METHODS AND SYSTEMS FOR MANAGING IDENTITY MANAGEMENT SECURITY DOMAINS
First Claim
1. A security domain manager comprising:
- a first module configured to provide a digital certificate; and
a second module configured to provide a registry of security domains to which root certificate authorities belong.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide identity management security domains that may be used in an enterprise security system. A security domain provides a centralized registry of services provided by the enterprise security system. For example, certificate authorities and other services, such as key archives, and the like, in the enterprise security system may register information about themselves in the security domain. Authorized users can then discover the location of these services. In some embodiments, the security domain may provide an interface that indicates a topology between services of the enterprise security system. The security domain may also serve as a distribution point for security policies. A security policy may comprise information that indicates, for example, a set of trusted certificate authorities, certificate templates, certificate revocation lists, and the locations of the services in the enterprise security system.
-
Citations
13 Claims
-
1. A security domain manager comprising:
-
a first module configured to provide a digital certificate; and a second module configured to provide a registry of security domains to which root certificate authorities belong. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for distributing a certificate revocation list by a security domain, said method comprising:
-
retrieving destinations for the certificate revocation list from a security domain; and distributing the security policies comprising trusted certificate authorities and certificate revocation list to the destinations from the security domain. - View Dependent Claims (10, 11, 12, 13)
-
Specification