Tenant based signature validation
First Claim
Patent Images
1. A computer-implemented method performed by a server in a distributed network, the method comprising:
- receiving, from a first client, a first request comprising a first signing certificate of a first user of a first message;
in response to the first request, identifying, from a plurality of tenants, a first tenant that relates to the first signing certificate;
after identifying the first tenant, accessing a first tenant certificate collection from a first tenant store that ison the distributed network; and
logically separate from the first tenant and the first server;
upon receiving access to the first tenant store, loading, from the first tenant store, the first tenant certificate collection as a first tenant virtual store; and
with the first tenant virtual store, validating the first signing certificate.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for validating a signature in a multi-tenant environment. A server or other computing device that is part of a distributed network may request a certificate collection from an identified tenant store. The requested certificate collection may be loaded in a virtual store that is accessible by the server or other computing device. The sever or other computing device may then access one or more certificates from the virtual store to validate a signature.
23 Citations
20 Claims
-
1. A computer-implemented method performed by a server in a distributed network, the method comprising:
-
receiving, from a first client, a first request comprising a first signing certificate of a first user of a first message; in response to the first request, identifying, from a plurality of tenants, a first tenant that relates to the first signing certificate; after identifying the first tenant, accessing a first tenant certificate collection from a first tenant store that is on the distributed network; and logically separate from the first tenant and the first server; upon receiving access to the first tenant store, loading, from the first tenant store, the first tenant certificate collection as a first tenant virtual store; and with the first tenant virtual store, validating the first signing certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system comprising:
-
a distributed network for data exchange with a client; a computing device comprising; a processor; a memory for storing computer executable instructions that, when executed by the at processor, is operative to; receive, from a first client, a first request compromising a first signing certificate of a first user of a first message; in response to the first request, identify, from a plurality of tenants, a first tenant that relates to the first signing certificate; after identifying the first tenant, request access to a first tenant certificate collection stored in a first private tenant store, wherein the first private tenant store is logically separate from the first tenant, and wherein the first private tenant store is accessed on a distribute network; upon receiving access to the first private tenant store, load, from the first private tenant store, the first tenant certificate collection as a first tenant virtual store; and with the first tenant virtual store, validate the first signing certificate, wherein the first tenant virtual store is deleted after occurrence of; validation of the first signing certificate, invalidation of the first signing certificate, receiving a second request to validate a second signing certificate, reaching a predetermined data storage capacity, or a predetermined amount of time. - View Dependent Claims (17, 18, 19)
-
-
20. A computer-readable storage medium comprising computer-executable instructions stored thereon which, when executed by a computing system are operative to:
-
receive, from a first client, a first request comprising a first signing certificate from a first user of a first message; in response to the first request, identify, from a plurality of tenants, a first tenant that relates to the first signing certificate; after identifying the first tenant, request access to a first tenant certificate collection stored in a first tenant store through a distributed network, wherein the first tenant store is logically separate from the first client; upon receiving access to the first tenant store, read the first tenant certificate collection on the first tenant store; after reading the first tenant certificate collection, load the first tenant certificate collection as a first tenant virtual store; and with the first tenant virtual store, validate the first signing certificate, in response to validating the first signing certificate, delete the first tenant virtual store; receive a second request comprising a second signing certificate from a second user of a second message; in response to the second request, identify the second tenant that relates to the second signing certificate; after identifying the second tenant, request access to a second tenant certificate collection on a second tenant store; upon receiving access to the second tenant certificate collection, read the second tenant certificate collection; after reading the second tenant certificate collection, load the second tenant certificate collection as a second tenant virtual store; with the second tenant virtual store, validate the second signing certificate; and in response to validating the second signing certificate, delete the second tenant virtual store.
-
Specification