Digital certificate management system, digital certificate management apparatus, digital certificate management method, program and computer readable information recording medium
First Claim
1. A digital certificate management system comprising:
- a client and server system in which a digital certificate is used for authentication so as to establish communication between a server and a client, and data transmission is performed therebetween with the use of the communication established through the authentication; and
a digital certificate management apparatus communicatable with the client and the server, and wherein;
said digital certificate management apparatus comprises a proof key updating unit which updates a proof key used for proving validity of the digital certificate used for authentication by the server;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting the new proof key to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, to the server, and wherein;
said second transmitting unit performs operation of transmitting the new server certificate to the server after receiving, from the client, information indicating that the client has received the new proof key.
1 Assignment
0 Petitions
Accused Products
Abstract
A digital certificate management apparatus updates a proof key used for proving validity of a digital certificate used for authentication for establishing communication between a client and a server. The apparatus acquires a new proof key for updating, acquires a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key, transmits the new proof key to the client and transmits a new server certificate which is a new digital certificate for the server to the server. The apparatus transmits the new server certificate to the server after receiving, from the client, information indicating that the client has received the new proof key.
-
Citations
77 Claims
-
1. A digital certificate management system comprising:
-
a client and server system in which a digital certificate is used for authentication so as to establish communication between a server and a client, and data transmission is performed therebetween with the use of the communication established through the authentication; and
a digital certificate management apparatus communicatable with the client and the server, and wherein;
said digital certificate management apparatus comprises a proof key updating unit which updates a proof key used for proving validity of the digital certificate used for authentication by the server;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting the new proof key to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, to the server, and wherein;
said second transmitting unit performs operation of transmitting the new server certificate to the server after receiving, from the client, information indicating that the client has received the new proof key. - View Dependent Claims (2, 3, 7, 10, 13)
-
-
4. A digital certificate management system comprising:
-
a client and server system in which a digital certificate is used for mutual authentication so as to establish communication between a server and a client, and data transmission is performed therebetween with the use of the communication established through the authentication; and
a digital certificate management apparatus communicatable with the client and the server, and wherein;
said digital certificate management apparatus comprises a proof key updating unit which updates a proof key used for proving validity of the digital certificate used for the mutual authentication by the client and the server;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for the client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, and the new proof key, to the server, and wherein;
said second transmitting unit performs operation of transmitting the new server certificate to the server after receiving from, the client, information indicating that the client has received the new proof key; and
said first transmitting unit performs operation of transmitting the new client certificate to the client after receiving information from the server indicating that the server has received the new proof key. - View Dependent Claims (5, 8, 11, 14)
-
-
6. A digital certificate management system comprising:
-
a client and server system in which a digital certificate is used for mutual authentication so as to establish communication between a server and a client, and data transmission is performed therebetween with the use of the communication established through the authentication; and
a digital certificate management apparatus communicatable with the client and the server, and wherein;
said digital certificate management apparatus comprises a proof key updating unit which updates a proof key used for proving validity of the digital certificate used for the mutual authentication by the client and the server;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for the client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, and the new proof key, to the server, and wherein;
said first transmitting unit performs operation of transmitting the new client certificate and the new proof key to the client at the same time; and
said second transmitting unit performs operation of transmitting the new server certificate and the new proof key to the server at the same time after receiving information from the client indicating that the client has received the new proof key. - View Dependent Claims (9, 12, 15)
-
-
16. A digital certificate management apparatus communicatable with a client and a server which configure a client and server system, comprising:
-
a proof key updating unit which updates a proof key used for proving validity of a digital certificate used by the server for authentication through which communication between the client and the server is established, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting the new proof key to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server to the server, and wherein;
said second transmitting unit performs operation of transmitting the new server certificate to the server after receiving, from the client, information indicating that the client has received the new proof key.
-
-
17. A digital certificate management apparatus communicatable a client and a server which configure a client and server system, comprising:
-
a proof key updating unit which updates a proof key used for proving validity of a digital certificate used for mutual authentication through which communication is established between the client and the server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for the client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, and the new proof key, to the server, and wherein;
said second transmitting unit performs operation of transmitting the new server certificate to the server after receiving, from the client, information indicating that the client has received the new proof key; and
said first transmitting unit performs the operation of transmitting the new client certificate to the client after receiving information from the server indicating that the server has received the new proof key.
-
-
18. A digital certificate management apparatus communicatable with a client and a server which configure a client and server system, comprising:
-
a proof key updating unit which updates a proof key used for proving validity of a digital certificate used for mutual authentication through which communication is established between the client and the server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for the client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, and the new proof key, to the server, and wherein;
said first transmitting unit performs operation of transmitting the new client certificate and the new proof key to the client at the same time; and
said second transmitting unit performs operation of transmitting the new server certificate and the new proof key to the server at the same time after receiving information from the client indicating that the client has received the new proof key.
-
-
19. A digital certificate management system comprising:
-
a client and server system in which one or a plurality of clients and one or a plurality of servers are included, authentication is performed between each client and each sever with the use of a digital certificate, and data transmission is performed therebetween with communication established through the authentication; and
a digital certificate management apparatus communicatable with each client and each server, and wherein;
said digital certificate management apparatus comprises;
a proof key updating unit updating a proof key used for proving validity of the digital certificate used for authentication by each server; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting the new proof key to each client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, to the relevant server, and wherein;
said updating order control unit controls the updating procedure so that said second transmitting unit performs operation of transmitting the new server certificate to the respective server after receiving from all the clients, which act as communication counterparts of the server, information indicating that the clients have received the new proof keys. - View Dependent Claims (20, 21, 24, 27, 30)
-
-
22. A digital certificate management system comprising:
-
a client and server system in which one or a plurality of clients and one or a plurality of servers are included, mutual authentication is performed between each client and each sever with the use of a digital certificate, and data transmission is performed therebetween with communication established through the authentication; and
a digital certificate management apparatus communicatable with each client and each server, and wherein;
said digital certificate management apparatus comprises;
a proof key updating unit which updates a proof key used for proving validity of the digital certificate used for the mutual authentication by each client and each server; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate, used for the mutual authentication, for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for each client, and the new proof key, to the relevant client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, and the new proof key, to the relevant server, and wherein;
said updating order control unit controls the updating procedure so that said second transmitting unit performs the operation of transmitting the new server certificate to each server after receiving, from all the clients which act as communication counterparts of the relevant server, information indicating that the relevant clients have received the new proof keys, and said first transmitting unit performs the operation of transmitting the new client certificate to each client after receiving information, from all the servers which act as communication counterparts of the relevant client, indicating that the relevant servers have received the new proof keys. - View Dependent Claims (25, 28, 31)
-
-
23. A digital certificate management system comprising:
-
a client and server system in which one or a plurality of clients and one or a plurality of servers are included, mutual authentication is performed between each client and each sever with the use of a digital certificate, and data transmission is performed therebetween with communication established through the authentication; and
a digital certificate management apparatus communicatable with each client and each server, and wherein;
said digital certificate management apparatus comprises;
a proof key updating unit which updates a proof key used for proving validity of the digital certificate used for the mutual authentication by each client and each server; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for each client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, and the new proof key, to the server, and wherein;
said updating order control unit controls the updating procedure so that said first transmitting unit performs the operation of transmitting the new client certificate and the new proof key to each client at the same time, and said second transmitting unit performs the operation of transmitting the new server certificate and the new proof key to each server at the same time after receiving information, from all the clients which act as communication counterparts of the relevant server, indicating that the clients have received the new proof keys. - View Dependent Claims (26, 29, 32)
-
-
33. A digital certificate management apparatus communicatable with one or a plurality of clients and one or a plurality of servers which configure a client and server system, comprising:
-
a proof key updating unit updating a proof key used for proving validity of a digital certificate used for authentication by the server, whereby communication is established between each client and each server; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting the new proof key to each client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, to the relevant server, and wherein;
said updating order control unit controls the updating procedure so that second transmitting unit performs the operation of transmitting the new server certificate to the respective server after receiving from all the clients, which act as communication counterparts of the server, information indicating that the clients have received the new proof keys.
-
-
34. A digital certificate management apparatus communicatable with one or a plurality of clients and one or a plurality of servers which configure a client and server system, comprising:
-
a proof key updating unit updating a proof key used for proving validity of a digital certificate used for mutual authentication, whereby communication is established between each client and each server; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate, used for the mutual authentication, for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for each client, and the new proof key, to the relevant client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, and the new proof key, to the relevant server, and wherein;
said updating order control unit controls the updating procedure so that said second transmitting unit performs the operation of transmitting the new server certificate to each server after receiving, from all the clients which act as communication counterparts of the relevant server, information indicating that the relevant clients have received the new proof keys, and said first transmitting unit performs the operation of transmitting the new client certificate to each client after receiving information, from all the servers which act as communication counterparts of the relevant client, indicating that the relevant servers have received the new proof keys.
-
-
35. A digital certificate management apparatus communicatable with one or a plurality of clients and one or a plurality of servers which configure a client and server system, comprising:
-
a proof key updating unit updating a proof key used for proving validity of a digital certificate used for mutual authentication, whereby communication is established between each client and each server; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for each client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, and the new proof key, to the server, and wherein;
said updating order control unit controls the updating procedure so that said first transmitting unit performs the operation of transmitting the new client certificate and the new proof key to each client at the same time, and said second transmitting unit performs the operation of transmitting the new server certificate and the new proof key to each server at the same time after receiving information, from all the clients which act as communication counterparts of the relevant server, indicating that the clients have received the new proof keys.
-
-
36. A digital certificate management method for managing, in a digital certificate management apparatus communicatable with a server and a client which configure a client and server system, a digital certificate used for authentication whereby communication is established between the server and the client, comprising the steps of:
-
a) updating a proof key used for proving validity of the digital certificate used for authentication by the server, and wherein said step a) comprises the steps of;
a-1) acquiring a new proof key for updating; and
a-2) acquiring a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key;
b-1) transmitting the new proof key to the client; and
b-2) transmitting a new server certificate which is a new digital certificate for the server, to the server, after receiving, from the client, information indicating that the client has received the new proof key. - View Dependent Claims (37, 38, 42, 45, 48)
-
-
39. A digital certificate management method for managing, in a digital certificate management apparatus communicatable with a server and a client which configure a client and server system, a digital certificate used for mutual authentication whereby communication is established between the server and the client, comprising the steps of:
-
a) updating a proof key used for proving validity of the digital certificate used for the mutual authentication by the client and the server, and wherein;
said step a) comprises the steps of;
a-1) acquiring a new proof key for updating; and
a-2) acquiring a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
b-1) transmitting the new proof key to the server;
b-2) transmitting the new proof key to the client;
b-3) transmitting a new client certificate which is the new digital certificate for the client, to the client; and
b-4) transmitting a new server certificate which is the new digital certificate for the server, to the server; and
wherein;
said steps a-1), a-2), b-1), b-2), b-3) and b-4) are executed in a predetermined order; and
said step b-4) is performed after the completion of said step b-2) and also after information indicating that the client has received the new proof key from the client is received from the client, and also, said step b-3) is performed after the completion of said step b-1) and also after information indicating that the server has received the new proof key is received from the server. - View Dependent Claims (40, 43, 46, 49)
-
-
41. A digital certificate management method for managing, in a digital certificate management apparatus communicatable with a server and a client which configure a client and server system, a digital certificate used for mutual authentication whereby communication is established between the server and the client, comprising the steps of:
-
a) updating a proof key used for proving validity of the digital certificate used for the mutual authentication by the client and the server, and wherein;
said step a) comprises the steps of;
a-1) acquiring a new proof key for updating;
a-2) acquiring a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
b-1) transmitting the new proof key to the server;
b-2) transmitting the new proof key to the client;
b-3) transmitting a new client certificate which is the new digital certificate for the client, to the client; and
b-4) transmitting a new server certificate which is the new digital certificate for the server, to the server, and wherein;
said steps a-1), a-2), b-1), b-2), b-3) and b-4) are executed in a predetermined order; and
said steps b-2) and b-3) are performed together, and then, after the completion of these steps and after information indicating that the client has received the new proof key, said steps b-1) and b-4) are performed together. - View Dependent Claims (44, 47, 50)
-
-
51. A digital certificate management method for managing, in a digital certificate management apparatus communicatable with one or a plurality of servers and one or a plurality of clients which configure a client and server system, a digital certificate used for mutual authentication whereby communication is established between the one or the plurality of servers and the one or the plurality of clients, comprising the steps of:
-
a) updating a proof key used for proving validity of the digital certificate used for authentication, based on an updating procedure determined according to information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said step a) comprising the steps of;
a-1) acquiring a new proof key for updating;
a-2) acquiring a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a-3) transmitting the new proof key to each client; and
a-4) transmitting a new server certificate which is a new digital certificate for each server, to the server, and wherein;
said updating procedure is configured so that said step a-4) is performed after information indicating that the new proof keys have been received is received from all the clients, which act as communication counterparts of the relevant server. - View Dependent Claims (52, 53, 56, 59, 62)
-
-
54. A digital certificate management method for managing, in a digital certificate management apparatus communicatable with one or a plurality of servers and one or a plurality of clients which configure a client and server system, a digital certificate used for mutual authentication whereby communication is established between the one or the plurality of servers and the one or the plurality of clients, comprising the step of:
-
a) updating a proof key used for proving validity of the digital certificate used for the mutual authentication based on an updating procedure determined according to information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said step a) comprises;
a-1) acquiring a new proof key for updating;
a-2) acquitting a new digital certificate, used for the mutual authentication, for which validity can be proved with the use of said new proof key;
a-3) transmitting a new client certificate which is the new digital certificate for each client, and the new proof key, to the relevant client; and
a-4) transmitting a new server certificate which is the new digital certificate for each server, and the new proof key, to the relevant server, and wherein;
said updating procedure is configured so that said step a-4) is performed after information indicating that the relevant clients have received the new proof keys is received from all the clients which act as communication counterparts of the relevant server, and said step a-3) is performed after information indicating that the relevant servers have received the new proof keys is received from all the servers which act as communication counterparts of the relevant client. - View Dependent Claims (57, 60, 63)
-
-
55. A digital certificate management method for managing, in a digital certificate management apparatus communicatable with one or a plurality of servers and one or a plurality of clients which configure a client and server system, a digital certificate used for mutual authentication whereby communication is established between the one or the plurality of servers and the one or the plurality of clients, comprising the step of:
-
a) updating a proof key used for proving validity of the digital certificate used for the mutual authentication based on an updating procedure determined according to information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said step a) comprises the steps of;
a-1) acquiring a new proof key for updating;
a-2) acquiring a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a-3) transmitting a new client certificate which is the new digital certificate for each client, and the new proof key, to the client; and
a-4) transmitting a new server certificate which is the new digital certificate for each server, and the new proof key, to the server, and wherein said updating procedure is configured so that operations of transmitting the new client certificate and the new proof key to each client are performed at the same time, and operations of transmitting the new server certificate and the new proof key to each server are performed at the same time after information indicating that the clients have received the new proof keys is received from all the clients which act as communication counterparts of the relevant server. - View Dependent Claims (58, 61, 64)
-
-
65. An updating procedure determining method for determining an updating procedure to be stored in one or a plurality of clients and one or a plurality of servers which configure a client and server system, for updating by a digital certificate management apparatus a proof key used for proving validity of a digital certificate used for authentication, through which communication is established between the one or the plurality of clients and the one or the plurality of servers, comprising the step of:
-
determining the updating procedure based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, so that a step of transmitting a new server certificate which is the new digital certificate for which validity can be proved with the use of a new proof key for updating, used for the authentication by the server, is performed after information indicating that all the clients which act as communication counterparts of the server is received from the clients.
-
-
66. A program for causing a computer, which controls a digital certificate management apparatus communicatable with a client and a server which configure a client and server system, to perform a proof key updating step of updating a proof key used for providing validity of a digital certificate used by the server for authentication performed when communication is established between the client and the server, said program being configured to cause the computer to function as:
-
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting the new proof key to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, to the server, and wherein;
said second transmitting unit performs the operation of transmitting the new server certificate to the server after receiving from the client information indicating that the client has received the new proof key. - View Dependent Claims (72)
-
-
67. A program for causing a computer, which controls a digital certificate management apparatus communicatable with a client and a server which configure a client and server system, to perform a proof key updating step of updating a proof key used for providing validity of a digital certificate used for authentication performed when communication is established between the client and the server, said program being configured to cause the computer to function as:
-
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for the client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, and the new proof key, to the server, and wherein;
said second transmitting unit performs the operation of transmitting the new server certificate to the server after receiving from the client information indicating that the client has received the new proof key; and
said first transmitting unit performs the operation of transmitting the new client certificate to the client after receiving information from the server indicating that the server has received the new proof key. - View Dependent Claims (73)
-
-
68. A program for causing a computer, which controls a digital certificate management apparatus communicatable with a client and a server which configure a client and server system, to perform a proof key updating step of updating a proof key used for proving validity of a digital certificate used for authentication performed when communication is established between the client and the server, said program being configured to cause the computer to function as:
-
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for the client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for the server, and the new proof key, to the server, and wherein;
said first transmitting unit has a function of performing the operation of transmitting the new client certificate and the new proof key to the client at the same time; and
said second transmitting unit has a function of performing the operation of transmitting the new server certificate and the new proof key to the server at the same time after receiving information from the client indicating that the client has received the new proof key. - View Dependent Claims (74)
-
-
69. A program for causing a computer, which controls a digital certificate management apparatus communicatable with one of a plurality of clients and one or a plurality of servers which configure a client and server system, to function as:
-
a proof key updating unit updating a proof key used for proving validity of a digital certificate used for authentication by each server for establishing communication between each server and each client; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit comprises;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting the new proof key to each client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, to the relevant server, and wherein;
said updating order control unit controls the updating procedure so that said second transmitting unit performs the operation of transmitting the new server certificate to the respective server after receiving from all the clients, which act as communication counterparts of the server, information indicating that the clients have received the new proof keys. - View Dependent Claims (75)
-
-
70. A program for causing a computer, which controls a digital certificate management apparatus communicatable with one of a plurality of clients and one or a plurality of servers which configure a client and server system, to function as:
-
a proof key updating unit updating a proof key used for proving validity of the digital certificate used for mutual authentication for establishing communication between each server and each client; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit has the functions of;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate, used for the mutual authentication, for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for each client, and the new proof key, to the relevant client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, and the new proof key, to the relevant server, and wherein;
said updating order control unit is configured to control the updating procedure so that said second transmitting unit performs the operation of transmitting the new server certificate to each server after receiving, from all the clients which act as communication counterparts of the relevant server, information indicating that the relevant clients have received the new proof keys, and said first transmitting unit performs the operation of transmitting the new client certificate to each client after receiving information, from all the servers which act as communication counterparts of the relevant client, indicating that the relevant servers have received the new proof keys. - View Dependent Claims (76)
-
-
71. A program for causing a computer, which controls a digital certificate management apparatus communicatable with one of a plurality of clients and one or a plurality of servers which configure a client and server system, to function as:
-
a proof key updating unit updating a proof key used for proving validity of the digital certificate used for mutual authentication for establishing communication between each server and each client; and
an updating order control unit controlling a procedure of updating the proof key performed by the proof key updating unit based on information concerning the respective nodes included in the client and server system as to a communication counterpart of each node and as to whether each of the node and the counterpart acts as a client or a server, and wherein;
said proof key updating unit has the functions of;
a unit configured to acquire a new proof key for updating;
a unit configured to acquire a new digital certificate used for the mutual authentication for which validity can be proved with the use of said new proof key;
a first transmitting unit transmitting a new client certificate which is the new digital certificate for each client, and the new proof key, to the client; and
a second transmitting unit transmitting a new server certificate which is the new digital certificate for each server, and the new proof key, to the server, and wherein;
said updating order control unit is configured to control the updating procedure so that said first transmitting unit performs the operations of transmitting the new client certificate and the new proof key to each client at the same time, and said second transmitting unit performs the operations of transmitting the new server certificate and the new proof key to each server at the same time after receiving information, from all the clients which act as communication counterparts of the relevant server, indicating that the clients have received the new proof keys. - View Dependent Claims (77)
-
Specification