Assignment of user certificates/private keys in token enabled public key infrastructure system
First Claim
1. A method for assigning certificates/private keys to a token, comprising:
- accessing the token through a token reader connected to a computer system by a certificate/private key authority;
reading a token ID and a user signature certificate from the token;
searching for a match for the token ID and the signature certificate in an authoritative database;
creating a certificate, wherein the certificate is wrapped with a public key associated with the token ID and digitally signing the certificate/private key using a signature certificate of the certificate authority;
downloading the certificate/private key to the token; and
decrypting the certificate/private key using a private key stored in the token.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and computer program to assign certificates/private keys to a token (130). This method and computer program allows a user (132) to access a certificate authority (110) and have certificates/private keys that are used for signature, encryption and role purposes generated and downloaded to the token (130). The use of secure communication lines and computers is not necessary since the token (132) contains a unique token ID and private key, while the certificate authority (110) contains the associated public key for the token (130). The certificate generated is wrapped in the public key and only the token (130), having the associated private key, may activate the certificate.
120 Citations
16 Claims
-
1. A method for assigning certificates/private keys to a token, comprising:
-
accessing the token through a token reader connected to a computer system by a certificate/private key authority;
reading a token ID and a user signature certificate from the token;
searching for a match for the token ID and the signature certificate in an authoritative database;
creating a certificate, wherein the certificate is wrapped with a public key associated with the token ID and digitally signing the certificate/private key using a signature certificate of the certificate authority;
downloading the certificate/private key to the token; and
decrypting the certificate/private key using a private key stored in the token. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
9. A computer program embodied on a computer readable medium and executable by a computer for assigning certificates/private keys to a token, comprising:
-
accessing the token through a token reader connected to a computer system by a certificate authority;
reading a token ID and a user signature certificate from the token;
searching for a match for the token ID and the signature certificate in an authoritative database;
creating a certificate, wherein the certificate is wrapped with a public key associated with the token ID and digitally signing the certificate/private key using a signature certificate of the certificate authority;
downloading the certificate/private key to the token; and
decrypting the certificate/private key using a private key stored in the token. - View Dependent Claims (8, 10, 11, 12, 13, 14, 15, 16)
-
Specification