CN107690771B - 用于证书管理的方法、设备和系统 - Google Patents

用于证书管理的方法、设备和系统 Download PDF

Info

Publication number
CN107690771B
CN107690771B CN201680030577.4A CN201680030577A CN107690771B CN 107690771 B CN107690771 B CN 107690771B CN 201680030577 A CN201680030577 A CN 201680030577A CN 107690771 B CN107690771 B CN 107690771B
Authority
CN
China
Prior art keywords
service provider
certificate
public key
private key
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201680030577.4A
Other languages
English (en)
Chinese (zh)
Other versions
CN107690771A (zh
Inventor
李攘翁
阿南德·帕拉尼古德
李秀范
拉贾特·普拉卡什
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN107690771A publication Critical patent/CN107690771A/zh
Application granted granted Critical
Publication of CN107690771B publication Critical patent/CN107690771B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Telephonic Communication Services (AREA)
CN201680030577.4A 2015-06-10 2016-04-14 用于证书管理的方法、设备和系统 Active CN107690771B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/736,055 2015-06-10
US14/736,055 US9787478B2 (en) 2015-06-10 2015-06-10 Service provider certificate management
PCT/US2016/027436 WO2016200482A1 (en) 2015-06-10 2016-04-14 Service provider certificate management

Publications (2)

Publication Number Publication Date
CN107690771A CN107690771A (zh) 2018-02-13
CN107690771B true CN107690771B (zh) 2021-01-29

Family

ID=55911061

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201680030577.4A Active CN107690771B (zh) 2015-06-10 2016-04-14 用于证书管理的方法、设备和系统

Country Status (6)

Country Link
US (1) US9787478B2 (cg-RX-API-DMAC7.html)
EP (2) EP3308499B1 (cg-RX-API-DMAC7.html)
JP (1) JP2018517367A (cg-RX-API-DMAC7.html)
KR (1) KR20180016398A (cg-RX-API-DMAC7.html)
CN (1) CN107690771B (cg-RX-API-DMAC7.html)
WO (1) WO2016200482A1 (cg-RX-API-DMAC7.html)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10171439B2 (en) * 2015-09-24 2019-01-01 International Business Machines Corporation Owner based device authentication and authorization for network access
US9705859B2 (en) * 2015-12-11 2017-07-11 Amazon Technologies, Inc. Key exchange through partially trusted third party
US10412098B2 (en) 2015-12-11 2019-09-10 Amazon Technologies, Inc. Signed envelope encryption
US10320571B2 (en) * 2016-09-23 2019-06-11 Microsoft Technology Licensing, Llc Techniques for authenticating devices using a trusted platform module device
JP7308756B2 (ja) * 2016-12-30 2023-07-14 ビーシー ディベロップメント ラボズ ゲーエムベーハー ブロックチェーン対応サービスプロバイダシステム
US10749692B2 (en) 2017-05-05 2020-08-18 Honeywell International Inc. Automated certificate enrollment for devices in industrial control systems or other systems
GB2566263A (en) * 2017-09-01 2019-03-13 Trustonic Ltd Post-manufacture certificate generation
US20210241270A1 (en) * 2017-12-28 2021-08-05 Acronis International Gmbh System and method of blockchain transaction verification
EP3537323A1 (de) * 2018-03-09 2019-09-11 Siemens Aktiengesellschaft Projektbezogenes zertifikatsmanagement
KR102553145B1 (ko) * 2018-07-24 2023-07-07 삼성전자주식회사 디지털 키를 처리 및 인증하는 보안 요소 및 그 동작 방법
WO2020139513A1 (en) * 2018-12-28 2020-07-02 Apple Inc. Providing verified claims of user identity
SG11201908946PA (en) * 2019-03-26 2019-10-30 Alibaba Group Holding Ltd Program execution and data proof scheme using multiple key pair signatures
CN118265029A (zh) 2019-12-06 2024-06-28 三星电子株式会社 对数字密钥进行管理的方法和电子装置
US11468181B2 (en) * 2020-04-21 2022-10-11 Microsoft Technology Licensing, Llc Secure access to accessory device resources
CN114257382B (zh) * 2022-01-30 2024-06-11 支付宝(杭州)信息技术有限公司 密钥管理和业务处理方法、装置及系统
CN116347410A (zh) * 2023-02-08 2023-06-27 北京握奇数据股份有限公司 蓝牙设备的通话方法、装置、蓝牙设备及介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1685706A (zh) * 2002-09-23 2005-10-19 皇家飞利浦电子股份有限公司 基于证书授权的域
CN101287099A (zh) * 2007-04-10 2008-10-15 北京汉辰科技有限公司 一种利用p2p技术的实现视频点播和推播的系统及其方法
CN103167497A (zh) * 2011-12-19 2013-06-19 卓望数码技术(深圳)有限公司 一种鉴权处理方法和鉴权处理系统

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5379344A (en) 1990-04-27 1995-01-03 Scandic International Pty. Ltd. Smart card validation device and method
US6141752A (en) 1998-05-05 2000-10-31 Liberate Technologies Mechanism for facilitating secure storage and retrieval of information on a smart card by an internet service provider using various network computer client devices
JP2003188873A (ja) * 2001-12-14 2003-07-04 Kanazawa Inst Of Technology 認証方法、およびその方法を利用可能な認証装置、ユーザシステムおよび認証システム
US7254705B2 (en) 2002-03-15 2007-08-07 Matsushita Electric Industrial Co., Ltd. Service providing system in which services are provided from service provider apparatus to service user apparatus via network
JP4510392B2 (ja) * 2002-03-15 2010-07-21 パナソニック株式会社 個人情報認証を行うサービス提供システム
US7783892B2 (en) 2003-05-30 2010-08-24 Privaris, Inc. System and methods for assignation and use of media content subscription service privileges
EP1911194A1 (fr) * 2005-07-26 2008-04-16 France Télécom Procede de controle de transactions securisees mettant en oeuvre un dispositif physique unique, dispositif physique, systeme, et programme d'ordinateur correspondants
KR100648540B1 (ko) * 2005-09-29 2006-11-27 주식회사 유비닉스 스마트 카드, 카드 관리 시스템 및 그 키 관리 방법
EP2202913B1 (en) * 2007-10-19 2012-12-05 Nippon Telegraph and Telephone Corporation User authentication and method for the same
US8438385B2 (en) * 2008-03-13 2013-05-07 Fujitsu Limited Method and apparatus for identity verification
US8286865B2 (en) * 2008-04-14 2012-10-16 Lockstep Technologies Pty Ltd Authenticating electronic financial transactions
US8347080B2 (en) 2010-05-10 2013-01-01 Research In Motion Limited System and method for multi-certificate and certificate authority strategy
CN102694782B (zh) 2011-03-24 2016-05-18 中国银联股份有限公司 基于互联网的安全性信息交互设备及方法
US9477517B2 (en) * 2011-10-28 2016-10-25 Qualcomm Incorporated Service broker systems, methods, and apparatus
US9380048B2 (en) 2012-10-15 2016-06-28 Saife, Inc. Certificate authority server protection
US10063380B2 (en) 2013-01-22 2018-08-28 Amazon Technologies, Inc. Secure interface for invoking privileged operations

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1685706A (zh) * 2002-09-23 2005-10-19 皇家飞利浦电子股份有限公司 基于证书授权的域
CN101287099A (zh) * 2007-04-10 2008-10-15 北京汉辰科技有限公司 一种利用p2p技术的实现视频点播和推播的系统及其方法
CN103167497A (zh) * 2011-12-19 2013-06-19 卓望数码技术(深圳)有限公司 一种鉴权处理方法和鉴权处理系统

Also Published As

Publication number Publication date
JP2018517367A (ja) 2018-06-28
US9787478B2 (en) 2017-10-10
EP3308499A1 (en) 2018-04-18
US20160365984A1 (en) 2016-12-15
KR20180016398A (ko) 2018-02-14
EP3308499B1 (en) 2019-03-13
WO2016200482A1 (en) 2016-12-15
CN107690771A (zh) 2018-02-13
EP3454504A1 (en) 2019-03-13
EP3454504B1 (en) 2020-04-01

Similar Documents

Publication Publication Date Title
CN107690771B (zh) 用于证书管理的方法、设备和系统
CN110770695B (zh) 物联网(iot)设备管理
US10667131B2 (en) Method for connecting network access device to wireless network access point, network access device, and application server
JP6533203B2 (ja) 複数のアクセス制御クライアントをサポートするモバイル装置、及び対応する方法
US8898453B2 (en) Authentication server and method for granting tokens
US20220014524A1 (en) Secure Communication Using Device-Identity Information Linked To Cloud-Based Certificates
US8532620B2 (en) Trusted mobile device based security
KR101611773B1 (ko) 멀티 네트워크 시스템에서 아이덴티티 관리를 위한 방법들, 장치들 및 컴퓨터 프로그램 제품들
AU2006298507B2 (en) Method and arrangement for secure autentication
CA2734481C (en) Authentication server and method for granting tokens
US20090239503A1 (en) System and Method for Securely Issuing Subscription Credentials to Communication Devices
US20030070068A1 (en) Method and system for providing client privacy when requesting content from a public server
JP2022541760A (ja) コアネットワークドメインにおける証明書ハンドリングのための技法
US11777743B2 (en) Method for securely providing a personalized electronic identity on a terminal
US8397281B2 (en) Service assisted secret provisioning
EP2879421B1 (en) Terminal identity verification and service authentication method, system, and terminal
CN104115465A (zh) 具有本地功能的身份管理
MXPA04007546A (es) Metodo y sistema para proporcionar una tercera autenticacion de autorizacion.
US8234497B2 (en) Method and apparatus for providing secure linking to a user identity in a digital rights management system
JP6334275B2 (ja) 認証装置、認証方法、認証プログラム、及び認証システム
JP2015176167A (ja) ユーザ識別情報を安全に検証するためのネットワーク認証方法
BR112017026500B1 (pt) Gerenciamento de certificado de provedor de serviços
KR20150113639A (ko) 사용자 신원 인증을 안전하게 보장하기 위한 네트워크 인증 방법

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant