ATE422777T1 - Sichere und unbeaufsichtigte erstellung von digitalen zertifikaten für sicherheitsrelevante geräte - Google Patents

Sichere und unbeaufsichtigte erstellung von digitalen zertifikaten für sicherheitsrelevante geräte

Info

Publication number
ATE422777T1
ATE422777T1 AT04293089T AT04293089T ATE422777T1 AT E422777 T1 ATE422777 T1 AT E422777T1 AT 04293089 T AT04293089 T AT 04293089T AT 04293089 T AT04293089 T AT 04293089T AT E422777 T1 ATE422777 T1 AT E422777T1
Authority
AT
Austria
Prior art keywords
security
digital certificate
secure
security token
unsupervised
Prior art date
Application number
AT04293089T
Other languages
English (en)
Inventor
Saint Eric F Le
Original Assignee
Activcard Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Activcard Inc filed Critical Activcard Inc
Application granted granted Critical
Publication of ATE422777T1 publication Critical patent/ATE422777T1/de

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
AT04293089T 2003-12-22 2004-12-22 Sichere und unbeaufsichtigte erstellung von digitalen zertifikaten für sicherheitsrelevante geräte ATE422777T1 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/740,889 US9331990B2 (en) 2003-12-22 2003-12-22 Trusted and unsupervised digital certificate generation using a security token

Publications (1)

Publication Number Publication Date
ATE422777T1 true ATE422777T1 (de) 2009-02-15

Family

ID=34552801

Family Applications (1)

Application Number Title Priority Date Filing Date
AT04293089T ATE422777T1 (de) 2003-12-22 2004-12-22 Sichere und unbeaufsichtigte erstellung von digitalen zertifikaten für sicherheitsrelevante geräte

Country Status (4)

Country Link
US (3) US9331990B2 (de)
EP (1) EP1549019B1 (de)
AT (1) ATE422777T1 (de)
DE (1) DE602004019386D1 (de)

Families Citing this family (86)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9331990B2 (en) 2003-12-22 2016-05-03 Assa Abloy Ab Trusted and unsupervised digital certificate generation using a security token
US7849326B2 (en) * 2004-01-08 2010-12-07 International Business Machines Corporation Method and system for protecting master secrets using smart key devices
US7711951B2 (en) * 2004-01-08 2010-05-04 International Business Machines Corporation Method and system for establishing a trust framework based on smart key devices
GB0504573D0 (en) * 2005-03-04 2005-04-13 Firstondemand Ltd Traceability and authentication of security papers
US8117453B2 (en) * 2005-11-23 2012-02-14 Proton World International N.V. Customization of an electronic circuit
US8027472B2 (en) * 2005-12-30 2011-09-27 Selim Aissi Using a trusted-platform-based shared-secret derivation and WWAN infrastructure-based enrollment to establish a secure local channel
US20100002721A1 (en) * 2006-02-01 2010-01-07 Riley Eller Protocol link layer
WO2007105104A2 (en) 2006-03-15 2007-09-20 Actividentity Inc. Method and system for storing a key in a remote security module
US7992203B2 (en) * 2006-05-24 2011-08-02 Red Hat, Inc. Methods and systems for secure shared smartcard access
US8180741B2 (en) * 2006-06-06 2012-05-15 Red Hat, Inc. Methods and systems for providing data objects on a token
US8098829B2 (en) * 2006-06-06 2012-01-17 Red Hat, Inc. Methods and systems for secure key delivery
US8332637B2 (en) * 2006-06-06 2012-12-11 Red Hat, Inc. Methods and systems for nonce generation in a token
US8364952B2 (en) * 2006-06-06 2013-01-29 Red Hat, Inc. Methods and system for a key recovery plan
US8495380B2 (en) 2006-06-06 2013-07-23 Red Hat, Inc. Methods and systems for server-side key generation
US8099765B2 (en) * 2006-06-07 2012-01-17 Red Hat, Inc. Methods and systems for remote password reset using an authentication credential managed by a third party
US9769158B2 (en) * 2006-06-07 2017-09-19 Red Hat, Inc. Guided enrollment and login for token users
US8589695B2 (en) 2006-06-07 2013-11-19 Red Hat, Inc. Methods and systems for entropy collection for server-side key generation
US8412927B2 (en) 2006-06-07 2013-04-02 Red Hat, Inc. Profile framework for token processing system
US8707024B2 (en) 2006-06-07 2014-04-22 Red Hat, Inc. Methods and systems for managing identity management security domains
US20080016336A1 (en) * 2006-07-17 2008-01-17 Nokia Corporation Generic public key infrastructure architecture
WO2008013525A1 (en) * 2006-07-25 2008-01-31 Northrop Grumman Corporation Common access card heterogeneous (cachet) system and method
US8787566B2 (en) 2006-08-23 2014-07-22 Red Hat, Inc. Strong encryption
US8806219B2 (en) * 2006-08-23 2014-08-12 Red Hat, Inc. Time-based function back-off
US8977844B2 (en) 2006-08-31 2015-03-10 Red Hat, Inc. Smartcard formation with authentication keys
US9038154B2 (en) 2006-08-31 2015-05-19 Red Hat, Inc. Token Registration
US8356342B2 (en) 2006-08-31 2013-01-15 Red Hat, Inc. Method and system for issuing a kill sequence for a token
US8074265B2 (en) * 2006-08-31 2011-12-06 Red Hat, Inc. Methods and systems for verifying a location factor associated with a token
US8693690B2 (en) 2006-12-04 2014-04-08 Red Hat, Inc. Organizing an extensible table for storing cryptographic objects
US8813243B2 (en) 2007-02-02 2014-08-19 Red Hat, Inc. Reducing a size of a security-related data object stored on a token
US8639940B2 (en) 2007-02-28 2014-01-28 Red Hat, Inc. Methods and systems for assigning roles on a token
US8832453B2 (en) * 2007-02-28 2014-09-09 Red Hat, Inc. Token recycling
CN100449561C (zh) * 2007-03-05 2009-01-07 北京邮电大学 基于证书和透明加密的usb存储设备数据防泄密系统和方法
US9081948B2 (en) 2007-03-13 2015-07-14 Red Hat, Inc. Configurable smartcard
WO2008150060A1 (en) * 2007-06-04 2008-12-11 Lg Electronics Inc. Contactless management using envelope format
US20090007256A1 (en) * 2007-06-28 2009-01-01 Microsoft Corporation Using a trusted entity to drive security decisions
US9111122B2 (en) * 2007-07-02 2015-08-18 Freescale Semiconductor, Inc. Asymmetric cryptographic device with local private key generation and method therefor
CN101222333B (zh) * 2007-12-24 2010-11-10 北京握奇数据系统有限公司 一种数据交易处理方法及设备
US20100017413A1 (en) * 2008-07-17 2010-01-21 Ian Edward James Systems and methods for transferring value
US20100241852A1 (en) * 2009-03-20 2010-09-23 Rotem Sela Methods for Producing Products with Certificates and Keys
DE102009036179A1 (de) 2009-08-05 2011-02-10 Siemens Aktiengesellschaft Verfahren zur Ausstellung eines digitalen Zertifikats durch eine Zertifizierungsstelle, Anordnung zur Durchführung des Verfahrens und Rechnersystem einer Zertifizierungsstelle
AU2015200701B2 (en) * 2010-01-12 2016-07-28 Visa International Service Association Anytime validation for verification tokens
CN105243313B (zh) 2010-01-12 2018-12-25 维萨国际服务协会 用于对验证令牌的任何时候确认的方法
DE102010030590A1 (de) * 2010-06-28 2011-12-29 Bundesdruckerei Gmbh Verfahren zur Erzeugung eines Zertifikats
US8943574B2 (en) * 2011-05-27 2015-01-27 Vantiv, Llc Tokenizing sensitive data
US20130085944A1 (en) * 2011-09-29 2013-04-04 Pacid Technologies, Llc System and method for application security
CA2859794A1 (en) 2011-12-22 2013-06-27 Abbvie Inc. Application security framework
US8745378B1 (en) * 2012-03-12 2014-06-03 Certified Security Solutions, Inc. System and method for validating SCEP certificate enrollment requests
WO2014001890A1 (en) 2012-06-28 2014-01-03 Ologn Technologies Ag Secure key storage systems, methods and apparatuses
US9059972B2 (en) 2012-07-03 2015-06-16 International Business Machines Corporation Issuing, presenting and challenging mobile device identification documents
CN102855422B (zh) * 2012-08-21 2015-03-04 飞天诚信科技股份有限公司 一种盗版加密锁的识别方法和装置
CN103095460B (zh) * 2013-01-22 2015-07-22 飞天诚信科技股份有限公司 一种智能卡安全通讯的方法
US9425966B1 (en) 2013-03-14 2016-08-23 Amazon Technologies, Inc. Security mechanism evaluation service
US9059852B2 (en) 2013-03-27 2015-06-16 International Business Machines Corporation Validating a user's identity utilizing information embedded in a image file
CN103607284B (zh) * 2013-12-05 2017-04-19 李笑来 身份认证方法及设备、服务器
US9552485B1 (en) * 2014-10-21 2017-01-24 Amazon Technologies, Inc. Cryptographic material renewal
US10367646B1 (en) 2014-10-21 2019-07-30 Amazon Technologies, Inc. Cryptographic material distribution and management
WO2016090536A1 (en) * 2014-12-08 2016-06-16 Intel Corporation Apparatus and method to improve memory access performance between shared local memory and system global memory
WO2016105969A1 (en) * 2014-12-26 2016-06-30 Mcafee, Inc. Trusted updates
CN104573395B (zh) * 2015-01-29 2017-04-12 上海理想信息产业(集团)有限公司 大数据平台安全评估定量分析方法
US9654294B2 (en) * 2015-02-26 2017-05-16 Red Hat, Inc. Non-repudiable atomic commit
US9692603B2 (en) * 2015-05-15 2017-06-27 Verizon Patent And Licensing Inc. Biometric PKI authentication
US9935774B2 (en) 2015-05-22 2018-04-03 Nxp B.V. Configurable cryptographic controller area network (CAN) device
US10095634B2 (en) 2015-05-22 2018-10-09 Nxp B.V. In-vehicle network (IVN) device and method for operating an IVN device
US9825918B2 (en) * 2015-05-22 2017-11-21 Nxp B.V. Controller area network (CAN) device and method for operating a CAN device
US10116441B1 (en) 2015-06-11 2018-10-30 Amazon Technologies, Inc. Enhanced-security random data
US9762571B2 (en) * 2015-10-19 2017-09-12 Team Internet Ag Securing connections to unsecure internet resources
US10897363B2 (en) 2015-11-17 2021-01-19 Cryptography Research, Inc. Authenticating a secondary device based on encrypted tables
CN108667609B (zh) * 2017-04-01 2021-07-20 西安西电捷通无线网络通信股份有限公司 一种数字证书管理方法及设备
CN109474432B (zh) * 2017-09-07 2021-11-02 西安西电捷通无线网络通信股份有限公司 数字证书管理方法及设备
TW201917594A (zh) * 2017-10-18 2019-05-01 華東科技股份有限公司 一種資料交換之導引裝置及方法
US10505916B2 (en) * 2017-10-19 2019-12-10 T-Mobile Usa, Inc. Authentication token with client key
US10587409B2 (en) 2017-11-30 2020-03-10 T-Mobile Usa, Inc. Authorization token including fine grain entitlements
CN109981278B (zh) * 2017-12-28 2022-09-13 中国移动通信集团辽宁有限公司 数字证书申请方法、系统、用户身份识别卡、设备及介质
US11438168B2 (en) 2018-04-05 2022-09-06 T-Mobile Usa, Inc. Authentication token request with referred application instance public key
US11134071B2 (en) * 2018-04-23 2021-09-28 Oracle International Corporation Data exchange during multi factor authentication
CN110505185A (zh) * 2018-05-18 2019-11-26 神州付(北京)软件技术有限公司 身份验证方法、设备和系统
US11228453B2 (en) * 2018-12-05 2022-01-18 Sera4 Ltd. Secure provisioning of electronic lock controllers
CN109922047B (zh) * 2019-01-31 2021-11-19 武汉天喻聚联网络有限公司 一种图像传输系统及方法
US11639617B1 (en) 2019-04-03 2023-05-02 The Chamberlain Group Llc Access control system and method
US11726923B2 (en) * 2019-06-18 2023-08-15 Micron Technology, Inc. Memory device with cryptographic kill switch
US10790979B1 (en) 2019-08-29 2020-09-29 Alibaba Group Holding Limited Providing high availability computing service by issuing a certificate
CN110677240B (zh) * 2019-08-29 2020-07-10 阿里巴巴集团控股有限公司 通过证书签发提供高可用计算服务的方法、装置及介质
CN114787845A (zh) * 2019-12-13 2022-07-22 维萨国际服务协会 利用密码的计划交互
US11522721B2 (en) * 2020-04-07 2022-12-06 Verizon Patent And Licensing Inc. System and method for establishing dynamic trust credentials for network functions
US11558277B2 (en) 2020-05-08 2023-01-17 Bank Of America Corporation System for generating and signing cryptographically generated addresses using computing network traffic
CN111786799B (zh) * 2020-07-24 2022-02-11 郑州信大捷安信息技术股份有限公司 基于物联网通信模组的数字证书签发方法及系统

Family Cites Families (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE502424C2 (sv) * 1994-02-17 1995-10-16 Telia Ab Metod och anordning vid certifikathanteringssystem
JP3578220B2 (ja) * 1994-06-15 2004-10-20 トムソン コンシユーマ エレクトロニクス インコーポレイテツド マイクロプロセッサの介入のないスマートカードメッセージ転送
US5559889A (en) * 1995-03-31 1996-09-24 International Business Machines Corporation System and methods for data encryption using public key cryptography
US6157719A (en) * 1995-04-03 2000-12-05 Scientific-Atlanta, Inc. Conditional access system
US5768389A (en) * 1995-06-21 1998-06-16 Nippon Telegraph And Telephone Corporation Method and system for generation and management of secret key of public key cryptosystem
US5721781A (en) * 1995-09-13 1998-02-24 Microsoft Corporation Authentication system and method for smart card transactions
US6038551A (en) * 1996-03-11 2000-03-14 Microsoft Corporation System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer
US5781723A (en) * 1996-06-03 1998-07-14 Microsoft Corporation System and method for self-identifying a portable information device to a computing unit
US6212634B1 (en) * 1996-11-15 2001-04-03 Open Market, Inc. Certifying authorization in computer networks
US6035402A (en) * 1996-12-20 2000-03-07 Gte Cybertrust Solutions Incorporated Virtual certificate authority
US5982898A (en) * 1997-03-07 1999-11-09 At&T Corp. Certification process
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US5970147A (en) * 1997-09-30 1999-10-19 Intel Corporation System and method for configuring and registering a cryptographic device
DE69824437T2 (de) * 1997-10-14 2005-06-23 Visa International Service Association, Foster City Personalisieren von chipkarten
US6513117B2 (en) * 1998-03-04 2003-01-28 Gemstar Development Corporation Certificate handling for digital rights management system
US6430688B1 (en) * 1998-12-22 2002-08-06 International Business Machines Corporation Architecture for web-based on-line-off-line digital certificate authority
US6332193B1 (en) * 1999-01-18 2001-12-18 Sensar, Inc. Method and apparatus for securely transmitting and authenticating biometric data over a network
GB9914262D0 (en) 1999-06-18 1999-08-18 Nokia Mobile Phones Ltd WIM Manufacture certificate
US6484259B1 (en) * 1999-07-23 2002-11-19 Microsoft Corporation Methods and arrangements for mapping widely disparate portable tokens to a static machine concentric cryptographic environment
US6763459B1 (en) * 2000-01-14 2004-07-13 Hewlett-Packard Company, L.P. Lightweight public key infrastructure employing disposable certificates
US7020778B1 (en) * 2000-01-21 2006-03-28 Sonera Smarttrust Oy Method for issuing an electronic identity
US20020026578A1 (en) * 2000-08-22 2002-02-28 International Business Machines Corporation Secure usage of digital certificates and related keys on a security token
US6948061B1 (en) * 2000-09-20 2005-09-20 Certicom Corp. Method and device for performing secure transactions
US6854056B1 (en) * 2000-09-21 2005-02-08 International Business Machines Corporation Method and system for coupling an X.509 digital certificate with a host identity
JP2002207426A (ja) * 2001-01-10 2002-07-26 Sony Corp 公開鍵証明書発行システム、公開鍵証明書発行方法、および電子認証装置、並びにプログラム記憶媒体
NO313480B1 (no) * 2001-01-24 2002-10-07 Telenor Asa Fremgangsmåte for å åpne hele eller deler av et smartkort
EP1263164B1 (de) 2001-05-23 2006-06-07 Daniel Büttiker Verfahren und Datenträger zur Eintragung von Benutzern einer Public-Key-Infrastruktur und Eintragungssystem
ATE424067T1 (de) * 2001-06-11 2009-03-15 Daniel Buettiker Verfahren zur sicherung von daten bezüglich von benutzern einer infrastruktur mit öffentlichen schlüsseln
US20040218762A1 (en) * 2003-04-29 2004-11-04 Eric Le Saint Universal secure messaging for cryptographic modules
US20030005317A1 (en) * 2001-06-28 2003-01-02 Audebert Yves Louis Gabriel Method and system for generating and verifying a key protection certificate
US7036020B2 (en) * 2001-07-25 2006-04-25 Antique Books, Inc Methods and systems for promoting security in a computer system employing attached storage devices
US7207060B2 (en) * 2001-10-18 2007-04-17 Nokia Corporation Method, system and computer program product for secure ticketing in a communications device
US6973191B2 (en) * 2001-11-02 2005-12-06 Activcard System and method for generating symmetric keys within a personal security device having minimal trust relationships
US7206936B2 (en) * 2001-12-19 2007-04-17 Northrop Grumman Corporation Revocation and updating of tokens in a public key infrastructure system
US7475250B2 (en) * 2001-12-19 2009-01-06 Northrop Grumman Corporation Assignment of user certificates/private keys in token enabled public key infrastructure system
US7165181B2 (en) * 2002-11-27 2007-01-16 Intel Corporation System and method for establishing trust without revealing identity
US7366305B2 (en) * 2003-09-30 2008-04-29 Intel Corporation Platform and method for establishing trust without revealing identity
US9331990B2 (en) 2003-12-22 2016-05-03 Assa Abloy Ab Trusted and unsupervised digital certificate generation using a security token

Also Published As

Publication number Publication date
US9602497B2 (en) 2017-03-21
US20160294809A1 (en) 2016-10-06
EP1549019A1 (de) 2005-06-29
US10454675B2 (en) 2019-10-22
US20050138386A1 (en) 2005-06-23
US20170244558A1 (en) 2017-08-24
EP1549019B1 (de) 2009-02-11
DE602004019386D1 (de) 2009-03-26
US9331990B2 (en) 2016-05-03

Similar Documents

Publication Publication Date Title
ATE422777T1 (de) Sichere und unbeaufsichtigte erstellung von digitalen zertifikaten für sicherheitsrelevante geräte
US8555072B2 (en) Attestation of computing platforms
US6148401A (en) System and method for providing assurance to a host that a piece of software possesses a particular property
Lopez et al. Why have public key infrastructures failed so far?
CN108696349A (zh) 将可信执行环境用作为证明提供隐私的可信第三方
ATE370458T1 (de) Verfahren und system zur web-basierten cross- domain berechtigung mit einmaliger anmeldung
ATE325478T1 (de) Leckresistentes kryptographisches verfahren und vorrichtung
DE68922422T2 (de) Kryptographisches Unterschriftssystem mittels öffentlichem Schlüssel und mit digitaler Unterschriftsbeglaubigung.
JP2004056794A (ja) コンテンツの権利管理のための領域ベース信用モデル
RU2001112102A (ru) Система и способ защиты от копирования
ES2170167T3 (es) Certificados de clave secreta.
ATE406726T1 (de) Verfahren und vorrichtung zur speicherung kryptographischer schlüssel, wobei schlüsselserver durch besitz und sichere verteilung gespeicherter schlüssel authentifiziert werden
ATE270800T1 (de) Vorrichtungen und verfahren zur zertifizierung von digitalen unterschriften
Chang et al. A blind dynamic fingerprinting technique for sequential circuit intellectual property protection
RU2010100880A (ru) Создание и проверка достоверности документов, защищенных криптографически
CN111428249B (zh) 一种基于区块链保护用户隐私的匿名注册方法和系统
KR20030091240A (ko) 일련번호 발생 방법 및 그 장치
ATE309586T1 (de) Verfahren und vorrichtung zur symmetrischen schlüsselerzeugung in einer persönlichen sicherheitsvorrichtung mit begrenzten vertrauensbeziehungen
BRPI0603761A (pt) sistema de gerenciamento de documento com infra-estrutura de chave pública
CN114006702B (zh) 一种零知识证明分割电路及信息验证方法
CN101359986B (zh) 用于根据双线性映射的直接匿名证明的装置和方法
WO2022205961A1 (zh) 一种更新区块链域名配置的方法和装置
DE50009583D1 (de) Verfahren zur sicheren verteilten generierung eines chiffrierschlüssels
CN107070648A (zh) 一种密钥保护方法及pki系统
CA2283178A1 (en) Method for generating asymmetrical cryptographic keys by the user

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties