SYSTEMS AND METHODS FOR PROVIDING SECURE COMMUNICATION
First Claim
1. A system comprising:
- a client comprising a security agent that is configured to create a client certificate that corresponds to one or more client identifiers; and
a server comprising a server certificate, wherein said server is in communication with said security agent, and wherein said server is configured to;
facilitate establishing an initial mutually authenticated transport layer security (TLS) session with said client based on the client certificate and the server certificate;
extract the client certificate from said security agent when the initial mutually authenticated TLS session is established;
store the client certificate as being associated with only the corresponding one or more client identifiers;
categorize the association between the client certificate and the corresponding one or more client identifiers as being secure but not trusted for said client until the identity of said client has been verified; and
receive an indication that the identity of said client has been verified.
2 Assignments
0 Petitions
Accused Products
Abstract
A client includes a security agent configured to create a client certificate that corresponds to one or more client identifiers. A server includes a server certificate and is in communication with the security agent. The server is configured to facilitate establishing an initial mutually authenticated transport layer security (TLS) session with the client based on the client certificate and the server certificate. The server is also configured to extract the client certificate from the security agent once the TLS session is established. The server is configured to store the certificate as being associated with only the corresponding client identifier(s) and to categorize the association between the client certificate and the corresponding client identifier(s) as being secure but not trusted for the client until the identity of the client has been verified. Moreover, the server is configured to receive an indication that the identity of the client has been verified.
55 Citations
20 Claims
-
1. A system comprising:
-
a client comprising a security agent that is configured to create a client certificate that corresponds to one or more client identifiers; and a server comprising a server certificate, wherein said server is in communication with said security agent, and wherein said server is configured to; facilitate establishing an initial mutually authenticated transport layer security (TLS) session with said client based on the client certificate and the server certificate; extract the client certificate from said security agent when the initial mutually authenticated TLS session is established; store the client certificate as being associated with only the corresponding one or more client identifiers; categorize the association between the client certificate and the corresponding one or more client identifiers as being secure but not trusted for said client until the identity of said client has been verified; and receive an indication that the identity of said client has been verified. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. At least one computer-readable storage medium having computer-executable instructions embodied thereon, wherein, when executed by at least one processor, the computer-executable instructions cause the at least one processor to:
-
facilitate establishing an initial mutually authenticated transport layer security (TLS) session between a server that includes a server certificate and a client that includes a security agent that is configured to create a client certificate, wherein the initial mutually authenticated TSL session is established based on the client certificate and the server certificate; extract the client certificate from the security agent when the initial mutually authenticated TLS session is established; store the client certificate as being associated with only the corresponding one or more client identifiers; categorize the association between the client certificate and the corresponding one or more client identifiers as being secure but not trusted for the client until the identity of the client has been verified; and receive an indication that the identity of the client has been verified. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method of providing secure communication between a server and a client, the method comprising:
-
facilitating the establishment of an initial mutually authenticated transport layer security (TLS) session between a server that includes a server certificate and a client that includes a security agent that is configured to create a client certificate, wherein the initial mutually authenticated TSL session is established based on the client certificate and the server certificate; extracting the client certificate from the security agent when the initial mutually authenticated TLS session is established; storing the client certificate as being associated with only the corresponding one or more client identifiers; categorizing the association between the client certificate and the corresponding one or more client identifiers as being secure but not trusted for the client until the identity of the client has been verified; and receiving an indication that the identity of the client has been verified. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification