SECURE STORAGE OF ENTERPRISE CERTIFICATES FOR CLOUD SERVICES

US 20170048215A1
Filed: 02/04/2016
Published: 02/16/2017
Est. Priority Date: 08/14/2015
Status: Active Grant

First Claim

Patent Images

1. A computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to perform secure storage of certificate keys, the performing comprising:

receiving a user password and a certificate that is locked by the user password, wherein the certificate is configured to be used for signing binaries of an application;

sending, to a build server, the user password and the certificate that is locked by the user password;

receiving, from the build server, a first portion of a certificate key and the certificate that is locked by the certificate key; and

storing the first portion of the certificate key and the certificate that is locked by the certificate key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system performs secure storage of certificate keys. The system receives a user password and a certificate that is locked by the user password. The certificate is configured to be used for signing binaries of an application. The system sends, to a build server, the user password and the certificate that is locked by the user password. The system then receives, from the build server, a first portion of a certificate key and the certificate that is locked by the certificate key, and stores the first portion of the certificate key and the certificate that is locked by the certificate key.

137 Citations

20 Claims

1. A computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to perform secure storage of certificate keys, the performing comprising:
- receiving a user password and a certificate that is locked by the user password, wherein the certificate is configured to be used for signing binaries of an application;
  
  sending, to a build server, the user password and the certificate that is locked by the user password;
  
  receiving, from the build server, a first portion of a certificate key and the certificate that is locked by the certificate key; and
  
  storing the first portion of the certificate key and the certificate that is locked by the certificate key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer readable medium of claim 1, wherein the build server unlocks the certificate with the user password, imports the certificate into a keychain, and exports the certificate from the keychain by locking the certificate with the certificate key.
  - 3. The computer readable medium of claim 2, wherein the certificate key includes the first portion and a second portion, wherein the build server constructs the certificate key by using the first portion and the second portion.
  - 4. The computer readable medium of claim 3, wherein the first portion of the certificate key is unique to the certificate.
  - 5. The computer readable medium of claim 3, wherein the first portion of the certificate key is a nonce
  - 6. The computer readable medium of claim 3, wherein the second portion of the certificate key is a machine key stored on the build server.
  - 7. The computer readable medium of claim 3, wherein the second portion of the certificate key is a secure password previously generated on the build server.
  - 8. The computer readable medium of claim 1, wherein the first portion of the certificate key and the certificate that is locked by the certificate key are stored on a tenant database by an application development server.
  - 9. The computer readable medium of claim 1, wherein, after the storing, an application development server receives a request for building the application.
  - 10. The computer readable medium of claim 9, wherein the application development server sends, to the build server, a build request for building the application, the first portion of the certificate key, and the certificate that is locked by the certificate key.
  - 11. The computer readable medium of claim 10, wherein the build server determines the second portion of the certificate key, constructs the certificate key based on the first portion and the second portion, and unlocks the certificate by the certificate key.
  - 12. The computer readable medium of claim 11, wherein the build server builds the binaries of the application and signs the binaries of the application using the certificate.

13. A method for secure storage of certificate keys, comprising:
- receiving a user password and a certificate that is locked by the user password, wherein the certificate is configured to be used for signing binaries of an application;
  
  sending, to a build server, the user password and the certificate that is locked by the user password;
  
  receiving, from the build server, a first portion of a certificate key and the certificate that is locked by the certificate key; and
  
  storing the first portion of the certificate key and the certificate that is locked by the certificate key.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method of claim 13, wherein the build server unlocks the certificate with the user password, imports the certificate into a keychain, and exports the certificate from the keychain by locking the certificate with the certificate key.
  - 15. The method of claim 14, wherein the certificate key includes the first portion and a second portion, wherein the build server constructs the certificate key by using the first portion and the second portion.
  - 16. The method of claim 15, wherein the first portion of the certificate key is unique to the certificate.
  - 17. The method of claim 15, wherein the first portion of the certificate key is a nonce
  - 18. The method of claim 15, wherein the second portion of the certificate key is a machine key stored on the build server.
  - 19. The method of claim 15, wherein the second portion of the certificate key is a secure password previously generated on the build server.

20. A system for secure storage of certificate keys, comprising:
- a receiving unit that receives a user password and a certificate that is locked by the user password, wherein the certificate is configured to be used for signing binaries of an application;
  
  a sending unit that sends, to a build server, the user password and the certificate that is locked by the user password;
  
  the receiving unit further receiving, from the build server, a first portion of a certificate key and the certificate that is locked by the certificate key; and
  
  a storing unit that stores the first portion of the certificate key and the certificate that is locked by the certificate key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
STRAUB, Christian David

Granted Patent

US 10,013,668 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 10/087   Inventory or stock manageme...

G06Q 30/0603   Catalogue ordering

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

SECURE STORAGE OF ENTERPRISE CERTIFICATES FOR CLOUD SERVICES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

137 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE STORAGE OF ENTERPRISE CERTIFICATES FOR CLOUD SERVICES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

137 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links