Server-client PKI for applied key management system and process
First Claim
Patent Images
1. A method for obtaining a public key for an application of a communication device, the method comprising:
- determining that a first public key corresponding to a first recipient of a communication from the communication device is unavailable in a local key store of the communication device;
requesting by the communication device the first public key corresponding to the first recipient from an applied key management system;
receiving the first public key from the applied key management system, wherein the first public key is authorized by at least one policy;
using the first public key for the application, wherein the first public key is authorized by the applied key management system in response to determining that one or more key attributes of the first public key conforms to the at least one policy;
determining whether a second public key corresponding to a second recipient is available in the local key store of the communication device; and
requesting the second public key from the applied key management system in response to determining that the second public key is unavailable.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments described herein relate to obtaining a public key for an application of a communication device, including, but not limited to, receiving a request from the communication device to obtain the public key, evaluating the request based on at least one policy, requesting the public key from a public key infrastructure (PKI) in response to determining that the request is authorized, receiving the public key from the PKI, and sending the public key to the communication device.
-
Citations
18 Claims
-
1. A method for obtaining a public key for an application of a communication device, the method comprising:
-
determining that a first public key corresponding to a first recipient of a communication from the communication device is unavailable in a local key store of the communication device; requesting by the communication device the first public key corresponding to the first recipient from an applied key management system; receiving the first public key from the applied key management system, wherein the first public key is authorized by at least one policy; using the first public key for the application, wherein the first public key is authorized by the applied key management system in response to determining that one or more key attributes of the first public key conforms to the at least one policy; determining whether a second public key corresponding to a second recipient is available in the local key store of the communication device; and requesting the second public key from the applied key management system in response to determining that the second public key is unavailable. - View Dependent Claims (2, 3, 4, 5, 6, 18)
-
-
7. A communication device, comprising:
-
a local key store; a memory; and a processor implementing a client plugin and a client interface;
wherein;the client plugin is configured to; interface with an application; determine whether a first public key corresponding to a first recipient of a message associated with the application is available in the local key store; determine whether a second public key corresponding to a second recipient is available in the local key store of the communication device; and the client interface is configured to; request the first public key from an applied key management system in response to determining that the first public key is unavailable; receive the first public key from the applied key management system that is authorized by at least one policy in response to determining that one or more key attributes of the first public key conforms to the at least one policy, wherein the message corresponds to a communication sent from the communication device to the first recipient; and request the second public key from the applied key management system in response to determining that the second public key is unavailable. - View Dependent Claims (9, 10, 11, 12)
-
-
8. A non-transitory processor-readable medium having processor-readable instructions, such that, when executed, causes a processor to:
-
determine that a first public key corresponding to a first recipient of a communication from a communication device is unavailable in a local key store of the communication device; request the first public key corresponding to the first recipient from an applied key management system, the first public key for an application of the communication device; receive the first public key from the applied key management system, wherein the first public key is authorized by at least one policy; use the first public key for the application, wherein the first public key is authorized by the applied key management system in response to determining that one or more key attributes of the first public key conforms to the at least one policy; determine whether a second public key corresponding to a second recipient is available in the local key store of the communication device; and request the second public key from the applied key management system in response to determining that the second public key is unavailable. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification