Secure usage of digital certificates and related keys on a security token
First Claim
1. A security token comprising:
- a Random Access Memory (RAM), an Electrical Erasable Programmable Read Only Memory (EEPROM), one or more Microprocessors, and a Read Only Memory, and characterized in that said EEPROM having at least an object containing a user certificate and an object containing a certificate of the certification authority (CA) of said user certificate (root certificate), wherein said root certificate is being write protected, and a verification component for checking authentication of said user certificate using information of said root certificate;
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a security token and method for secure usage of digital certificates and related keys on a security token, and more particularly, a secure import of certificates into a security token and their secure usage by applications. The root certificate of the certification authority(CA) is used during the initialization of the security token in a secure environment to transfer the certified root public key of the CA and its attributes into the data structure of the security token. The public root key is write protected. Furthermore, a verification component, preferably part of the operating system of the security token will accept, incase the certificate has to be replaced, only user certificates having a valid digital signature by the private root key of the CA.
83 Citations
16 Claims
-
1. A security token comprising:
-
a Random Access Memory (RAM), an Electrical Erasable Programmable Read Only Memory (EEPROM), one or more Microprocessors, and a Read Only Memory, and characterized in that said EEPROM having at least an object containing a user certificate and an object containing a certificate of the certification authority (CA) of said user certificate (root certificate), wherein said root certificate is being write protected, and a verification component for checking authentication of said user certificate using information of said root certificate;
- View Dependent Claims (2, 3, 4, 5, 6, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
7. A method for initializing a security token comprising the following steps:
-
a) transferring a root certificate of a certification authority into said security token using a secure transmission environment, b) securing the root certificate against modifications, and c) storing a verification component into said security token allowing use or replacement of a user certificate only when said user certificate is authenticated by said root certificate. - View Dependent Claims (8)
-
Specification