METHOD AND APPARATUS FOR INITIAL CERTIFICATE ENROLLMENT IN A WIRELESS COMMUNICATION SYSTEM
First Claim
1. A method for providing initial certification enrollment in a wireless communication system, the method comprising:
- establishing, by a first mobile device, a first wireless connection with an infrastructure;
establishing, by the first mobile device, a second wireless connection with a second mobile device;
receiving, by the first mobile device, a first certification request from the second mobile device and over the second wireless connection, wherein the first certification request comprises a request for a digital certificate for the second mobile device and first biometric data associated with a user of the first mobile device;
obtaining second biometric data, wherein the second biometric data is associated with a user of the second mobile device;
conveying a second certification request to the infrastructure and over the first wireless connection, wherein the second certification request comprises the request for the digital certificate for the second mobile device, the first biometric data, and the second biometric data;
in response to conveying the second certification request to the infrastructure, receiving, from the infrastructure and over the first wireless connection, the digital certificate for the second mobile device; and
conveying, to the second mobile device over the second wireless connection, the digital certificate.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus are provided for initial certification enrollment in a wireless communication system. A first mobile device establishes a first wireless connection with an infrastructure and a second wireless connection with a second mobile device. The first mobile device receives, from the second mobile device, a first certification request that includes a request for a digital certificate for the second mobile device and first biometric data associated with a user of the first mobile device. The first mobile device obtains second biometric data associated with a user of the second mobile device and conveys a second certification request to the infrastructure that includes the request for the digital certificate for the second mobile device and the first and second biometric data. The first mobile device then receives, from the infrastructure, the digital certificate for the second mobile device and forwards, to the second mobile device, the digital certificate.
26 Citations
20 Claims
-
1. A method for providing initial certification enrollment in a wireless communication system, the method comprising:
-
establishing, by a first mobile device, a first wireless connection with an infrastructure; establishing, by the first mobile device, a second wireless connection with a second mobile device; receiving, by the first mobile device, a first certification request from the second mobile device and over the second wireless connection, wherein the first certification request comprises a request for a digital certificate for the second mobile device and first biometric data associated with a user of the first mobile device; obtaining second biometric data, wherein the second biometric data is associated with a user of the second mobile device; conveying a second certification request to the infrastructure and over the first wireless connection, wherein the second certification request comprises the request for the digital certificate for the second mobile device, the first biometric data, and the second biometric data; in response to conveying the second certification request to the infrastructure, receiving, from the infrastructure and over the first wireless connection, the digital certificate for the second mobile device; and conveying, to the second mobile device over the second wireless connection, the digital certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A mobile device capable of facilitating initial certification enrollment in a wireless communication system, the mobile device comprising:
-
a processor; an at least one memory device that is configured to store instructions that, when executed by the processor, cause the processor to; establish a first wireless connection with an infrastructure; establish a second wireless connection with another mobile device; receive a first certification request from the another mobile device and over the second wireless connection, wherein the first certification request comprises a request for a digital certificate for the another mobile device and first biometric data associated with a user of the mobile device; obtain second biometric data, wherein the second biometric data is associated with a user of the another mobile device; convey a second certification request to the infrastructure and over the first wireless connection, wherein the second certification request comprises the request for the digital certificate for the another mobile device, the first biometric data, and the second biometric data; in response to conveying the second certification request to the infrastructure, receive, from the infrastructure and over the first wireless connection, the digital certificate for the another mobile device; and convey, to the another mobile device over the second wireless connection, the digital certificate. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A public key infrastructure (PKI) device comprising:
-
a processor; an at least one memory device that is configured to store instructions that, when executed by the processor, cause the processor to; receive, from a first mobile device, a certification request comprising a request for a digital certificate for a second mobile device, first biometric data associated with a user of the first mobile device, and second biometric data associated with a user of the second mobile device; verify an identity of the user of the first mobile device and an identity of the user of the second mobile device based on the first biometric data and the second biometric data; and issue the digital certificate in response to verifying the identity of the user of the first mobile device and the identity of the user of the second mobile device. - View Dependent Claims (19)
-
-
20. A public key infrastructure (PKI) device comprising:
-
a processor; an at least one memory device that is configured to maintain; a Certificate Revocation List (CRL); and a Certificate Authorization List (CAL), wherein the CAL comprises a list of digital certificate serial numbers or hashes of digital certificate serial numbers that are associated with mobile devices that are authorized to participate in a given incident response.
-
Specification