Self-service provisioning of digital certificates

US 20050262346A1
Filed: 05/19/2004
Published: 11/24/2005
Est. Priority Date: 05/19/2004
Status: Active Grant

First Claim

Patent Images

1. An automated method of provisioning a digital certificate, the method comprising:

receiving notification of a need to provision a digital certificate for a specified user;

electronically instructing the specified user to obtain the digital certificate;

receiving an electronic response from the specified user, wherein the response includes the digital certificate;

storing the digital certificate without activating the digital certificate;

electronically instructing a trusted user to confirm that the specified user obtained the digital certificate;

receiving an electronic response from the trusted user; and

activating the digital certificate.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for provisioning digital certificates. An automated provisioning engine receives notification of a need to provision a user with a digital certificate. The engine electronically instructs the user to obtain a digital certificate. When obtained, the user responds by forwarding the certificate. The engine then electronically instructs a trusted or provisioned user to verify that the user obtained the digital certificate. The trusted user verifies this, and may obtain the user'"'"'s certificate or a fingerprint of the certificate to include in a response to the provisioner'"'"'s instructions. If verified, and if the certificate or fingerprint matches the certificate provided by the user, the user'"'"'s digital certificate is then activated, to allow it to represent the user in public key transactions.

7 Citations

View as Search Results

23 Claims

1. An automated method of provisioning a digital certificate, the method comprising:
- receiving notification of a need to provision a digital certificate for a specified user;
  
  electronically instructing the specified user to obtain the digital certificate;
  
  receiving an electronic response from the specified user, wherein the response includes the digital certificate;
  
  storing the digital certificate without activating the digital certificate;
  
  electronically instructing a trusted user to confirm that the specified user obtained the digital certificate;
  
  receiving an electronic response from the trusted user; and
  
  activating the digital certificate.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - receiving a first fingerprint of the digital certificate after said storing; and
      
      comparing the first fingerprint to a fingerprint of the stored digital certificate.
  - 3. The method of claim 2, wherein the electronic response from the trusted user comprises the first fingerprint.
  - 4. The method of claim 1, wherein said activating comprises making the digital certificate available to other users.
  - 5. The method of claim 1, wherein said activating comprises allowing the certificate to represent the specified user in a public key transaction.
  - 6. The method of claim 1, further comprising:
    - providing the specified user with one or more cryptographic keys to facilitate generation of the digital certificate.
  - 7. The method of claim 1, wherein said notification of a need to provision a digital certificate is received from the specified user.
  - 8. The method of claim 1, wherein said notification of a need to provision a digital certificate is received from the trusted user.
  - 9. The method of claim 1, wherein:
    - each said receiving comprises receiving an electronic workflow notification; and
      
      each said electronically instructing comprises sending an electronic workflow notification.
  - 10. The method of claim 1, wherein:
    - each said receiving comprises receiving an electronic mail message; and
      
      each said electronically instructing comprises sending an electronic mail message.

11. A computer readable medium storing instructions that, when executed by a computer, cause the computer to perform a method of provisioning a digital certificate, the method comprising:
- receiving notification of a need to provision a digital certificate for a specified user;
  
  electronically instructing the specified user to obtain the digital certificate;
  
  receiving an electronic response from the specified user, wherein the response includes the digital certificate;
  
  storing the digital certificate without activating the digital certificate;
  
  electronically instructing a trusted user to confirm that the specified user obtained the digital certificate;
  
  receiving an electronic response from the trusted user; and
  
  activating the digital certificate.

12. A computer-implemented self-service method of provisioning a digital certificate, the method comprising:
- receiving, from an automated provisioner of digital certificates, electronic instructions to obtain a digital certificate;
  
  obtaining the digital certificate;
  
  sending an electronic response to the instructions to the provisioner, wherein the response includes the digital certificate; and
  
  confirming obtainment of the digital certificate to a trusted user registered with the automated provisioner.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The method of claim 12, wherein said obtaining comprises:
    - obtaining a set of cryptographic keys.
  - 14. The method of claim 13, wherein said sending comprises:
    - digitally signing the electronic response using the set of cryptographic keys.
  - 15. The method of claim 12, wherein the electronic instructions include a set of cryptographic keys.
  - 16. The method of claim 15, further comprising:
    - installing the cryptographic keys on a local browser.
  - 17. The method of claim 12, wherein said confirming comprises:
    - giving the trusted user a fingerprint of the digital certificate.
  - 18. The method of claim 12, wherein said confirming comprises:
    - transmitting the digital certificate to the trusted user.

19. A computer readable medium storing instructions that, when executed by a computer, cause the computer to perform a self-service method of provisioning a digital certificate, the method comprising:
- receiving, from an automated provisioner of digital certificates, electronic instructions to obtain a digital certificate;
  
  obtaining the digital certificate;
  
  sending an electronic response to the instructions to the provisioner, wherein the response includes the digital certificate; and
  
  confirming obtainment of the digital certificate to a trusted user registered with the automated provisioner

20. An apparatus for provisioning a digital certificate, comprising:
- a database configured to store digital certificates;
  
  a communication link coupling the apparatus to a plurality of client computing devices; and
  
  an automated provisioner configured to;
  
  receive notification of a need to provision a digital certificate for an un-provisioned user;
  
  electronically instruct the un-provisioned user to obtain a digital certificate;
  
  receive the un-provisioned user'"'"'s digital certificate from the un-provisioned user;
  
  electronically instruct a provisioned user to confirm the un-provisioned user'"'"'s digital certificate; and
  
  in response to an electronic confirmation from the provisioned user, provision the un-provisioned user by activating the digital certificate.
- View Dependent Claims (21, 22, 23)
- - 21. The apparatus of claim 20, wherein said automated provisioner is further configured to:
    - store the un-provisioned user'"'"'s digital certificate in an inactive state when received from the un-provisioned user.
  - 22. The apparatus of claim 20, wherein said electronic confirmation comprises a fingerprint of the digital certificate.
  - 23. The apparatus of claim 22, wherein said automated provisioner is further configured to:
    - compare the fingerprint of the digital certificate from said electronic confirmation with a fingerprint of the un-provisioned user'"'"'s digital certificate received from the un-provisioned user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Philips, Andrew B., Fisher, Mark

Granted Patent

US 7,827,599 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/175
CPC Class Codes

H04L 9/3263 involving certificates, e.g...

Self-service provisioning of digital certificates

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

7 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Self-service provisioning of digital certificates

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links