SG10201806366TA - Apparatus and method for managing digital certificates - Google Patents
Apparatus and method for managing digital certificatesInfo
- Publication number
- SG10201806366TA SG10201806366TA SG10201806366TA SG10201806366TA SG10201806366TA SG 10201806366T A SG10201806366T A SG 10201806366TA SG 10201806366T A SG10201806366T A SG 10201806366TA SG 10201806366T A SG10201806366T A SG 10201806366TA SG 10201806366T A SG10201806366T A SG 10201806366TA
- Authority
- SG
- Singapore
- Prior art keywords
- client device
- irp
- server
- request
- digital certificates
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
Abstract
Apparatus And Method For Managing Digital Certificates 5 An apparatus and a method for managing user identity, the method comprising: establishing a connection secured with Transport Layer Security (TLS) from a client device to an IRP server; authenticating, at the IRP server, user login via the client device, with Strong Client Authentication (SCA) or Username/Password Authentication (UPA); upon request from the client device, registering or retrieving at the IRP server user identity information comprising user 10 information, and an Internet Protocol (IP) address of the client device; upon request from the client device, registering or retrieving at the IRP server one or more digital certificate; sending from the client device to the IRP server a Certificate Signing Request (CSR) via the secured connection; upon request from the client device, returning a signed digital certificate from the IRP server to the client device; sending a PKCS#12 package from the client device to the IRP 15 server; and upon request from the client device, returning a PKCS#12 package from the IRP server to the client device. Figure 2
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
SG10201502376W | 2015-03-25 | ||
SG10201503999R | 2015-05-21 |
Publications (1)
Publication Number | Publication Date |
---|---|
SG10201806366TA true SG10201806366TA (en) | 2018-08-30 |
Family
ID=55315681
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
SG11201802931XA SG11201802931XA (en) | 2015-03-25 | 2016-01-15 | Apparatus and method for managing digital certificates |
SG10201806366TA SG10201806366TA (en) | 2015-03-25 | 2016-01-15 | Apparatus and method for managing digital certificates |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
SG11201802931XA SG11201802931XA (en) | 2015-03-25 | 2016-01-15 | Apparatus and method for managing digital certificates |
Country Status (3)
Country | Link |
---|---|
US (1) | US10630489B2 (en) |
SG (2) | SG11201802931XA (en) |
WO (1) | WO2016153423A1 (en) |
Families Citing this family (76)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7991910B2 (en) | 2008-11-17 | 2011-08-02 | Amazon Technologies, Inc. | Updating routing information based on client location |
US7962597B2 (en) | 2008-03-31 | 2011-06-14 | Amazon Technologies, Inc. | Request routing based on class |
US9003035B1 (en) | 2010-09-28 | 2015-04-07 | Amazon Technologies, Inc. | Point of presence management in request routing |
US10467042B1 (en) | 2011-04-27 | 2019-11-05 | Amazon Technologies, Inc. | Optimized deployment based upon customer locality |
US9154551B1 (en) | 2012-06-11 | 2015-10-06 | Amazon Technologies, Inc. | Processing DNS queries to identify pre-processing information |
US10097448B1 (en) | 2014-12-18 | 2018-10-09 | Amazon Technologies, Inc. | Routing mode and point-of-presence selection service |
US9832141B1 (en) | 2015-05-13 | 2017-11-28 | Amazon Technologies, Inc. | Routing based request correlation |
US10305871B2 (en) | 2015-12-09 | 2019-05-28 | Cloudflare, Inc. | Dynamically serving digital certificates based on secure session properties |
MA44905A (en) * | 2016-04-05 | 2018-05-09 | Mi Group B V | FLIGHT INFORMATION SYSTEM AND PROCESS |
US10764067B2 (en) * | 2016-05-23 | 2020-09-01 | Pomian & Corella, Llc | Operation of a certificate authority on a distributed ledger |
US10075551B1 (en) | 2016-06-06 | 2018-09-11 | Amazon Technologies, Inc. | Request management for hierarchical cache |
US10110694B1 (en) | 2016-06-29 | 2018-10-23 | Amazon Technologies, Inc. | Adaptive transfer rate for retrieving content from a server |
US10356087B1 (en) * | 2016-08-26 | 2019-07-16 | Intelligent Waves Llc | System, method and computer program product for credential provisioning in a mobile device platform |
US11165591B2 (en) * | 2016-09-08 | 2021-11-02 | Cable Television Laboratories, Inc. | System and method for a dynamic-PKI for a social certificate authority |
EP3510803B1 (en) * | 2016-09-12 | 2021-04-28 | Telefonaktiebolaget LM Ericsson (publ) | Secure link layer connection over wireless local area networks |
US10505961B2 (en) * | 2016-10-05 | 2019-12-10 | Amazon Technologies, Inc. | Digitally signed network address |
CN106453380B (en) * | 2016-10-28 | 2019-12-31 | 美的智慧家居科技有限公司 | Key agreement method and device |
US10592660B2 (en) * | 2016-11-22 | 2020-03-17 | Microsoft Technology Licensing, Llc | Capability access management |
BR112019011784A2 (en) * | 2016-12-14 | 2019-10-29 | Idac Holdings Inc | method, and server-side network connection point. |
US10831549B1 (en) | 2016-12-27 | 2020-11-10 | Amazon Technologies, Inc. | Multi-region request-driven code execution system |
WO2018138713A1 (en) * | 2017-01-29 | 2018-08-02 | Beame. Io Ltd. | Establishing an ad-hoc secure connection between two electronic computing devices using a self-expiring locally transmitted information packet |
ES2687717A1 (en) * | 2017-04-26 | 2018-10-26 | Universidad Carlos Iii De Madrid | Method and mobile device to issue digital certificates to electronic devices (Machine-translation by Google Translate, not legally binding) |
US10805091B2 (en) * | 2017-04-28 | 2020-10-13 | Sap Se | Certificate tracking |
CN107332833B (en) * | 2017-06-22 | 2021-05-18 | 宇龙计算机通信科技(深圳)有限公司 | Verification method and device |
WO2019036756A1 (en) * | 2017-08-21 | 2019-02-28 | Johnston Nigel Luke | A digitally certified ecosystem |
JP6644037B2 (en) * | 2017-09-08 | 2020-02-12 | 株式会社東芝 | Communication control system |
US10530746B2 (en) | 2017-10-17 | 2020-01-07 | Servicenow, Inc. | Deployment of a custom address to a remotely managed computational instance |
US11025419B2 (en) * | 2017-11-15 | 2021-06-01 | Alexander J. M. Van Der Velden | System for digital identity authentication and methods of use |
US10574444B2 (en) * | 2018-01-22 | 2020-02-25 | Citrix Systems, Inc. | Systems and methods for secured web application data traffic |
US20190296918A1 (en) * | 2018-03-23 | 2019-09-26 | Proofshow Inc. | Method and system for issuing proof-equipped certificates for certificate authority |
US11888997B1 (en) * | 2018-04-03 | 2024-01-30 | Amazon Technologies, Inc. | Certificate manager |
US10979232B2 (en) * | 2018-05-31 | 2021-04-13 | Motorola Solutions, Inc. | Method for provisioning device certificates for electronic processors in untrusted environments |
CN111163036B (en) * | 2018-11-07 | 2022-03-29 | 中移(苏州)软件技术有限公司 | Data sharing method, device, client, storage medium and system |
US10439825B1 (en) * | 2018-11-13 | 2019-10-08 | INTEGRITY Security Services, Inc. | Providing quality of service for certificate management systems |
GB2579574B (en) * | 2018-12-03 | 2021-08-11 | Advanced Risc Mach Ltd | Bootstrapping with common credential data |
US11245685B2 (en) * | 2019-01-23 | 2022-02-08 | Mcafee, Llc | Methods and apparatus to verify encrypted handshakes |
US10728044B1 (en) | 2019-02-22 | 2020-07-28 | Beyond Identity Inc. | User authentication with self-signed certificate and identity verification and migration |
CN109714167B (en) * | 2019-03-15 | 2020-08-25 | 北京邮电大学 | Identity authentication and key agreement method and equipment suitable for mobile application signature |
US11457010B2 (en) | 2019-04-05 | 2022-09-27 | Comcast Cable Communications, Llc | Mutual secure communications |
ZA201904570B (en) | 2019-07-12 | 2020-03-25 | Entersekt Pty Ltd | System and method for validation of possession-based authentication response |
CN110351302B (en) * | 2019-07-29 | 2021-08-31 | 杭州复杂美科技有限公司 | Bank account login method, equipment and storage medium |
CN110830569A (en) * | 2019-11-01 | 2020-02-21 | 国云科技股份有限公司 | Page permission access level control method based on multi-cloud management platform |
EP3836489B1 (en) * | 2019-12-09 | 2023-09-27 | Siemens Aktiengesellschaft | Dynamic allocation of automation units to automation servers |
CN111177745B (en) * | 2019-12-12 | 2023-06-27 | 湖南科技大学 | Nonlinear phase-truncated double-image encryption and decryption method |
CN111342970B (en) * | 2019-12-27 | 2023-03-28 | 航天信息股份有限公司 | Digital certificate management method and system |
US11411925B2 (en) | 2019-12-31 | 2022-08-09 | Oracle International Corporation | Methods, systems, and computer readable media for implementing indirect general packet radio service (GPRS) tunneling protocol (GTP) firewall filtering using diameter agent and signal transfer point (STP) |
US11601289B2 (en) * | 2020-01-07 | 2023-03-07 | Microsoft Technology Licensing, Llc | Securely rotating a server certificate |
US11258779B2 (en) * | 2020-01-14 | 2022-02-22 | Cisco Technology, Inc. | Wireless LAN (WLAN) public identity federation trust architecture |
US11310273B2 (en) | 2020-01-23 | 2022-04-19 | Rockwell Collins, Inc. | Secure network aggregation protocol |
EP3866428B1 (en) | 2020-02-13 | 2021-12-29 | Axis AB | A method for re-provisioning a digital security certificate and a system and a non-transitory computer program product thereof |
US11509487B2 (en) | 2020-03-16 | 2022-11-22 | Kaseya Limited | System for rollout of certificates to client and server independent of public key infrastructure |
US11424941B2 (en) * | 2020-04-29 | 2022-08-23 | Blackberry Limited | Method and system for handling dynamic cybersecurity posture of a V2X entity |
US11134074B1 (en) | 2020-05-22 | 2021-09-28 | Fmr Llc | Systems and methods for secure HTTP connections using a distributed certificate validation model |
US11477188B2 (en) * | 2020-07-01 | 2022-10-18 | Citrix Systems, Inc. | Injection of tokens or client certificates for managed application communication |
US11553342B2 (en) | 2020-07-14 | 2023-01-10 | Oracle International Corporation | Methods, systems, and computer readable media for mitigating 5G roaming security attacks using security edge protection proxy (SEPP) |
US11751056B2 (en) | 2020-08-31 | 2023-09-05 | Oracle International Corporation | Methods, systems, and computer readable media for 5G user equipment (UE) historical mobility tracking and security screening using mobility patterns |
US11825310B2 (en) | 2020-09-25 | 2023-11-21 | Oracle International Corporation | Methods, systems, and computer readable media for mitigating 5G roaming spoofing attacks |
US11832172B2 (en) | 2020-09-25 | 2023-11-28 | Oracle International Corporation | Methods, systems, and computer readable media for mitigating spoofing attacks on security edge protection proxy (SEPP) inter-public land mobile network (inter-PLMN) forwarding interface |
US11622255B2 (en) | 2020-10-21 | 2023-04-04 | Oracle International Corporation | Methods, systems, and computer readable media for validating a session management function (SMF) registration request |
US11246032B1 (en) * | 2020-10-29 | 2022-02-08 | Motional Ad Llc | Device provisioning and authentication |
US11528251B2 (en) * | 2020-11-06 | 2022-12-13 | Oracle International Corporation | Methods, systems, and computer readable media for ingress message rate limiting |
US11770694B2 (en) | 2020-11-16 | 2023-09-26 | Oracle International Corporation | Methods, systems, and computer readable media for validating location update messages |
US11818570B2 (en) | 2020-12-15 | 2023-11-14 | Oracle International Corporation | Methods, systems, and computer readable media for message validation in fifth generation (5G) communications networks |
US11812271B2 (en) | 2020-12-17 | 2023-11-07 | Oracle International Corporation | Methods, systems, and computer readable media for mitigating 5G roaming attacks for internet of things (IoT) devices based on expected user equipment (UE) behavior patterns |
CN112839030B (en) * | 2020-12-24 | 2022-09-20 | 航天信息股份有限公司 | Certificate calling system and method based on message driving |
CN113014546B (en) * | 2021-01-29 | 2022-04-15 | 深圳市风云实业有限公司 | Certificate-based authentication registration state management method and system |
US11700510B2 (en) | 2021-02-12 | 2023-07-11 | Oracle International Corporation | Methods, systems, and computer readable media for short message delivery status report validation |
US11516671B2 (en) | 2021-02-25 | 2022-11-29 | Oracle International Corporation | Methods, systems, and computer readable media for mitigating location tracking and denial of service (DoS) attacks that utilize access and mobility management function (AMF) location service |
US11689912B2 (en) | 2021-05-12 | 2023-06-27 | Oracle International Corporation | Methods, systems, and computer readable media for conducting a velocity check for outbound subscribers roaming to neighboring countries |
EP4141723A1 (en) * | 2021-08-25 | 2023-03-01 | Hewlett-Packard Development Company, L.P. | Verifying signatures |
US11516022B1 (en) * | 2021-10-31 | 2022-11-29 | Snowflake Inc. | Certificate revocation check proxy service |
US11683286B2 (en) * | 2021-11-18 | 2023-06-20 | Cisco Technology, Inc. | Anonymizing server-side addresses |
CN114143010A (en) * | 2021-11-25 | 2022-03-04 | 上海派拉软件股份有限公司 | Digital certificate acquisition method, device, terminal, system and storage medium |
CN114268439B (en) * | 2021-12-16 | 2023-09-15 | 中原工学院 | Identity-based authentication key negotiation method based on grid |
WO2023154070A1 (en) * | 2022-02-14 | 2023-08-17 | Rakuten Mobile, Inc. | Certificate enrollment system and method for non-virtual machine based network element |
CN116346396A (en) * | 2022-12-15 | 2023-06-27 | 北京航星永志科技有限公司 | Digital certificate distribution method, device, electronic equipment and storage medium |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060143442A1 (en) * | 2004-12-24 | 2006-06-29 | Smith Sander A | Automated issuance of SSL certificates |
US9330245B2 (en) * | 2011-12-01 | 2016-05-03 | Dashlane SAS | Cloud-based data backup and sync with secure local storage of access keys |
-
2016
- 2016-01-15 SG SG11201802931XA patent/SG11201802931XA/en unknown
- 2016-01-15 SG SG10201806366TA patent/SG10201806366TA/en unknown
- 2016-01-15 US US15/767,112 patent/US10630489B2/en active Active
- 2016-01-15 WO PCT/SG2016/050015 patent/WO2016153423A1/en active Application Filing
Also Published As
Publication number | Publication date |
---|---|
WO2016153423A1 (en) | 2016-09-29 |
US20190074982A1 (en) | 2019-03-07 |
SG11201802931XA (en) | 2018-05-30 |
US10630489B2 (en) | 2020-04-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
SG10201806366TA (en) | Apparatus and method for managing digital certificates | |
GB2566874A (en) | Method for obtaining vetted certificates by microservices in elastic cloud environments | |
JP2017516328A5 (en) | ||
WO2013106688A3 (en) | Authenticating cloud computing enabling secure services | |
WO2016167932A3 (en) | Authentication of a client device based on entropy from a server or other device | |
BR112017003018A2 (en) | secure provision of an authentication credential | |
MX361152B (en) | Provisioning drm credentials on a client device using an update server. | |
WO2016175914A3 (en) | Transaction signing utilizing asymmetric cryptography | |
JP2017535837A5 (en) | ||
TW201612787A (en) | Network authentication method for secure electronic transactions | |
BR112017002747A2 (en) | computer implemented method, and, computer system. | |
JP2013508854A5 (en) | ||
JP2017513265A5 (en) | ||
JP2017530586A5 (en) | ||
GB2523710A (en) | Multi-factor authentication and comprehensive login system for client-server networks | |
RU2016147697A (en) | METHOD AND DEVICE FOR OBTAINING A CERTIFICATE | |
IN2014MN01517A (en) | ||
WO2015139630A3 (en) | Fast authentication for inter-domain handovers | |
WO2014042992A3 (en) | Establishing and using credentials for a common lightweight identity | |
MY171259A (en) | System and method for identity-based entity authentication for client-server communications | |
WO2011017099A3 (en) | Secure communication using asymmetric cryptography and light-weight certificates | |
WO2015056010A3 (en) | Registry apparatus, agent device, application providing apparatus and corresponding methods | |
JP2016515369A5 (en) | ||
WO2013032671A4 (en) | Methods and apparatus for source authentication of messages that are secured with a group key | |
JP2017050849A5 (en) |