Document management system with public key infrastructure

US 20070055882A1
Filed: 09/08/2005
Published: 03/08/2007
Est. Priority Date: 09/08/2005
Status: Active Grant

First Claim

Patent Images

1. Apparatus comprising:

a document management system;

a private certificate authority private to the document management system, the private certificate authority including a certificate authority public key, a certificate authority private key, a key pair generator to generate key pairs for respective authorized users of the document management system, a digital certificate issuer to issue digital certificates regarding the respective authorized users of the of the document management system, and a certificate revocation mechanism to support a certificate revocation list; and

the private certificate authority including software instantiated by or with the document management system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus are provided, including a document management system and a private certificate authority. The private certificate authority is private to the document management system, and includes a certificate authority public key, a certificate authority private key, a key pair generator, and a digital certificate issuer. The key pair generator generates key pairs for respective authorized users of the document management system. The digital certificate issuer issues digital certificates regarding the respective authorized users of the document management system. The private certificate authority includes software instantiated by or with the document management system.

Citations

20 Claims

1. Apparatus comprising:
- a document management system;
  
  a private certificate authority private to the document management system, the private certificate authority including a certificate authority public key, a certificate authority private key, a key pair generator to generate key pairs for respective authorized users of the document management system, a digital certificate issuer to issue digital certificates regarding the respective authorized users of the of the document management system, and a certificate revocation mechanism to support a certificate revocation list; and
  
  the private certificate authority including software instantiated by or with the document management system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The apparatus according to claim 1, wherein the private certificate authority is within a firewall of the document management system.
  - 3. The apparatus according to claim 1, wherein the private certificate authority includes a security interface compatible with a security interface of the document management system.
  - 4. The apparatus according to claim 3, wherein the security interface of the private certificate authority and of the document management system include a secure Internet mail interface.
  - 5. The apparatus according to claim 4, wherein the secure internet mail interface includes an S/MIME internet mail interface.
  - 6. The apparatus according to claim 1, wherein the private certificate authority includes software installed on a platform concurrently with installation of the document management system on the same platform.
  - 7. The apparatus according to claim 1, wherein the private certificate authority includes software installed subsequent to an installation of the document management system.
  - 8. The apparatus according to claim 7, wherein the document management system further includes an option that can be selected by a user to provide a private certificate authority for public key infrastructure capabilities of the document management system.
  - 9. The apparatus according to claim 1, further comprising a document management system account creation portion of the document management system, the document management system account creation portion including a user information input, an account creator, and an account denying mechanism, the user information input receiving user-specific information from a prospective document management system account holder.
  - 10. The apparatus according to claim 9, wherein the user-specific information includes a name, a user name, a password, and an email address.
  - 11. The apparatus according to claim 9, further comprising a private certificate authority communication mechanism to send at least portions of the user-specific information to the private certificate authority, the private certificate authority incorporating the sent user-specific information into the issuance of the digital certificate for a given document management system account holder and the generation of a key pair for the given document management system account holder.
  - 12. The apparatus according to 11, wherein an alias associated with the key pair for the given document management system account holder is based on the user-specific information of the given document management account holder.
  - 13. The apparatus according to claim 11, wherein a given authorized user digital certificate issued by the private certificate authority includes a digital certificate password for access to the digital certificate, the digital certificate password being the same as a password of the given document management system account holder.
  - 14. The apparatus according to claim 8, further comprising a private certificate authority facilitator, responsive to the creation of a document management system account for a document management system user, to allow or request a private certificate authority to generate a document management system user key pair and to issue a document management system user digital certificate.
  - 15. The apparatus according to claim 14, wherein the private certificate authority facilitator includes a mechanism to automatically cause a private certificate authority to generate a document management system user key pair and to issue a document management system digital certificate when the document management system account is created for the given document management system user.

16. A method comprising:
- managing storage, naming, and access to documents through a document management system installed on a given computer platform; and
  
  providing a private certificate authority private to the document management system, the private certificate authority including a certificate authority public key and a certificate authority private key, generating key pairs for respective authorized users of the document management system, and issuing digital certificates regarding the respective authorized users of the document management system; and
  
  using the document management system storage, access control, and download mechanisms to maintain and issue keys and certificates.
- View Dependent Claims (17, 18)
- - 17. The method according to claim 16, further comprising providing a document management system account creation portion of the document management system, and providing a user information input to receive user-specific information from a prospective document management system account holder.
  - 18. The method according to claim 17, further comprising providing a private certificate authority communication mechanism to send at least portions of the user-specific information for a given document management system account holder to the private certificate authority, the private certificate authority incorporating the sent user-specific information into the issuance of a digital certificate and into the generation of a key pair for the given document management system account holder.

19. Machine-readable media encoded with data, the data being interoperable with a machine to cause:
- managing storage, naming, and access to documents through a document management system installed on a given computer platform; and
  
  providing a private certificate authority private to the document management system, the private certificate authority including a certificate authority public key and certificate authority private key, generating key pairs for respective authorized users of the document management system, and issuing digital certificates regarding the respective authorized users of the document management system; and
  
  using the document management system storage, access control, and download mechanisms to maintain and issue keys and certificates.
- View Dependent Claims (20)
- - 20. The method according to claim 19, further comprising providing a private certificate authority communication mechanism to send at least portions of user-specific information for a given document management system account holder to the private certificate authority, the private certificate authority incorporating the sent user-specific information into the issuance of a digital certificate and into the generation of a key pair for the given document management system account holder.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xerox Corporation (Xerox Holdings Corp.)
Original Assignee
Xerox Corporation (Xerox Holdings Corp.)
Inventors
Austin, Paul, Gaucas, Dale

Granted Patent

US 8,166,525 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/175
CPC Class Codes

H04L 2209/603   Digital right managament [DRM]

H04L 63/0823   using certificates cryptogr...

H04L 9/3268   using certificate validatio...

Document management system with public key infrastructure

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Document management system with public key infrastructure

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links