, the ISP 108 may decrypt the encrypted identifier using a private key, and confirm the details from validated records (which may be obtained beforehand from the telecom regulatory authority 106). Upon determining a validation status, the ISP 108 may provide access to the validated online digital asset to the requesting user.
[0038] Fig. 2 illustrates a block diagram showing different components of the
server 104 enabling implementation of real time digital governance for online digital assets, in accordance with an embodiment of the present disclosure. The server 104 includes an interface 202, a processor 204, and a memory 206. The memory may comprise programmed instructions to generate an encrypted identifier using a public key 208, programmed instructions to share encrypted identifier with a system storing DNS information of online digital assets 210, programmed instructions to validate the online digital asset by integrating the encrypted identifier with the DNS information 212, programmed instructions to receive a request to access an online digital asset 214, programmed instructions to determine validation status of online digital asset 216, programmed instructions to receive acknowledgement related to validation status of online digital asset 218, and programmed instructions to provides access of online digital asset based on acknowledgement 220. Detailed functioning of the programmed instructions 208 through 220 will be evident from the details provided henceforth.

[0039] Fig. 3 illustrates a flow chart 300 showing a method for implementing
real time digital governance for online digital assets. In this regard, each block may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the blocks may occur out of the order noted in the drawings. For example, two blocks shown in succession in Fig. 3 may in fact be executed substantially concurrently or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. Any process descriptions or blocks in flow charts should be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps in the process, and alternate implementations are included within the scope of the example embodiments in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved.
[0040] At step 302, an owner of an online digital asset may log-in into an online
portal for validation of online digital assets. Upon logging into the online portal, the owner of the online digital asset may be able to access a repository 102 storing details of the online digital asset belonging to the owner. For example, when the online digital asset is associated with a corporate firm (company) registered in the country where the system 100 is implemented, the owner of the corporate firm, after logging into the online portal, may find information of the corporate firm and his own details stored over an intra-judicial corporate repository 102-4. The information of the corporate firm may include, but not limited to, registered address, details of board members, details of business, number of employees etc.
[0041] Over the online portal, a common public key may be available. The
owner of the online digital asset may utilize the public keys to generate an encrypted identifier. In one implementation, a public key would be available for use to the owner for generation of the encrypted identifier.

[0042] At step 304, the encrypted identifier may be shared with a server 104
storing DNS information of several online digital assets. The encrypted identifier may be shared immediately after its creation on the online portal. The encrypted identifier may correspond to details of the owner of the online digital asset.
[0043] At step 306, the server 104 may integrate the encrypted identifier with
the Domain Name System (DNS) information of the online digital asset for validating the online digital asset.
[0044] At step 308, an ISP, for example ISP1 108-2, may receive a request to
access the online digital asset which may be hosted on a server 110. The request may be received from a user device 112 connected with the ISP1 108-2. Because the system 100 provides access to validate online digital assets only, the ISP1 108-2 may determine if the online digital asset is validated, in order to provide access of the online digital asset to the user device 112.
[0045] At step 310, to determine validation status of the online digital asset,
the ISP1 108-2 may determine integration of the encrypted identifier with DNS information of the online digital asset stored at the server 104. When the presence of the encrypted identifier integrated with the DNS information is determined, the ISP1 108-2 may decrypt the encrypted identifier using a private key. The decrypted identifier may be queried against validated records. In one implementation, the validated records may be stored with a database belonging to a telecom regulatory authority 106.
[0046] Based on the query made by the ISP1 108-2, an acknowledgement may
be shared with the ISP1 108-2, by the server 104. The ISP1 108-2 may receive the acknowledgement indicating the validation status of the online digital asset, at step 312. Thereupon, at step 314, it is determined if the acknowledgement is positive or negative. At step 316, when the acknowledgement is identified to be positive, access to the online digital asset may be provided to the user device 112. Alternatively, at step 318, when the acknowledgement is identified to be negative, access to the online digital asset may be denied.

[0047] In the above described manner, the present invention enables access to
online digital assets that are already validated by their owners. In this way, a real time system for implementing digital governance for online digital assets is provided. With such a mechanism, the online digital assets that are associated with any sort or unethical or illegal activity would fail to get validated, and thus would not be accessible to users. Unlike the existing approach, there does not remain a need to create, continuously update, and maintain records of blacklisted/disabled online digital assets.
[0048] The digital governance system as disclosed in the present invention is
able to establish accountability of owners of the online digital assets, thereby preventing online frauds and other forms of digital fraud. The proposed system for implementing digital governance creates a safe environment for both online business entities and customers by enabling a secure and effective real time authentication. Thus, by providing a real time authentication system for implementing digital governance, the present invention effectively prevents DoS attacks, DDoS attacks, online frauds, Intellectual Property crimes, and identity thefts, data thefts, content piracy and advertisement fraud.
[0049] An interface may be used to provide input or fetch output from the
system. The interface may be implemented as a Command Line Interface (CLI), Graphical User Interface (GUI). Further, Application Programming Interfaces (APIs) may also be used for remotely interacting with edge systems and cloud servers.
[0050] A processor may include one or more general purpose processors (e.g.,
INTEL® or Advanced Micro Devices® (AMD) microprocessors) and/or one or more special purpose processors (e.g., digital signal processors or Xilinx® System On Chip (SOC) Field Programmable Gate Array (FPGA) processor), MIPS/ARM-class processor, a microprocessor, a digital signal processor, an application specific integrated circuit, a microcontroller, a state machine, or any type of programmable logic array.

[0051] A memory may include, but is no limited to, non-transitory machine-
readable storage devices such as hard drives, magnetic tape, floppy diskettes, optical disks, Compact Disc Read-Only Memories (CD-ROMs), and magneto-optical disks, semiconductor memories, such as ROMs, Random Access Memories (RAMs), Programmable Read-Only Memories (PROMs), Erasable PROMs (EPROMs), Electrically Erasable PROMs (EEPROMs), flash memory, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic instructions.
[0052] The terms “or” and “and/or” as used herein are to be interpreted as
inclusive or meaning any one or any combination. Therefore, “A, B or C” or “A, B and/or C” mean “any of the following: A; B; C; A and B; A and C; B and C; A, B and C.” An exception to this definition will occur only when a combination of elements, functions, steps or acts are in some way inherently mutually exclusive.
[0053] Any combination of the above features and functionalities may be used
in accordance with one or more embodiments. In the foregoing specification, embodiments have been described with reference to numerous specific details that may vary from implementation to implementation. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense. The sole and exclusive indicator of the scope of the invention, and what is intended by the applicants to be the scope of the invention, is the literal and equivalent scope of the set as claimed in claims that issue from this application, in the specific form in which such claims issue, including any subsequent correction.

We claim:
1. A method of implementing real time digital governance for online digital
assets, the method comprising:
generating an encrypted identifier using a public key on a repository of a plurality of repositories (102-2, 102-4, 102-6), based on an input provided by an owner of an online digital asset, wherein details of the owner or a corporate entity registered in name of the owner are stored in the repository;
sharing the encrypted identifier with a server (104) storing Domain Name System (DNS) information of the online digital assets;
validating the online digital asset by integrating the encrypted identifier with the DNS information of the online digital asset;
receiving, by an Internet Service Provider (ISP) (108), a request from a user device (112) to access the online digital asset;
determining, by the ISP (108), a validation status of the online digital asset by:
determining integration of the encrypted identifier with the DNS
information,
decrypting the encrypted identifier using a private key to obtain a
decrypted identifier, and
querying the decrypted identifier against validated records;
receiving, by the ISP (108), an acknowledgement related to the validation status from the server (104); and
providing an access of the online digital asset to the user device (112) based on the acknowledgement obtained from the server (104)
2. The method as claimed in claim 1, wherein the encrypted identifier is created using the public key against the online digital asset belonging to the owner.
3. The method as claimed in claim 1, wherein the encrypted identifier is decrypted using a private key available with at least one of a telecom regulatory authority (106) and the ISP (108).

4. The method as claimed in claim 1, wherein access to the online digital asset is granted when a positive acknowledgement is received by the ISP (108).
5. The method as claimed in claim 1, wherein access to the online digital asset is denied when a negative acknowledgement is received by the ISP (108).
6. The method as claimed in claim 1, wherein the validation of the online digital asset is done in real time.
7. The method as claimed in claim 1, wherein information indicating validation of the online digital asset is shared with a telecom regulatory authority (106), and the ISP (108) queries the validation status from the telecom regulatory authority (106).
8. A system (100) for implementing real time digital governance for online digital assets, the system (100) comprising:
a processor (204); and
a memory (206) storing programmed instructions, which when executed by the processor (204), causes the processor (204) to:
generate a encrypted identifier using a public key on a repository of a plurality of repositories (102-2, 102-4, 102-6), based on an input provided by an owner of an online digital asset;
share the encrypted identifier with a system storing Domain Name System (DNS) information of the online digital assets;
validate the online digital asset by integrating the encrypted identifier with the DNS information of the online digital asset;
receive a request from a user device by an Internet Service Provider (ISP) (108) to access the online digital asset;
determine a validation status of the online digital asset, by the ISP (108), by:

determining integration of the encrypted identifier with the DNS information,
decrypting the encrypted identifier using a private key to obtain a decrypted identifier, and
querying the decrypted identifier against validated records; receive an acknowledgement by the ISP (108) related to the validation status from the server (104); and
provide an access of the online digital asset to the user device (112) based on the acknowledgement obtained from the server (104).
9. The system (100) as claimed in claim 8, wherein a unique encrypted identifier is created using the public key against the online digital asset belonging to the owner.
10. The system (100) as claimed in claim 8, wherein the encrypted identifier is decrypted using a private key available with at least one of a telecom regulatory authority (106) and the ISP (108).

11. The system (100) as claimed in claim 8, wherein access to the online digital asset is granted when a positive acknowledgement is received by the ISP (108).
12. The system (100) as claimed in claim 8, wherein access to the online digital asset is denied when a negative acknowledgement is received by the ISP (108).
13. The system (100) as claimed in claim 8, wherein validation of the online digital asset is done in real time.
14. The system (100) as claimed in claim 8, wherein information indicating validation of the online digital asset is shared with a telecom regulatory authority (106), and the ISP (108) queries the validation status from the telecom regulatory authority (106).