CN102792632B - 自动化证书管理 - Google Patents
自动化证书管理 Download PDFInfo
- Publication number
- CN102792632B CN102792632B CN201180012917.8A CN201180012917A CN102792632B CN 102792632 B CN102792632 B CN 102792632B CN 201180012917 A CN201180012917 A CN 201180012917A CN 102792632 B CN102792632 B CN 102792632B
- Authority
- CN
- China
- Prior art keywords
- certificate
- new authentication
- expired
- access
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2151—Time stamp
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/061—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (9)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/719,853 | 2010-03-08 | ||
US12/719,853 US9197630B2 (en) | 2010-03-08 | 2010-03-08 | Automated certificate management |
PCT/US2011/027297 WO2011112466A2 (en) | 2010-03-08 | 2011-03-04 | Automated certificate management |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102792632A CN102792632A (zh) | 2012-11-21 |
CN102792632B true CN102792632B (zh) | 2015-08-26 |
Family
ID=44532308
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201180012917.8A Active CN102792632B (zh) | 2010-03-08 | 2011-03-04 | 自动化证书管理 |
Country Status (5)
Country | Link |
---|---|
US (1) | US9197630B2 (zh) |
EP (1) | EP2545677B1 (zh) |
CN (1) | CN102792632B (zh) |
HK (1) | HK1176481A1 (zh) |
WO (1) | WO2011112466A2 (zh) |
Families Citing this family (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9137237B2 (en) | 2013-09-03 | 2015-09-15 | Microsoft Technology Licensing, Llc | Automatically generating certification documents |
EP3077946A1 (en) * | 2013-12-02 | 2016-10-12 | Gemalto SA | System and method for securing offline usage of a certificate by otp system |
US9424419B1 (en) * | 2014-10-27 | 2016-08-23 | Amazon Technologies, Inc. | Automatic rotation and storage of security credentials |
US9893885B1 (en) | 2015-03-13 | 2018-02-13 | Amazon Technologies, Inc. | Updating cryptographic key pair |
US9674162B1 (en) | 2015-03-13 | 2017-06-06 | Amazon Technologies, Inc. | Updating encrypted cryptographic key pair |
US10003467B1 (en) | 2015-03-30 | 2018-06-19 | Amazon Technologies, Inc. | Controlling digital certificate use |
US9479340B1 (en) | 2015-03-30 | 2016-10-25 | Amazon Technologies, Inc. | Controlling use of encryption keys |
WO2016163979A1 (en) * | 2015-04-06 | 2016-10-13 | Hewlett Packard Enterprise Development Lp | Certificate generation |
US10432610B2 (en) * | 2015-06-30 | 2019-10-01 | Vmware, Inc. | Automated monitoring and managing of certificates |
US9819497B2 (en) | 2015-06-30 | 2017-11-14 | Vmware, Inc. | Automated provisioning of certificates |
US10728043B2 (en) * | 2015-07-21 | 2020-07-28 | Entrust, Inc. | Method and apparatus for providing secure communication among constrained devices |
US10666637B2 (en) * | 2015-12-14 | 2020-05-26 | Amazon Technologies, Inc. | Certificate renewal and deployment |
US10356081B2 (en) * | 2016-01-29 | 2019-07-16 | Cable Television Laboratories, Inc. | Systems and methods for secure automated network attachment |
US10320572B2 (en) * | 2016-08-04 | 2019-06-11 | Microsoft Technology Licensing, Llc | Scope-based certificate deployment |
US10250587B2 (en) | 2016-09-30 | 2019-04-02 | Microsoft Technology Licensing, Llc | Detecting malicious usage of certificates |
US10958666B1 (en) * | 2017-03-24 | 2021-03-23 | NortonLifeLock Inc. | Systems and methods for verifying connection integrity |
US11888997B1 (en) * | 2018-04-03 | 2024-01-30 | Amazon Technologies, Inc. | Certificate manager |
US11563590B1 (en) | 2018-04-03 | 2023-01-24 | Amazon Technologies, Inc. | Certificate generation method |
US11323274B1 (en) * | 2018-04-03 | 2022-05-03 | Amazon Technologies, Inc. | Certificate authority |
CN109657423A (zh) * | 2018-11-26 | 2019-04-19 | 平安科技(深圳)有限公司 | 基于开发辅助的开发证书与描述文件的管理方法及系统 |
US11190364B2 (en) * | 2019-03-12 | 2021-11-30 | Vmware, Inc. | Seamless certificate replacement for endpoints in hyperconverged infrastructure |
JP7225958B2 (ja) * | 2019-03-14 | 2023-02-21 | オムロン株式会社 | 制御装置および制御システム |
US11283629B2 (en) | 2019-10-10 | 2022-03-22 | Red Hat, Inc. | Automated replacement of renewable server certificates |
US11290283B2 (en) | 2019-10-10 | 2022-03-29 | Red Hat, Inc. | Automated replacement of self-signed server certificates |
US11843706B1 (en) * | 2019-11-19 | 2023-12-12 | Amazon Technologies, Inc. | Gradual certificate rotation |
EP4174691A1 (de) * | 2021-10-29 | 2023-05-03 | Siemens Aktiengesellschaft | Leitsystem für eine technische anlage und verfahren zum entfernen eines oder mehrerer zertifikate |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6233341B1 (en) * | 1998-05-19 | 2001-05-15 | Visto Corporation | System and method for installing and using a temporary certificate at a remote site |
US6684331B1 (en) * | 1999-12-22 | 2004-01-27 | Cisco Technology, Inc. | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure |
US6738900B1 (en) * | 2000-01-28 | 2004-05-18 | Nortel Networks Limited | Method and apparatus for distributing public key certificates |
US6940979B1 (en) * | 2000-11-09 | 2005-09-06 | Nortel Networks Limited | Management of certificates for public key infrastructure |
KR20040015272A (ko) * | 2001-06-12 | 2004-02-18 | 리서치 인 모션 리미티드 | 인증서 관리 및 전송 시스템 및 방법 |
US7272714B2 (en) * | 2002-05-31 | 2007-09-18 | International Business Machines Corporation | Method, apparatus, and program for automated trust zone partitioning |
US7484089B1 (en) * | 2002-09-06 | 2009-01-27 | Citicorp Developmemt Center, Inc. | Method and system for certificate delivery and management |
US8131649B2 (en) * | 2003-02-07 | 2012-03-06 | Igware, Inc. | Static-or-dynamic and limited-or-unlimited content rights |
US7366906B2 (en) * | 2003-03-19 | 2008-04-29 | Ricoh Company, Ltd. | Digital certificate management system, digital certificate management apparatus, digital certificate management method, program and computer readable information recording medium |
US20050076200A1 (en) * | 2003-08-15 | 2005-04-07 | Imcentric, Inc. | Method for discovering digital certificates in a network |
JP4607567B2 (ja) * | 2004-01-09 | 2011-01-05 | 株式会社リコー | 証明書転送方法、証明書転送装置、証明書転送システム、プログラム及び記録媒体 |
US20060047951A1 (en) * | 2004-08-27 | 2006-03-02 | Michael Reilly | Continuing public key infrastructure operation while regenerating a new certification authority keypair and certificate |
US7512974B2 (en) * | 2004-09-30 | 2009-03-31 | International Business Machines Corporation | Computer system and program to update SSL certificates |
EP1732263A1 (en) | 2005-06-07 | 2006-12-13 | Sony Ericsson Mobile Communications AB | Method and apparatus for certificate roll-over |
US8116456B2 (en) * | 2006-11-28 | 2012-02-14 | Oracle International Corporation | Techniques for managing heterogeneous key stores |
-
2010
- 2010-03-08 US US12/719,853 patent/US9197630B2/en active Active
-
2011
- 2011-03-04 WO PCT/US2011/027297 patent/WO2011112466A2/en active Application Filing
- 2011-03-04 CN CN201180012917.8A patent/CN102792632B/zh active Active
- 2011-03-04 EP EP11753846.2A patent/EP2545677B1/en active Active
-
2013
- 2013-03-22 HK HK13103635.0A patent/HK1176481A1/zh unknown
Non-Patent Citations (2)
Title |
---|
ADFS 2.0 RC is Here!;mattle steele;《http://channel9.msdn.com/shows/Identity/ADFS-20-RC-is-Here/》;20091218;视频第7分钟至第20分钟 * |
Flexible Certificate Management for Secure HTTPS Client/Server Communication;Jing Zhang;《Final Thesis》;20050922;正文第4页至第48页,图3-3至图3-12 * |
Also Published As
Publication number | Publication date |
---|---|
CN102792632A (zh) | 2012-11-21 |
EP2545677A4 (en) | 2013-08-21 |
EP2545677A2 (en) | 2013-01-16 |
US20110219227A1 (en) | 2011-09-08 |
HK1176481A1 (zh) | 2013-07-26 |
WO2011112466A2 (en) | 2011-09-15 |
EP2545677B1 (en) | 2015-04-15 |
WO2011112466A3 (en) | 2012-01-05 |
US9197630B2 (en) | 2015-11-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102792632B (zh) | 自动化证书管理 | |
US11354429B2 (en) | Device and methods for management and access of distributed data sources | |
US8738901B2 (en) | Automatic certificate renewal | |
US7624421B2 (en) | Method and apparatus for managing and displaying contact authentication in a peer-to-peer collaboration system | |
O’Malley et al. | Hadoop security design | |
TWI432000B (zh) | 供應數位身份表徵 | |
US9350536B2 (en) | Cloud key management system | |
US8261329B2 (en) | Trust and identity in secure calendar sharing collaboration | |
US9069944B2 (en) | Managing passwords used when detecting information on configuration items disposed on a network | |
US10084790B2 (en) | Peer to peer enterprise file sharing | |
EP2337296A1 (en) | Session migration between network policy servers | |
US8327132B2 (en) | Automated certificate provisioning for non-domain-joined entities | |
US20140059664A1 (en) | Hardware-Based Credential Distribution | |
US8739255B2 (en) | Replicating selected secrets to local domain controllers | |
JP2011082983A (ja) | ネットワークリソースを保護するための装置及び方法 | |
TW200811685A (en) | System and method for tracking the security enforcement in a grid system | |
CN105324976A (zh) | 使用简单证书注册协议和相应的管理应用将证书注册到设备的方法 | |
JP2010244100A (ja) | 認証情報管理プログラム、認証情報管理装置、認証方法 | |
US10616225B2 (en) | Controlling access rights of a document using enterprise digital rights management | |
JP2007213397A (ja) | データ管理プログラム、データ管理装置およびプロトコルの切り替え方法 | |
US20160191503A1 (en) | Peer to peer enterprise file sharing | |
EP1560394B1 (en) | Techniques for dynamically establishing and managing authentication and trust relationships | |
US20220174058A1 (en) | Peer-to-peer notification system | |
JP2004348631A (ja) | アカウント管理システム、アカウント管理方法およびアカウント管理プログラム | |
JP2021064869A (ja) | シンクライアントシステム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1176481 Country of ref document: HK |
|
ASS | Succession or assignment of patent right |
Owner name: MICROSOFT TECHNOLOGY LICENSING LLC Free format text: FORMER OWNER: MICROSOFT CORP. Effective date: 20150730 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20150730 Address after: Washington State Applicant after: Micro soft technique license Co., Ltd Address before: Washington State Applicant before: Microsoft Corp. |
|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: GR Ref document number: 1176481 Country of ref document: HK |