Security certificate management
First Claim
1. A method for initiating a secure link between a mobile platform system and a remote system without manual intervention, said method comprising:
- generating and digitally signing a static certificate;
issuing the static certificate to at least one onboard computer system (OCS) of the mobile platform;
automatically generating a dynamic certificate utilizing the OCS and digitally signing the dynamic certificate with the static certificate;
transmitting the dynamic certificate to at least one central computer system (CCS) located remotely from the mobile platform over a communications link between the OCS and the CCS; and
verifying that the dynamic certificate is from a trusted source utilizing the CCS, thereby initiating a secure link between the OCS and the CCS.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for establishing a mutually authenticated secure link between a mobile platform system and a remote system is provided. An onboard computer system (OCS) generates a dynamic certificate and digitally signs the dynamic certificate with a static certificate. The dynamic certificate is transmitted to a remote central computer system (CCS). The CCS verifies that the dynamic certificate is from a trusted source and sends a return dynamic certificate electronically signed with the static certificate to the OCS. The OCS verifies the return dynamic certificate is from the CCS, thereby establishing a mutually authenticated secure link between the OCS and the CCS.
135 Citations
19 Claims
-
1. A method for initiating a secure link between a mobile platform system and a remote system without manual intervention, said method comprising:
-
generating and digitally signing a static certificate;
issuing the static certificate to at least one onboard computer system (OCS) of the mobile platform;
automatically generating a dynamic certificate utilizing the OCS and digitally signing the dynamic certificate with the static certificate;
transmitting the dynamic certificate to at least one central computer system (CCS) located remotely from the mobile platform over a communications link between the OCS and the CCS; and
verifying that the dynamic certificate is from a trusted source utilizing the CCS, thereby initiating a secure link between the OCS and the CCS. - View Dependent Claims (2, 4, 5, 6, 7, 8, 9)
-
-
3. The method of 2, wherein issuing the static certificate further comprises executing a first portion of an authentication software application (ASA1) stored in the OCS upon turning on the OCS to delete preexisting pertinent authorization, authentication and static certificate data stored in the OCS, and load the configuration file into the OCS.
-
10. A method for establishing a mutually authenticated secure link between a mobile platform system and a remote system, said method comprising:
-
generating and digitally signing a static certificate;
storing the static certificate in an electronic storage device (ESD) of at least one central computer system (CCS) located remotely from the mobile platform;
issuing the static certificate to at least one onboard computer system (OCS) of the mobile platform;
automatically generating a dynamic certificate utilizing the OCS and digitally signing the dynamic certificate with the static certificate;
transmitting the dynamic certificate to the CCS over a communications link initiated between the OCS and the CCS; and
verifying, utilizing the CCS, that the dynamic certificate is from a trusted source;
sending a return dynamic certificate electronically signed with the static certificate from the CCS to the OCS; and
verifying, utilizing the OCS, that the return dynamic certificate is from the CCS, thereby establishing a mutually authenticated link between the OCS and the CCS. - View Dependent Claims (11, 12, 13, 14, 19)
-
-
15. A system for establishing a mutually authenticated secure communications link between a mobile platform and a remote computer network, said system comprising:
-
at least one onboard computer system (OCS) of the mobile platform including a OCS processor adapted to execute a first portion of an authentication software application (ASA1) stored in the OCS; and
at least one central computer system (CCS) located remotely from the mobile platform adapted to wirelessly communicate with the OCS, the CCS including a CCS processor adapted to execute a second portion of the authentication software application (ASA2) stored in the CCS;
wherein execution of the ASA1 is adapted to;
automatically generate and digitally sign a dynamic certificate with a static certificate created by a mobile platform provider computer system and issued by the CCS; and
automatically transmit the dynamic certificate to the CCS via a wireless communication link between the OCS and the CCS; and
wherein execution of the ASA1 is adapted to;
store the static certificate in an electronic storage device (ESD) of the CCS;
issue the static certificate to OCS;
verify that the dynamic certificate is signed with the static certificate; and
send a return dynamic certificate electronically signed with the static certificate to the OCS to establish a mutually authenticated link between the OCS and the CCS. - View Dependent Claims (16, 17, 18)
-
Specification