SG10201806366TA - Apparatus and method for managing digital certificates - Google Patents

Apparatus and method for managing digital certificates

Info

Publication number
SG10201806366TA
SG10201806366TA SG10201806366TA SG10201806366TA SG10201806366TA SG 10201806366T A SG10201806366T A SG 10201806366TA SG 10201806366T A SG10201806366T A SG 10201806366TA SG 10201806366T A SG10201806366T A SG 10201806366TA SG 10201806366T A SG10201806366T A SG 10201806366TA
Authority
SG
Singapore
Prior art keywords
client device
irp
server
request
digital certificates
Prior art date
Application number
SG10201806366TA
Inventor
Lawrence Hughes
Original Assignee
Sixscape Communications Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sixscape Communications Pte Ltd filed Critical Sixscape Communications Pte Ltd
Publication of SG10201806366TA publication Critical patent/SG10201806366TA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]

Abstract

Apparatus And Method For Managing Digital Certificates 5 An apparatus and a method for managing user identity, the method comprising: establishing a connection secured with Transport Layer Security (TLS) from a client device to an IRP server; authenticating, at the IRP server, user login via the client device, with Strong Client Authentication (SCA) or Username/Password Authentication (UPA); upon request from the client device, registering or retrieving at the IRP server user identity information comprising user 10 information, and an Internet Protocol (IP) address of the client device; upon request from the client device, registering or retrieving at the IRP server one or more digital certificate; sending from the client device to the IRP server a Certificate Signing Request (CSR) via the secured connection; upon request from the client device, returning a signed digital certificate from the IRP server to the client device; sending a PKCS#12 package from the client device to the IRP 15 server; and upon request from the client device, returning a PKCS#12 package from the IRP server to the client device. Figure 2
SG10201806366TA 2015-03-25 2016-01-15 Apparatus and method for managing digital certificates SG10201806366TA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SG10201502376W 2015-03-25
SG10201503999R 2015-05-21

Publications (1)

Publication Number Publication Date
SG10201806366TA true SG10201806366TA (en) 2018-08-30

Family

ID=55315681

Family Applications (2)

Application Number Title Priority Date Filing Date
SG11201802931XA SG11201802931XA (en) 2015-03-25 2016-01-15 Apparatus and method for managing digital certificates
SG10201806366TA SG10201806366TA (en) 2015-03-25 2016-01-15 Apparatus and method for managing digital certificates

Family Applications Before (1)

Application Number Title Priority Date Filing Date
SG11201802931XA SG11201802931XA (en) 2015-03-25 2016-01-15 Apparatus and method for managing digital certificates

Country Status (3)

Country Link
US (1) US10630489B2 (en)
SG (2) SG11201802931XA (en)
WO (1) WO2016153423A1 (en)

Families Citing this family (76)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7991910B2 (en) 2008-11-17 2011-08-02 Amazon Technologies, Inc. Updating routing information based on client location
US7962597B2 (en) 2008-03-31 2011-06-14 Amazon Technologies, Inc. Request routing based on class
US9003035B1 (en) 2010-09-28 2015-04-07 Amazon Technologies, Inc. Point of presence management in request routing
US10467042B1 (en) 2011-04-27 2019-11-05 Amazon Technologies, Inc. Optimized deployment based upon customer locality
US9154551B1 (en) 2012-06-11 2015-10-06 Amazon Technologies, Inc. Processing DNS queries to identify pre-processing information
US10097448B1 (en) 2014-12-18 2018-10-09 Amazon Technologies, Inc. Routing mode and point-of-presence selection service
US9832141B1 (en) 2015-05-13 2017-11-28 Amazon Technologies, Inc. Routing based request correlation
US10305871B2 (en) 2015-12-09 2019-05-28 Cloudflare, Inc. Dynamically serving digital certificates based on secure session properties
MA44905A (en) * 2016-04-05 2018-05-09 Mi Group B V FLIGHT INFORMATION SYSTEM AND PROCESS
US10764067B2 (en) * 2016-05-23 2020-09-01 Pomian & Corella, Llc Operation of a certificate authority on a distributed ledger
US10075551B1 (en) 2016-06-06 2018-09-11 Amazon Technologies, Inc. Request management for hierarchical cache
US10110694B1 (en) 2016-06-29 2018-10-23 Amazon Technologies, Inc. Adaptive transfer rate for retrieving content from a server
US10356087B1 (en) * 2016-08-26 2019-07-16 Intelligent Waves Llc System, method and computer program product for credential provisioning in a mobile device platform
US11165591B2 (en) * 2016-09-08 2021-11-02 Cable Television Laboratories, Inc. System and method for a dynamic-PKI for a social certificate authority
EP3510803B1 (en) * 2016-09-12 2021-04-28 Telefonaktiebolaget LM Ericsson (publ) Secure link layer connection over wireless local area networks
US10505961B2 (en) * 2016-10-05 2019-12-10 Amazon Technologies, Inc. Digitally signed network address
CN106453380B (en) * 2016-10-28 2019-12-31 美的智慧家居科技有限公司 Key agreement method and device
US10592660B2 (en) * 2016-11-22 2020-03-17 Microsoft Technology Licensing, Llc Capability access management
BR112019011784A2 (en) * 2016-12-14 2019-10-29 Idac Holdings Inc method, and server-side network connection point.
US10831549B1 (en) 2016-12-27 2020-11-10 Amazon Technologies, Inc. Multi-region request-driven code execution system
WO2018138713A1 (en) * 2017-01-29 2018-08-02 Beame. Io Ltd. Establishing an ad-hoc secure connection between two electronic computing devices using a self-expiring locally transmitted information packet
ES2687717A1 (en) * 2017-04-26 2018-10-26 Universidad Carlos Iii De Madrid Method and mobile device to issue digital certificates to electronic devices (Machine-translation by Google Translate, not legally binding)
US10805091B2 (en) * 2017-04-28 2020-10-13 Sap Se Certificate tracking
CN107332833B (en) * 2017-06-22 2021-05-18 宇龙计算机通信科技(深圳)有限公司 Verification method and device
WO2019036756A1 (en) * 2017-08-21 2019-02-28 Johnston Nigel Luke A digitally certified ecosystem
JP6644037B2 (en) * 2017-09-08 2020-02-12 株式会社東芝 Communication control system
US10530746B2 (en) 2017-10-17 2020-01-07 Servicenow, Inc. Deployment of a custom address to a remotely managed computational instance
US11025419B2 (en) * 2017-11-15 2021-06-01 Alexander J. M. Van Der Velden System for digital identity authentication and methods of use
US10574444B2 (en) * 2018-01-22 2020-02-25 Citrix Systems, Inc. Systems and methods for secured web application data traffic
US20190296918A1 (en) * 2018-03-23 2019-09-26 Proofshow Inc. Method and system for issuing proof-equipped certificates for certificate authority
US11888997B1 (en) * 2018-04-03 2024-01-30 Amazon Technologies, Inc. Certificate manager
US10979232B2 (en) * 2018-05-31 2021-04-13 Motorola Solutions, Inc. Method for provisioning device certificates for electronic processors in untrusted environments
CN111163036B (en) * 2018-11-07 2022-03-29 中移(苏州)软件技术有限公司 Data sharing method, device, client, storage medium and system
US10439825B1 (en) * 2018-11-13 2019-10-08 INTEGRITY Security Services, Inc. Providing quality of service for certificate management systems
GB2579574B (en) * 2018-12-03 2021-08-11 Advanced Risc Mach Ltd Bootstrapping with common credential data
US11245685B2 (en) * 2019-01-23 2022-02-08 Mcafee, Llc Methods and apparatus to verify encrypted handshakes
US10728044B1 (en) 2019-02-22 2020-07-28 Beyond Identity Inc. User authentication with self-signed certificate and identity verification and migration
CN109714167B (en) * 2019-03-15 2020-08-25 北京邮电大学 Identity authentication and key agreement method and equipment suitable for mobile application signature
US11457010B2 (en) 2019-04-05 2022-09-27 Comcast Cable Communications, Llc Mutual secure communications
ZA201904570B (en) 2019-07-12 2020-03-25 Entersekt Pty Ltd System and method for validation of possession-based authentication response
CN110351302B (en) * 2019-07-29 2021-08-31 杭州复杂美科技有限公司 Bank account login method, equipment and storage medium
CN110830569A (en) * 2019-11-01 2020-02-21 国云科技股份有限公司 Page permission access level control method based on multi-cloud management platform
EP3836489B1 (en) * 2019-12-09 2023-09-27 Siemens Aktiengesellschaft Dynamic allocation of automation units to automation servers
CN111177745B (en) * 2019-12-12 2023-06-27 湖南科技大学 Nonlinear phase-truncated double-image encryption and decryption method
CN111342970B (en) * 2019-12-27 2023-03-28 航天信息股份有限公司 Digital certificate management method and system
US11411925B2 (en) 2019-12-31 2022-08-09 Oracle International Corporation Methods, systems, and computer readable media for implementing indirect general packet radio service (GPRS) tunneling protocol (GTP) firewall filtering using diameter agent and signal transfer point (STP)
US11601289B2 (en) * 2020-01-07 2023-03-07 Microsoft Technology Licensing, Llc Securely rotating a server certificate
US11258779B2 (en) * 2020-01-14 2022-02-22 Cisco Technology, Inc. Wireless LAN (WLAN) public identity federation trust architecture
US11310273B2 (en) 2020-01-23 2022-04-19 Rockwell Collins, Inc. Secure network aggregation protocol
EP3866428B1 (en) 2020-02-13 2021-12-29 Axis AB A method for re-provisioning a digital security certificate and a system and a non-transitory computer program product thereof
US11509487B2 (en) 2020-03-16 2022-11-22 Kaseya Limited System for rollout of certificates to client and server independent of public key infrastructure
US11424941B2 (en) * 2020-04-29 2022-08-23 Blackberry Limited Method and system for handling dynamic cybersecurity posture of a V2X entity
US11134074B1 (en) 2020-05-22 2021-09-28 Fmr Llc Systems and methods for secure HTTP connections using a distributed certificate validation model
US11477188B2 (en) * 2020-07-01 2022-10-18 Citrix Systems, Inc. Injection of tokens or client certificates for managed application communication
US11553342B2 (en) 2020-07-14 2023-01-10 Oracle International Corporation Methods, systems, and computer readable media for mitigating 5G roaming security attacks using security edge protection proxy (SEPP)
US11751056B2 (en) 2020-08-31 2023-09-05 Oracle International Corporation Methods, systems, and computer readable media for 5G user equipment (UE) historical mobility tracking and security screening using mobility patterns
US11825310B2 (en) 2020-09-25 2023-11-21 Oracle International Corporation Methods, systems, and computer readable media for mitigating 5G roaming spoofing attacks
US11832172B2 (en) 2020-09-25 2023-11-28 Oracle International Corporation Methods, systems, and computer readable media for mitigating spoofing attacks on security edge protection proxy (SEPP) inter-public land mobile network (inter-PLMN) forwarding interface
US11622255B2 (en) 2020-10-21 2023-04-04 Oracle International Corporation Methods, systems, and computer readable media for validating a session management function (SMF) registration request
US11246032B1 (en) * 2020-10-29 2022-02-08 Motional Ad Llc Device provisioning and authentication
US11528251B2 (en) * 2020-11-06 2022-12-13 Oracle International Corporation Methods, systems, and computer readable media for ingress message rate limiting
US11770694B2 (en) 2020-11-16 2023-09-26 Oracle International Corporation Methods, systems, and computer readable media for validating location update messages
US11818570B2 (en) 2020-12-15 2023-11-14 Oracle International Corporation Methods, systems, and computer readable media for message validation in fifth generation (5G) communications networks
US11812271B2 (en) 2020-12-17 2023-11-07 Oracle International Corporation Methods, systems, and computer readable media for mitigating 5G roaming attacks for internet of things (IoT) devices based on expected user equipment (UE) behavior patterns
CN112839030B (en) * 2020-12-24 2022-09-20 航天信息股份有限公司 Certificate calling system and method based on message driving
CN113014546B (en) * 2021-01-29 2022-04-15 深圳市风云实业有限公司 Certificate-based authentication registration state management method and system
US11700510B2 (en) 2021-02-12 2023-07-11 Oracle International Corporation Methods, systems, and computer readable media for short message delivery status report validation
US11516671B2 (en) 2021-02-25 2022-11-29 Oracle International Corporation Methods, systems, and computer readable media for mitigating location tracking and denial of service (DoS) attacks that utilize access and mobility management function (AMF) location service
US11689912B2 (en) 2021-05-12 2023-06-27 Oracle International Corporation Methods, systems, and computer readable media for conducting a velocity check for outbound subscribers roaming to neighboring countries
EP4141723A1 (en) * 2021-08-25 2023-03-01 Hewlett-Packard Development Company, L.P. Verifying signatures
US11516022B1 (en) * 2021-10-31 2022-11-29 Snowflake Inc. Certificate revocation check proxy service
US11683286B2 (en) * 2021-11-18 2023-06-20 Cisco Technology, Inc. Anonymizing server-side addresses
CN114143010A (en) * 2021-11-25 2022-03-04 上海派拉软件股份有限公司 Digital certificate acquisition method, device, terminal, system and storage medium
CN114268439B (en) * 2021-12-16 2023-09-15 中原工学院 Identity-based authentication key negotiation method based on grid
WO2023154070A1 (en) * 2022-02-14 2023-08-17 Rakuten Mobile, Inc. Certificate enrollment system and method for non-virtual machine based network element
CN116346396A (en) * 2022-12-15 2023-06-27 北京航星永志科技有限公司 Digital certificate distribution method, device, electronic equipment and storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060143442A1 (en) * 2004-12-24 2006-06-29 Smith Sander A Automated issuance of SSL certificates
US9330245B2 (en) * 2011-12-01 2016-05-03 Dashlane SAS Cloud-based data backup and sync with secure local storage of access keys

Also Published As

Publication number Publication date
WO2016153423A1 (en) 2016-09-29
US20190074982A1 (en) 2019-03-07
SG11201802931XA (en) 2018-05-30
US10630489B2 (en) 2020-04-21

Similar Documents

Publication Publication Date Title
SG10201806366TA (en) Apparatus and method for managing digital certificates
GB2566874A (en) Method for obtaining vetted certificates by microservices in elastic cloud environments
JP2017516328A5 (en)
WO2013106688A3 (en) Authenticating cloud computing enabling secure services
WO2016167932A3 (en) Authentication of a client device based on entropy from a server or other device
BR112017003018A2 (en) secure provision of an authentication credential
MX361152B (en) Provisioning drm credentials on a client device using an update server.
WO2016175914A3 (en) Transaction signing utilizing asymmetric cryptography
JP2017535837A5 (en)
TW201612787A (en) Network authentication method for secure electronic transactions
BR112017002747A2 (en) computer implemented method, and, computer system.
JP2013508854A5 (en)
JP2017513265A5 (en)
JP2017530586A5 (en)
GB2523710A (en) Multi-factor authentication and comprehensive login system for client-server networks
RU2016147697A (en) METHOD AND DEVICE FOR OBTAINING A CERTIFICATE
IN2014MN01517A (en)
WO2015139630A3 (en) Fast authentication for inter-domain handovers
WO2014042992A3 (en) Establishing and using credentials for a common lightweight identity
MY171259A (en) System and method for identity-based entity authentication for client-server communications
WO2011017099A3 (en) Secure communication using asymmetric cryptography and light-weight certificates
WO2015056010A3 (en) Registry apparatus, agent device, application providing apparatus and corresponding methods
JP2016515369A5 (en)
WO2013032671A4 (en) Methods and apparatus for source authentication of messages that are secured with a group key
JP2017050849A5 (en)