Authentication with expiring binding digital certificates
First Claim
1. A system for authenticating a client for access to a business service of a firm, the system comprising:
- a computer-implemented system configured to;
verify the identity of the client and thereafter create a binding between a digital certificate and the client, wherein the binding is configured to expire after a period of time; and
verify the validity of the digital certificate and the binding.
1 Assignment
0 Petitions
Accused Products
Abstract
In various embodiments of the present invention systems and methods for authenticating a client for access to a business service of a firm and methods of creating a binding between a client'"'"'s public key and a client identifier are provided. In one embodiment, the present invention is directed to a system for authenticating a client for access to a business service of a firm. The system may include a computer-implemented system. The computer-implemented system may be configured to verify the identity of the client and thereafter create a binding between a digital certificate and the client, wherein the binding is configured to expire after a period of time. The computer-implemented system may also be configured to verify the validity of the digital certificate and the binding.
-
Citations
29 Claims
-
1. A system for authenticating a client for access to a business service of a firm, the system comprising:
a computer-implemented system configured to;
verify the identity of the client and thereafter create a binding between a digital certificate and the client, wherein the binding is configured to expire after a period of time; and
verify the validity of the digital certificate and the binding. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
20. A method of authenticating a client for access to a business service of a firm, the method comprising:
-
verifying the identity of the client;
creating a first binding between a digital certificate and the client, wherein the binding comprises a representation of the digital certificate associated with a representation of the client, wherein the first binding expires after a period of time, and wherein the digital certificate is stored at a first location;
checking the validity of the digital certificate; and
checking whether the digital certificate is validly bound to the client.
-
-
21. A computer readable medium containing instructions that when executed by a processor cause the processor to perform a method of authenticating a client for access to a business service of a firm, the method comprising the steps of:
-
verifying the identity of the client;
creating a first binding between a digital certificate and the client, wherein the binding comprises a representation of the digital certificate associated with a representation of the client, wherein the first binding expires after a period of time, and wherein the digital certificate is stored at a first location;
checking the validity of the digital certificate; and
checking whether the digital certificate is validly bound to the client.
-
-
22. A method of creating a binding between a client'"'"'s public key and the client, comprising:
-
verifying the identity of the client with a token;
associatively storing a representation of the public key, a representation of the client, and a representation of an expiration date for the binding; and
permitting the client to access a client service system upon verification that the public key presented by the client matches the public key associatively stored with the representation of the client, and that the expiration date for the binding has not expired, wherein the permitting occurs without requiring use of the client token for the verification. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29)
-
Specification