DE60105326T2 - Infrastruktur für öffentliche Schlüssel - Google Patents

Infrastruktur für öffentliche Schlüssel Download PDF

Info

Publication number
DE60105326T2
DE60105326T2 DE60105326T DE60105326T DE60105326T2 DE 60105326 T2 DE60105326 T2 DE 60105326T2 DE 60105326 T DE60105326 T DE 60105326T DE 60105326 T DE60105326 T DE 60105326T DE 60105326 T2 DE60105326 T2 DE 60105326T2
Authority
DE
Germany
Prior art keywords
certificate
short
term
subject
unsigned
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE60105326T
Other languages
German (de)
English (en)
Other versions
DE60105326D1 (de
Inventor
Francisco Hayward Corella
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hewlett Packard Development Co LP
Original Assignee
Hewlett Packard Development Co LP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett Packard Development Co LP filed Critical Hewlett Packard Development Co LP
Application granted granted Critical
Publication of DE60105326D1 publication Critical patent/DE60105326D1/de
Publication of DE60105326T2 publication Critical patent/DE60105326T2/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
DE60105326T 2000-01-14 2001-01-11 Infrastruktur für öffentliche Schlüssel Expired - Lifetime DE60105326T2 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US483356 2000-01-14
US09/483,356 US6763459B1 (en) 2000-01-14 2000-01-14 Lightweight public key infrastructure employing disposable certificates

Publications (2)

Publication Number Publication Date
DE60105326D1 DE60105326D1 (de) 2004-10-14
DE60105326T2 true DE60105326T2 (de) 2005-09-22

Family

ID=23919730

Family Applications (1)

Application Number Title Priority Date Filing Date
DE60105326T Expired - Lifetime DE60105326T2 (de) 2000-01-14 2001-01-11 Infrastruktur für öffentliche Schlüssel

Country Status (4)

Country Link
US (1) US6763459B1 (enExample)
EP (1) EP1117207B1 (enExample)
JP (1) JP2001249612A (enExample)
DE (1) DE60105326T2 (enExample)

Families Citing this family (84)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000048108A1 (en) 1999-02-12 2000-08-17 Mack Hicks System and method for providing certification-related and other services
US7085931B1 (en) * 1999-09-03 2006-08-01 Secure Computing Corporation Virtual smart card system and method
US20020029200A1 (en) 1999-09-10 2002-03-07 Charles Dulin System and method for providing certificate validation and other services
HK1046173A1 (zh) * 1999-09-10 2002-12-27 Brandenburg Jackson 可便利销售者使用涉及证书和其他多种服务的系统和方法
AU778750B2 (en) * 1999-09-24 2004-12-16 Identrust, Inc. System and method for providing payment services in electronic commerce
US6871276B1 (en) 2000-04-05 2005-03-22 Microsoft Corporation Controlled-content recoverable blinded certificates
US6865671B1 (en) * 2000-04-07 2005-03-08 Sendmail, Inc. Electronic mail system with authentication methodology for supporting relaying in a message transfer agent
US7313692B2 (en) 2000-05-19 2007-12-25 Intertrust Technologies Corp. Trust management systems and methods
US20020087884A1 (en) * 2000-06-12 2002-07-04 Hovav Shacham Method and apparatus for enhancing network security protection server performance
US20020039420A1 (en) * 2000-06-12 2002-04-04 Hovav Shacham Method and apparatus for batched network security protection server performance
US20040015725A1 (en) * 2000-08-07 2004-01-22 Dan Boneh Client-side inspection and processing of secure content
US7137143B2 (en) 2000-08-07 2006-11-14 Ingrian Systems Inc. Method and system for caching secure web content
US7072870B2 (en) * 2000-09-08 2006-07-04 Identrus, Llc System and method for providing authorization and other services
WO2002021409A1 (en) * 2000-09-08 2002-03-14 Tallent Guy S System and method for transparently providing certificate validation and other services within an electronic transaction
DE10144750A1 (de) * 2000-11-27 2002-05-29 Esc Electronic System Concepts Verfahren zum Laden, Speichern und Darstellen von Webseiten
US7757278B2 (en) * 2001-01-04 2010-07-13 Safenet, Inc. Method and apparatus for transparent encryption
US20020194471A1 (en) * 2001-06-14 2002-12-19 International Business Machines Corporation Method and system for automatic LDAP removal of revoked X.509 digital certificates
US6854057B2 (en) * 2001-09-06 2005-02-08 America Online, Inc. Digital certificate proxy
US7925878B2 (en) * 2001-10-03 2011-04-12 Gemalto Sa System and method for creating a trusted network capable of facilitating secure open network transactions using batch credentials
US7571314B2 (en) 2001-12-13 2009-08-04 Intel Corporation Method of assembling authorization certificate chains
EP1488597B1 (en) * 2002-03-20 2013-01-23 Research In Motion Limited System and method for checking digital certificate status
JP2005346120A (ja) * 2002-05-31 2005-12-15 Mitsui & Co Ltd ネットワークマルチアクセス方法およびネットワークマルチアクセス用の生体情報認証機能を備えた電子デバイス
WO2004019182A2 (en) * 2002-08-24 2004-03-04 Ingrian Networks, Inc. Selective feature activation
US20060149962A1 (en) * 2003-07-11 2006-07-06 Ingrian Networks, Inc. Network attached encryption
JP4657641B2 (ja) * 2003-07-25 2011-03-23 株式会社リコー 証明書設定方法及び証明書設定装置
JP5348148B2 (ja) * 2003-07-25 2013-11-20 株式会社リコー 通信装置、通信システム、通信方法及びプログラム
JP4712326B2 (ja) * 2003-07-25 2011-06-29 株式会社リコー 通信装置、通信システム、通信方法及びプログラム
JP4611680B2 (ja) * 2003-07-25 2011-01-12 株式会社リコー 通信装置、通信システム、通信方法及びプログラム
EP1693983B1 (en) * 2003-07-25 2007-08-29 Ricoh Company, Ltd. Authentication system and method using individualized and non-individualized certificates
JP4657642B2 (ja) * 2003-07-25 2011-03-23 株式会社リコー 通信装置、通信システム、通信方法及びプログラム
JP4712325B2 (ja) 2003-09-12 2011-06-29 株式会社リコー 通信装置、通信システム、通信方法及びプログラム
US8015399B2 (en) * 2003-09-30 2011-09-06 Ricoh Company, Ltd. Communication apparatus, communication system, certificate transmission method and program
US7290278B2 (en) 2003-10-02 2007-10-30 Aol Llc, A Delaware Limited Liability Company Identity based service system
US9331990B2 (en) * 2003-12-22 2016-05-03 Assa Abloy Ab Trusted and unsupervised digital certificate generation using a security token
US7519835B2 (en) * 2004-05-20 2009-04-14 Safenet, Inc. Encrypted table indexes and searching encrypted tables
JP4314152B2 (ja) * 2004-05-21 2009-08-12 株式会社東芝 電子情報保証システム、業務端末
JP2005333596A (ja) * 2004-05-21 2005-12-02 Toshiba Corp 電子申請システム、電子申請装置
DE102005009867A1 (de) * 2005-03-04 2006-09-07 Deutscher Sparkassen Verlag Gmbh Verfahren zum Bereitstellen von elektronischen Zertifikaten zur Verwendung für elektronische Signaturen
US20070071243A1 (en) * 2005-09-23 2007-03-29 Microsoft Corporation Key validation service
US20070079386A1 (en) * 2005-09-26 2007-04-05 Brian Metzger Transparent encryption using secure encryption device
US20070079140A1 (en) * 2005-09-26 2007-04-05 Brian Metzger Data migration
US8386768B2 (en) * 2006-02-08 2013-02-26 Safenet, Inc. High performance data encryption server and method for transparently encrypting/decrypting data
US7958091B2 (en) 2006-02-16 2011-06-07 Ingrian Networks, Inc. Method for fast bulk loading data into a database while bypassing exit routines
JP5179471B2 (ja) * 2006-04-10 2013-04-10 モデール ビー.ブイ. データを安全に伝送するための装置および方法
WO2007143740A2 (en) * 2006-06-08 2007-12-13 Mastercard International Incorporated All-in-one proximity payment device with local authentication
US8379865B2 (en) * 2006-10-27 2013-02-19 Safenet, Inc. Multikey support for multiple office system
US8407767B2 (en) * 2007-01-18 2013-03-26 Microsoft Corporation Provisioning of digital identity representations
US8087072B2 (en) * 2007-01-18 2011-12-27 Microsoft Corporation Provisioning of digital identity representations
US8689296B2 (en) 2007-01-26 2014-04-01 Microsoft Corporation Remote access of digital identities
JP4128610B1 (ja) 2007-10-05 2008-07-30 グローバルサイン株式会社 サーバ証明書発行システム
US20090132804A1 (en) * 2007-11-21 2009-05-21 Prabir Paul Secured live software migration
EP2232761B1 (en) * 2008-01-18 2021-02-24 Identrust, Inc. Binding a digital certificate to multiple trust domains
CA2621147C (en) * 2008-02-15 2013-10-08 Connotech Experts-Conseils Inc. Method of bootstrapping an authenticated data session configuration
US8621222B1 (en) * 2008-05-30 2013-12-31 Adobe Systems Incorporated Archiving electronic content having digital signatures
JP4252620B1 (ja) * 2008-08-27 2009-04-08 グローバルサイン株式会社 サーバ証明書発行システム
GB2495648A (en) * 2008-09-11 2013-04-17 F Secure Oyj Maintaining a database of trusted public keys in a plurality of computer devices
GB2463467B (en) 2008-09-11 2013-03-06 F Secure Oyj Malware detection method and apparatus
US20100241852A1 (en) * 2009-03-20 2010-09-23 Rotem Sela Methods for Producing Products with Certificates and Keys
US20110154026A1 (en) * 2009-12-23 2011-06-23 Christofer Edstrom Systems and methods for parallel processing of ocsp requests during ssl handshake
US8621204B2 (en) 2009-12-23 2013-12-31 Citrix Systems, Inc. Systems and methods for evaluating and prioritizing responses from multiple OCSP responders
US8627063B2 (en) 2009-12-23 2014-01-07 Citrix Systems, Inc. Systems and methods for flash crowd control and batching OCSP requests via online certificate status protocol
US9237017B2 (en) 2011-03-21 2016-01-12 Microsoft Technology Licensing, Llc Lightweight authentication for on-premise rich clients
US8848919B2 (en) * 2011-06-17 2014-09-30 Assa Abloy Ab Revocation status using other credentials
US8627066B2 (en) * 2011-11-03 2014-01-07 Cleversafe, Inc. Processing a dispersed storage network access request utilizing certificate chain validation information
EP2605178B1 (en) * 2011-12-02 2018-10-17 BlackBerry Limited Method and device for secure notification of identity
US8744078B2 (en) 2012-06-05 2014-06-03 Secure Channels Sa System and method for securing multiple data segments having different lengths using pattern keys having multiple different strengths
CN102833593B (zh) * 2012-07-17 2015-12-16 晨星软件研发(深圳)有限公司 一种智能电视应用的授权方法、系统及智能电视
US11210380B2 (en) 2013-05-13 2021-12-28 Veridium Ip Limited System and method for authorizing access to access-controlled environments
US9003196B2 (en) 2013-05-13 2015-04-07 Hoyos Labs Corp. System and method for authorizing access to access-controlled environments
US9386008B2 (en) * 2013-08-19 2016-07-05 Smartguard, Llc Secure installation of encryption enabling software onto electronic devices
US9838388B2 (en) 2014-08-26 2017-12-05 Veridium Ip Limited System and method for biometric protocol standards
KR102217916B1 (ko) * 2013-12-31 2021-02-22 베리디움 아이피 리미티드 생체측정 프로토콜 표준들을 위한 시스템 및 방법
US20160344725A1 (en) * 2014-04-02 2016-11-24 William B. SEVERIN Signal haystacks
US9843452B2 (en) 2014-12-15 2017-12-12 Amazon Technologies, Inc. Short-duration digital certificate issuance based on long-duration digital certificate validation
KR101661930B1 (ko) * 2015-08-03 2016-10-05 주식회사 코인플러그 블록체인을 기반으로 하는 공인인증서 발급시스템
US11329980B2 (en) 2015-08-21 2022-05-10 Veridium Ip Limited System and method for biometric protocol standards
US9613221B1 (en) * 2015-12-30 2017-04-04 Quixey, Inc. Signed application cards
US10057288B2 (en) 2016-03-25 2018-08-21 Ca, Inc. Synchronized issuance of public X.509 digital certificates
US10609011B2 (en) 2016-03-25 2020-03-31 Ca, Inc. Synchronized issuance of public X.509 digital certificates
US10063536B2 (en) 2016-03-25 2018-08-28 Ca, Inc. Short term or one-time-use X.509 digital certificates
US10103883B2 (en) 2016-03-25 2018-10-16 Ca, Inc. Queueing construct for X.509 digital certificates
US10055926B2 (en) 2016-09-09 2018-08-21 Tyco Integrated Security, LLC Architecture for access management
JP6647259B2 (ja) * 2017-09-19 2020-02-14 セコム株式会社 証明書管理装置
US11671264B1 (en) * 2020-09-18 2023-06-06 Amazon Technologies, Inc. Validating certificate information before signing

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4881264A (en) 1987-07-30 1989-11-14 Merkle Ralph C Digital signature system and method based on a conventional encryption function
US5224163A (en) 1990-09-28 1993-06-29 Digital Equipment Corporation Method for delegating authorization from one entity to another through the use of session encryption keys
US5276901A (en) 1991-12-16 1994-01-04 International Business Machines Corporation System for controlling group access to objects using group access control folder and group identification as individual user
US5210795A (en) 1992-01-10 1993-05-11 Digital Equipment Corporation Secure user authentication from personal computer
US5796841A (en) 1995-08-21 1998-08-18 Pitney Bowes Inc. Secure user certification for electronic commerce employing value metering system
US5793868A (en) 1996-08-29 1998-08-11 Micali; Silvio Certificate revocation system
US6023506A (en) 1995-10-26 2000-02-08 Hitachi, Ltd. Data encryption control apparatus and method
US6029150A (en) * 1996-10-04 2000-02-22 Certco, Llc Payment and transactions in electronic commerce system
US5996076A (en) * 1997-02-19 1999-11-30 Verifone, Inc. System, method and article of manufacture for secure digital certification of electronic commerce
US5982898A (en) 1997-03-07 1999-11-09 At&T Corp. Certification process
US6044462A (en) 1997-04-02 2000-03-28 Arcanvs Method and apparatus for managing key revocation
US6212636B1 (en) 1997-05-01 2001-04-03 Itt Manufacturing Enterprises Method for establishing trust in a computer network via association
US6202151B1 (en) 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
JPH10327147A (ja) 1997-05-21 1998-12-08 Hitachi Ltd 電子認証公証方法およびシステム
US6125349A (en) 1997-10-01 2000-09-26 At&T Corp. Method and apparatus using digital credentials and other electronic certificates for electronic transactions
US6058484A (en) 1997-10-09 2000-05-02 International Business Machines Corporation Systems, methods and computer program products for selection of date limited information
US6092201A (en) 1997-10-24 2000-07-18 Entrust Technologies Method and apparatus for extending secure communication operations via a shared list
JP3905961B2 (ja) 1997-11-11 2007-04-18 インターナショナル・ビジネス・マシーンズ・コーポレーション 臨時署名認証の方法及びそのシステム
US6263446B1 (en) 1997-12-23 2001-07-17 Arcot Systems, Inc. Method and apparatus for secure distribution of authentication credentials to roaming users
WO1999035783A1 (en) 1998-01-09 1999-07-15 Cybersafe Corporation Client side public key authentication method and apparatus with short-lived certificates
US6324645B1 (en) 1998-08-11 2001-11-27 Verisign, Inc. Risk management for public key management infrastructure using digital certificates
US6327578B1 (en) 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
US6484259B1 (en) 1999-07-23 2002-11-19 Microsoft Corporation Methods and arrangements for mapping widely disparate portable tokens to a static machine concentric cryptographic environment
WO2001043344A1 (en) 1999-12-13 2001-06-14 Rsa Security Inc. System and method for generating and managing attribute certificates
US7353204B2 (en) 2001-04-03 2008-04-01 Zix Corporation Certified transmission system

Also Published As

Publication number Publication date
DE60105326D1 (de) 2004-10-14
JP2001249612A (ja) 2001-09-14
EP1117207B1 (en) 2004-09-08
EP1117207A3 (en) 2002-10-09
EP1117207A2 (en) 2001-07-18
US6763459B1 (en) 2004-07-13

Similar Documents

Publication Publication Date Title
DE60105326T2 (de) Infrastruktur für öffentliche Schlüssel
DE60112546T2 (de) Bestätigungsdienst mit öffentlichem schlüssel
DE60102490T2 (de) Infrastruktur für öffentliche Schlüssel
DE602005001613T2 (de) Einrichten eines sicheren kontexts zur übermittlung von nachrichten zwischen computersystemen
US7340600B1 (en) Authorization infrastructure based on public key cryptography
DE60119857T2 (de) Verfahren und Vorrichtung zur Ausführung von gesicherten Transaktionen
DE60123048T2 (de) Verfahren und vorrichtung für selbstauthentifizierende digitale aufzeichnungen
DE60026468T2 (de) Digitales Zertifikat mit Berechtigungsdaten
DE60119834T2 (de) Verfahren und System für gesicherte Legacy-Enklaven in einer Infrastruktur mit öffentlichem Schlüssel
DE60212577T2 (de) Verfahren und vorrichtung zur beglaubigung von daten
DE60124011T2 (de) Verfahren und system zur autorisierung der erzeugung asymmetrischer kryptoschlüssel
DE60311036T2 (de) Verfahren zur Authentisierung potentieller Mitglieder eingeladen, eine Gruppe anzuschliessen
DE602004012996T2 (de) Verfahren und vorrichtung zum authentifizieren von benutzern und websites
DE112020004236T5 (de) Vorwärts gerichtete sicherheit in der transport layer security unter verwendung von ephemeren schlüsseln
DE112018005203T5 (de) Authentifizierung unter Verwendung von delegierten Identitäten
EP4092958B1 (de) Ausstellen eines digitalen verifizierbaren credentials
EP3114600B1 (de) Sicherheitssystem mit zugriffskontrolle
EP3182318A1 (de) Signaturgenerierung durch ein sicherheitstoken
WO2022200035A1 (de) Verfahren und vorrichtung zum erzeugen, bereitstellen und weitergeben eines vertrauenswürdigen elektronischen datensatzes oder zertifikates basierend auf einem einen nutzer betreffenden elektronischen dokument
EP4270863A1 (de) Sichere wiederherstellung privater schlüssel
DE60318073T2 (de) Gruppensignaturschema
DE60122828T2 (de) Vorrichtung und Verfahren zur Erzeugung eines Unterschriftszertifikats in einer Infrastruktur mit öffentlichen Schlüsseln
EP3540623B1 (de) Verfahren zur erzeugung eines pseudonyms mit hilfe eines id-tokens
DE602005003631T2 (de) Ausschluss der Passwortaufdeckung bei Attributzertifikatausgabe
DE60021985T2 (de) Verfahren ind vorrichtung zur sicheren erzeugung von öffentlichen/geheimen schlüsselpaaren

Legal Events

Date Code Title Description
8364 No opposition during term of opposition