Remote management of client installed digital certificates

US 20050081029A1
Filed: 08/13/2004
Published: 04/14/2005
Est. Priority Date: 08/15/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for automatically managing placement of digital certificates to client devices from a certificate management system, the certificate management system including network facilities for communication over an electronic communication network, the method comprising the steps of:

receiving requests for connections from clients, attempting to retrieve a digital certificate from the client device by way of the network facilities and a client executable component, if in said attempting a digital certificate is retrieved, checking for expiration of the retrieved digital certificate, if in said attempting a digital certificate is retrieved, querying a revocation server by way of said network facilities for revocation of the retrieved digital certificate, if the retrieved digital certificate is expired or revoked, retrieving a newly issued certificate from a network certificate server, if in said attempting a digital certificate is not retrieved, accessing a certificate store to retrieve an authentication certificate, following said accessing a network certificate server to retrieve an authentication certificate, placing the retrieved authentication certificate in the certificate store of said client device, and authenticating the client device for data transfer.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed herein are several digital certificate discovery and management systems. Detailed information on various example embodiments of the inventions are provided in the Detailed Description below, and the inventions are defined by the appended claims.

174 Citations

23 Claims

1. A method for automatically managing placement of digital certificates to client devices from a certificate management system, the certificate management system including network facilities for communication over an electronic communication network, the method comprising the steps of:
- receiving requests for connections from clients, attempting to retrieve a digital certificate from the client device by way of the network facilities and a client executable component, if in said attempting a digital certificate is retrieved, checking for expiration of the retrieved digital certificate, if in said attempting a digital certificate is retrieved, querying a revocation server by way of said network facilities for revocation of the retrieved digital certificate, if the retrieved digital certificate is expired or revoked, retrieving a newly issued certificate from a network certificate server, if in said attempting a digital certificate is not retrieved, accessing a certificate store to retrieve an authentication certificate, following said accessing a network certificate server to retrieve an authentication certificate, placing the retrieved authentication certificate in the certificate store of said client device, and authenticating the client device for data transfer.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method according to claim 1, wherein said authenticating indicates authentication of an individual for a financial transaction.
  - 3. A method according to claim 1, wherein said authenticating indicates authentication of an individual for a contractual transaction.
  - 4. A method according to claim 1, wherein said authenticating indicates authentication of an individual for a loan application.
  - 5. A method according to claim 1, further comprising the step of providing access to resources within an organization based on an authenticated individual'"'"'s access rights.
  - 6. A method according to claim 1, further comprising the step of providing access to email messages for authenticated individuals.
  - 7. A method according to claim 1, further comprising the step of providing access to applications on the client device for authenticated individuals.

8. A method for automatically managing placement of digital certificates to client devices from a certificate management system, the certificate management system including network facilities for communication over an electronic communication network, the method comprising the steps of:
- receiving requests for connections from clients, attempting to retrieve a digital certificate from the client device by way of the network facilities and said client executable component, if in said attempting a digital certificate is retrieved, checking for expiration of the retrieved digital certificate, if in said attempting a digital certificate is retrieved, querying a revocation server by way of said network facilities for revocation of the retrieved digital certificate, if the retrieved digital certificate is expired or revoked, retrieving a newly issued certificate from a network certificate server, if in said attempting a digital certificate is not retrieved, accessing a certificate store to retrieve an authentication certificate, following said accessing a network certificate server to retrieve an authentication certificate, placing the retrieved authentication certificate in the certificate store of said client device, and authenticating the client device for data transfer.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. A method according to claim 8, wherein said authenticating indicates authentication of an individual for a financial transaction.
  - 10. A method according to claim 8, wherein said authenticating indicates authentication of an individual for a contractual transaction.
  - 11. A method according to claim 8, wherein said authenticating indicates authentication of an individual for a loan application.
  - 12. A method according to claim 8, further comprising the step of providing access to resources within an organization based on an authenticated individual'"'"'s access rights.
  - 13. A method according to claim 8, further comprising the step of providing access to email messages for authenticated individuals.
  - 14. A method according to claim 8, further comprising the step of providing access to applications on the client device for authenticated individuals.
  - 15. A method according to claim 8, further comprising the step of providing an access rights configuration interface operable from the client device upon authentication.

16. A method for automatically managing placement of digital certificates to client devices from a certificate management system, the certificate management system including network facilities for communication over an electronic communication network, the method comprising the steps of:
- receiving requests for connections from clients, attempting to retrieve a digital certificate from the client device by way of the network facilities and said client executable component, if in said attempting a digital certificate is retrieved, checking for expiration of the retrieved digital certificate, if in said attempting a digital certificate is retrieved, querying a revocation server by way of said network facilities for revocation of the retrieved digital certificate, if the retrieved digital certificate is expired or revoked, retrieving a newly issued certificate from a network certificate server, if in said attempting a digital certificate is not retrieved, accessing a certificate store to retrieve an authentication certificate, following said accessing a network certificate server to retrieve an authentication certificate, placing the retrieved authentication certificate in the certificate store of said client device, authenticating the client device for data transfer, said authenticating identifying the client device to the certificate management system, said authenticating further identifying a user to the certificate management system;
  
  providing access to services conditioned on the enablement of the services for the identified client device and user.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. A method according to claim 16, further comprising the step of providing an access rights configuration interface operable from the client device upon authentication.
  - 18. A method according to claim 16, wherein said authenticating indicates authentication of an individual for a financial transaction.
  - 19. A method according to claim 16, wherein said authenticating indicates authentication of an individual for a contractual transaction.
  - 20. A method according to claim 16, wherein said authenticating indicates authentication of an individual for a loan application.
  - 21. A method according to claim 16, further comprising the step of providing access to resources within an organization based on an authenticated individual'"'"'s access rights.
  - 22. A method according to claim 16, further comprising the step of providing access to email messages for authenticated individuals.
  - 23. A method according to claim 16, further comprising the step of providing access to applications on the client device for authenticated individuals.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Imcentric Incorporated, Venafi,Inc.
Original Assignee
Imcentric Incorporated
Inventors
Thornton, Russell S., Seegmiller, Jayson, Hodson, Benjamin

Application Number

US10/917,964
Publication Number

US 20050081029A1
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 63/04   for providing a confidentia...

H04L 63/0823   using certificates cryptogr...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

Remote management of client installed digital certificates

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

174 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Remote management of client installed digital certificates

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

174 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links