MULTI-FACTOR CERTIFICATE AUTHORITY
First Claim
1. A computer readable medium having a plurality of instructions configured to enable a certificate authority server of a certificate authority, in response to execution of the instructions by a processor of the certificate authority server, to:
- receive a certificate request to provide a multi-factor digital security certificate, wherein the certificate request includes a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device;
digitally sign the certificate request, and associate the cryptographic key with the plurality of factors to generate the digital security certificate, wherein the co-existence of the plurality of factors and the cryptographic key in the digital security certificate implicitly binds the plurality of factors to each other, and to the cryptographic key; and
issue the digital security certificate to respond to the certificate request.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed herein is a certificate authority server configured to provide multi-factor digital certificates. A processor readable medium may include a plurality of instructions configured to enable a certificate authority server of a certificate authority, in response to execution of the instructions by a processor, to receive a request to provide a multi-factor digital security certificate by digitally signing a certificate request having a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device. The instructions are also configured to enable the certificate authority server to associate the cryptographic key with the plurality of factors and issue the digital security certificate based on the certificate request. Also disclosed is a method of using a multi-factor digital certificate as part of the authorization process to implicitly bind the plurality of factors. Other embodiments may be described and claimed.
31 Citations
22 Claims
-
1. A computer readable medium having a plurality of instructions configured to enable a certificate authority server of a certificate authority, in response to execution of the instructions by a processor of the certificate authority server, to:
-
receive a certificate request to provide a multi-factor digital security certificate, wherein the certificate request includes a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device; digitally sign the certificate request, and associate the cryptographic key with the plurality of factors to generate the digital security certificate, wherein the co-existence of the plurality of factors and the cryptographic key in the digital security certificate implicitly binds the plurality of factors to each other, and to the cryptographic key; and issue the digital security certificate to respond to the certificate request. - View Dependent Claims (2, 3, 4, 5, 7)
-
-
8. A method, comprising:
-
receiving, by a certificate authority server, a certificate request to provide a multi-factor digital security certificate, wherein the certificate request includes a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device; digitally signing the certificate request, by the certificate authority server, and associating the cryptographic key with the plurality of factors to generate the digital security certificate, wherein the co-existence of the plurality of factors and the cryptographic key in the digital security certificate implicitly binds the plurality of factors to each other, and to the cryptographic key; and issuing, by the certificate authority server, the digital security certificate to respond to the certificate request. - View Dependent Claims (9, 10, 11)
-
-
12. An apparatus, comprising:
-
a network interface; and a processor communicatively coupled to the network interface, the processor configured to; receive a certificate request to provide a multi-factor digital security certificate, wherein the certificate request includes a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device; digitally sign the certificate request, and associate the cryptographic key with the plurality of factors to generate the digital security certificate, wherein the co-existence of the plurality of factors and the cryptographic key in the digital security certificate implicitly binds the plurality of factors to each other, and to the cryptographic key; and issue the digital security certificate to respond to the certificate request. - View Dependent Claims (13)
-
-
14. A computer readable medium having a plurality of instructions configured to enable a server, in response to execution of the instructions by a processor of the server, to:
-
receive a multi-factor digital security certificate, wherein the multi-factor digital security certificate includes a plurality of factors, a cryptographic key, and a signature of a certificate authority, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device; authenticate the multi-factor digital security certificate, wherein the co-existence of the plurality of factors and the cryptographic key in the digital security certificate implicitly binds the plurality of factors to each other, and to the cryptographic key; and establish a connection with the device based on the cryptographic key. - View Dependent Claims (6, 15, 16, 17)
-
-
18. A computer readable medium having a plurality of instructions configured to enable an electronic device, in response to execution of the instructions by a processor of the electronic device, to:
-
authorize use of a multi-factor digital security certificate by a user, wherein the multi-factor digital security certificate includes a plurality of factors, a cryptographic key, and a signature of a certificate authority, wherein a first of the plurality of factors is an identifier of the electronic device and a second of the plurality of factors is an identifier of the user of the electronic device; and transmit the multi-factor digital security certificate to a server to establish a secure connection between the electronic device and the server. - View Dependent Claims (19, 20, 21)
-
-
22-25. -25. (canceled)
Specification