KR101791708B1 - 인증서 속성 기반 ip 보안 인증서 교환 방법 및 시스템 - Google Patents

인증서 속성 기반 ip 보안 인증서 교환 방법 및 시스템 Download PDF

Info

Publication number
KR101791708B1
KR101791708B1 KR1020127012090A KR20127012090A KR101791708B1 KR 101791708 B1 KR101791708 B1 KR 101791708B1 KR 1020127012090 A KR1020127012090 A KR 1020127012090A KR 20127012090 A KR20127012090 A KR 20127012090A KR 101791708 B1 KR101791708 B1 KR 101791708B1
Authority
KR
South Korea
Prior art keywords
certificate
terminal
computer
security
attributes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
KR1020127012090A
Other languages
English (en)
Korean (ko)
Other versions
KR20120094926A (ko
Inventor
아나톨리 파나시욱
다르샨 란제고우다
아브히섹 슈클라
Original Assignee
마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 filed Critical 마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Publication of KR20120094926A publication Critical patent/KR20120094926A/ko
Application granted granted Critical
Publication of KR101791708B1 publication Critical patent/KR101791708B1/ko
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/76Proxy, i.e. using intermediary entity to perform cryptographic operations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)
KR1020127012090A 2009-11-12 2010-10-28 인증서 속성 기반 ip 보안 인증서 교환 방법 및 시스템 Expired - Fee Related KR101791708B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12/616,789 US9912654B2 (en) 2009-11-12 2009-11-12 IP security certificate exchange based on certificate attributes
US12/616,789 2009-11-12
PCT/US2010/054573 WO2011059774A2 (en) 2009-11-12 2010-10-28 Ip security certificate exchange based on certificate attributes

Publications (2)

Publication Number Publication Date
KR20120094926A KR20120094926A (ko) 2012-08-27
KR101791708B1 true KR101791708B1 (ko) 2017-11-20

Family

ID=43975149

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020127012090A Expired - Fee Related KR101791708B1 (ko) 2009-11-12 2010-10-28 인증서 속성 기반 ip 보안 인증서 교환 방법 및 시스템

Country Status (6)

Country Link
US (1) US9912654B2 (https=)
EP (1) EP2499778B1 (https=)
JP (1) JP5714596B2 (https=)
KR (1) KR101791708B1 (https=)
CN (1) CN102612820B (https=)
WO (1) WO2011059774A2 (https=)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102010044518A1 (de) * 2010-09-07 2012-03-08 Siemens Aktiengesellschaft Verfahren zur Zertifikats-basierten Authentisierung
JP5880401B2 (ja) * 2012-11-15 2016-03-09 富士ゼロックス株式会社 通信装置及びプログラム
US20160366124A1 (en) * 2015-06-15 2016-12-15 Qualcomm Incorporated Configuration and authentication of wireless devices
JP6727292B2 (ja) * 2015-08-24 2020-07-22 華為技術有限公司Huawei Technologies Co.,Ltd. セキュリティ認証方法、構成方法、および関連デバイス
JP7208707B2 (ja) * 2017-02-17 2023-01-19 キヤノン株式会社 情報処理装置及びその制御方法とプログラム
WO2019133434A1 (en) * 2017-12-29 2019-07-04 Pensando Systems Inc. Methods and systems for cryptographic identity based network microsegmentation
KR102250081B1 (ko) 2019-02-22 2021-05-10 데이터얼라이언스 주식회사 공개 원장 기반 크리덴셜 자율적 운영 시스템 및 방법
US11783062B2 (en) 2021-02-16 2023-10-10 Microsoft Technology Licensing, Llc Risk-based access to computing environment secrets

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004274521A (ja) * 2003-03-11 2004-09-30 Hitachi Ltd サーバ装置、端末制御装置及び端末認証方法
US20060085850A1 (en) * 2004-10-14 2006-04-20 Microsoft Corporation System and methods for providing network quarantine using IPsec

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5530758A (en) * 1994-06-03 1996-06-25 Motorola, Inc. Operational methods for a secure node in a computer network
US5548646A (en) * 1994-09-15 1996-08-20 Sun Microsystems, Inc. System for signatureless transmission and reception of data packets between computer networks
CA2228687A1 (en) * 1998-02-04 1999-08-04 Brett Howard Secured virtual private networks
US7461250B1 (en) * 1999-07-22 2008-12-02 Rsa Security, Inc. System and method for certificate exchange
GB2357226B (en) * 1999-12-08 2003-07-16 Hewlett Packard Co Security protocol
US20020007346A1 (en) * 2000-06-06 2002-01-17 Xin Qiu Method and apparatus for establishing global trust bridge for multiple trust authorities
US7113996B2 (en) * 2000-07-21 2006-09-26 Sandy Craig Kronenberg Method and system for secured transport and storage of data on a network
US7072870B2 (en) * 2000-09-08 2006-07-04 Identrus, Llc System and method for providing authorization and other services
US6915437B2 (en) * 2000-12-20 2005-07-05 Microsoft Corporation System and method for improved network security
US7073055B1 (en) * 2001-02-22 2006-07-04 3Com Corporation System and method for providing distributed and dynamic network services for remote access server users
US7272714B2 (en) * 2002-05-31 2007-09-18 International Business Machines Corporation Method, apparatus, and program for automated trust zone partitioning
US7185199B2 (en) * 2002-08-30 2007-02-27 Xerox Corporation Apparatus and methods for providing secured communication
US20040093492A1 (en) * 2002-11-13 2004-05-13 Olivier Daude Virtual private network management with certificates
AR043588A1 (es) * 2003-03-12 2005-08-03 Nationwide Mutual Insurance Co Metodo para implementar un programa de administracion de riesgos
US7308711B2 (en) 2003-06-06 2007-12-11 Microsoft Corporation Method and framework for integrating a plurality of network policies
US20050086468A1 (en) * 2003-10-17 2005-04-21 Branislav Meandzija Digital certificate related to user terminal hardware in a wireless network
AU2005234051A1 (en) * 2004-04-12 2005-10-27 Intercomputer Corporation Secure messaging system
ZA200508074B (en) 2004-10-14 2007-12-27 Microsoft Corp System and methods for providing network quarantine using ipsec
KR100759489B1 (ko) 2004-11-18 2007-09-18 삼성전자주식회사 이동통신망에서 공개키 기반구조를 이용한 아이피보안터널의 보안 방법 및 장치
US20060174125A1 (en) * 2005-01-31 2006-08-03 Brookner George M Multiple cryptographic key security device
US20080022392A1 (en) * 2006-07-05 2008-01-24 Cisco Technology, Inc. Resolution of attribute overlap on authentication, authorization, and accounting servers
US20090025080A1 (en) * 2006-09-27 2009-01-22 Craig Lund System and method for authenticating a client to a server via an ipsec vpn and facilitating a secure migration to ssl vpn remote access
US8429734B2 (en) * 2007-07-31 2013-04-23 Symantec Corporation Method for detecting DNS redirects or fraudulent local certificates for SSL sites in pharming/phishing schemes by remote validation and using a credential manager and recorded certificate attributes
AU2009205675B2 (en) * 2008-01-18 2014-09-25 Identrust, Inc. Binding a digital certificate to multiple trust domains
US20100318788A1 (en) * 2009-06-12 2010-12-16 Alexandro Salvarani Method of managing secure communications
US8250866B2 (en) 2009-07-30 2012-08-28 Ford Global Technologies, Llc EGR extraction immediately downstream pre-turbo catalyst

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004274521A (ja) * 2003-03-11 2004-09-30 Hitachi Ltd サーバ装置、端末制御装置及び端末認証方法
US20060085850A1 (en) * 2004-10-14 2006-04-20 Microsoft Corporation System and methods for providing network quarantine using IPsec

Also Published As

Publication number Publication date
EP2499778A2 (en) 2012-09-19
EP2499778B1 (en) 2019-08-07
CN102612820B (zh) 2016-03-02
KR20120094926A (ko) 2012-08-27
WO2011059774A2 (en) 2011-05-19
CN102612820A (zh) 2012-07-25
US20110113481A1 (en) 2011-05-12
JP5714596B2 (ja) 2015-05-07
US9912654B2 (en) 2018-03-06
WO2011059774A3 (en) 2011-09-29
JP2013511209A (ja) 2013-03-28
EP2499778A4 (en) 2017-01-04

Similar Documents

Publication Publication Date Title
KR101791708B1 (ko) 인증서 속성 기반 ip 보안 인증서 교환 방법 및 시스템
CN112422532B (zh) 业务通信方法、系统、装置及电子设备
CN110086822B (zh) 面向微服务架构的统一身份认证策略的实现方法及系统
US10541991B2 (en) Method for OAuth service through blockchain network, and terminal and server using the same
CN102047262B (zh) 用于分布式安全内容管理系统的认证
CN104025503B (zh) 使用客户端平台信任根的网页认证
JP6349579B2 (ja) 条件付きログインプロモーション
US20080320566A1 (en) Device provisioning and domain join emulation over non-secured networks
CN103069774B (zh) 安全地接入所通知的服务
JP5260634B2 (ja) 段階的認証システム
CN101964800B (zh) 一种在ssl vpn中对数字证书用户认证的方法
JP4721191B2 (ja) プロキシ証明書の生成によるグリッド相互認証
JP2019536157A (ja) 透過性多要素認証およびセキュリティ取り組み姿勢チェックのためのシステムおよび方法
JP7403010B2 (ja) 共有化されたリソース識別
WO2016011827A1 (zh) 基于数字证书的信息安全实现方法及系统
KR20070032650A (ko) 속성 증명서를 이용하여 네트워크 디바이스에 대한 인증을가능케 하는 시스템 및 방법
CN101599967A (zh) 基于802.1x认证系统的权限控制方法及系统
WO2022143935A1 (zh) 基于区块链的sdp访问控制方法及系统
CN115242546A (zh) 一种基于零信任架构的工业控制系统访问控制方法
US20210336947A1 (en) Rogue certificate detection
CN101129043A (zh) 用于将客户机连接到网络的方法、系统和程序产品
EP3677006B1 (en) Detection of the network logon protocol used in pass-through authentication
Doddavula et al. Implementation of a Secure Genome Sequence Search Platform on Public Cloud: Leveraging Open Source Solutions
CN120165878A (zh) 一种设备接入网络的安全认证方法、装置、设备以及介质
CN115834182A (zh) 一种用户身份认证的方法、装置、存储介质及电子设备

Legal Events

Date Code Title Description
PA0105 International application

St.27 status event code: A-0-1-A10-A15-nap-PA0105

PG1501 Laying open of application

St.27 status event code: A-1-1-Q10-Q12-nap-PG1501

PN2301 Change of applicant

St.27 status event code: A-3-3-R10-R13-asn-PN2301

St.27 status event code: A-3-3-R10-R11-asn-PN2301

N231 Notification of change of applicant
PN2301 Change of applicant

St.27 status event code: A-3-3-R10-R13-asn-PN2301

St.27 status event code: A-3-3-R10-R11-asn-PN2301

A201 Request for examination
AMND Amendment
P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

PA0201 Request for examination

St.27 status event code: A-1-2-D10-D11-exm-PA0201

P22-X000 Classification modified

St.27 status event code: A-2-2-P10-P22-nap-X000

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

St.27 status event code: A-1-2-D10-D21-exm-PE0902

AMND Amendment
P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

E601 Decision to refuse application
PE0601 Decision on rejection of patent

St.27 status event code: N-2-6-B10-B15-exm-PE0601

X091 Application refused [patent]
T11-X000 Administrative time limit extension requested

St.27 status event code: U-3-3-T10-T11-oth-X000

T13-X000 Administrative time limit extension granted

St.27 status event code: U-3-3-T10-T13-oth-X000

AMND Amendment
E13-X000 Pre-grant limitation requested

St.27 status event code: A-2-3-E10-E13-lim-X000

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

PX0901 Re-examination

St.27 status event code: A-2-3-E10-E12-rex-PX0901

PX0701 Decision of registration after re-examination

St.27 status event code: A-3-4-F10-F13-rex-PX0701

X701 Decision to grant (after re-examination)
GRNT Written decision to grant
PR0701 Registration of establishment

St.27 status event code: A-2-4-F10-F11-exm-PR0701

PR1002 Payment of registration fee

St.27 status event code: A-2-2-U10-U12-oth-PR1002

Fee payment year number: 1

PG1601 Publication of registration

St.27 status event code: A-4-4-Q10-Q13-nap-PG1601

FPAY Annual fee payment

Payment date: 20201005

Year of fee payment: 4

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 4

FPAY Annual fee payment

Payment date: 20211005

Year of fee payment: 5

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 5

P22-X000 Classification modified

St.27 status event code: A-4-4-P10-P22-nap-X000

FPAY Annual fee payment

Payment date: 20220915

Year of fee payment: 6

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 6

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 7

PC1903 Unpaid annual fee

St.27 status event code: A-4-4-U10-U13-oth-PC1903

Not in force date: 20241025

Payment event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

H13 Ip right lapsed

Free format text: ST27 STATUS EVENT CODE: N-4-6-H10-H13-OTH-PC1903 (AS PROVIDED BY THE NATIONAL OFFICE); TERMINATION CATEGORY : DEFAULT_OF_REGISTRATION_FEE

Effective date: 20241025

PC1903 Unpaid annual fee

St.27 status event code: N-4-6-H10-H13-oth-PC1903

Ip right cessation event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

Not in force date: 20241025