Method and apparatus for centralizing processing of key and certificate life cycle management
First Claim
1. A method for centralized processing of key and certificate life cycle management, the method comprises the steps of:
- a) detecting security activation;
b) when the security activation is detected, accessing a repository of security information to retrieve relevant security information;
c) interpreting the relevant security information to determine when local security parameters have been identified to be changed;
d) when the local security parameters have been identified to be changed, updating the local security parameters to produce updated local security parameters;
e) receiving access requests from a plurality of software applications, wherein the access requests are each requesting that data created via a corresponding one of the plurality of software applications be secured; and
f) securing the data based on one of the local security parameters and the updated local security parameters.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for centralizing the processing of key and certificate life-cycle management is accomplished when security activation of a communication device has been detected. Security activation may occur at log-on of the secure communication device (e.g., a personal computer equipped with a security application, or applications), at activation of a security application, or at re-authentication of a security application. Once the security activation has been detected, the secured communication device accesses a depository of security information to retrieve relevant security information. The secured communication device then interprets the relevant security information to determine when local security parameters are to be changed. When local security parameters (e.g., encryption key pair, a corresponding encryption public key certificate, a signing key pair, and/or a corresponding verification public key certificate) are to be changed, the local security parameters are updated. Having done this, the secured communication device is then receptive to receiving access requests from a plurality of software applications. The access requests are each requesting that data created by a corresponding one of the plurality of software application be secured via the security application. In response to the request, the data is secured based on either the updated local security parameters or the existing local security parameters.
73 Citations
26 Claims
-
1. A method for centralized processing of key and certificate life cycle management, the method comprises the steps of:
-
a) detecting security activation; b) when the security activation is detected, accessing a repository of security information to retrieve relevant security information; c) interpreting the relevant security information to determine when local security parameters have been identified to be changed; d) when the local security parameters have been identified to be changed, updating the local security parameters to produce updated local security parameters; e) receiving access requests from a plurality of software applications, wherein the access requests are each requesting that data created via a corresponding one of the plurality of software applications be secured; and f) securing the data based on one of the local security parameters and the updated local security parameters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for centralized processing of key and certificate life cycle management, the method comprises the steps of:
-
a) detecting security activation; b) when the security activation is detected, obtaining relevant security information; c) updating local security parameters with at least a portion of the relevant security information to produce updated local security parameters; d) receiving access requests from a plurality of software applications, wherein the access requests are each requesting that data created via a corresponding one of the plurality of software applications be secured; and e) securing the data based on the updated local security parameters. - View Dependent Claims (12, 13, 14)
-
-
15. A secure communication device that includes key and certificate life cycle management, the secure communication device comprises:
-
security activation module operably coupled to detect security activation of the secure communication device; security parameter module operably coupled to the security activation module, wherein the security parameter module obtains relevant security information of the secure communication device when the security activation is detected, and wherein the security parameters module updates local security information based on the relevant security information; security service provider module operably coupled to the security parameter module; and application programmatic interface operably coupled to the security service provider module and a plurality of software applications, wherein, when one of the plurality of software applications has data to be secured, the application programmatic interface operably couples the one of the plurality of software applications with the security service provider module, and wherein the security service provider module secures the data based on the local security parameters. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A digital storage medium for storing programming instructions that, when read by a processing unit, causes the processing unit to centralize processing of key and certificate life cycle management, the digital storage medium comprises:
-
first storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to detect security activation; second storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to access a repository of security information to retrieve relevant security information when the security activation is detected; third storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to interpret the relevant security information to determine when local security parameters have been identified to be changed; fourth storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to update the local security parameters to produce updated local security parameters when the local security parameters have been identified to be changed; fifth storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to receive access requests from a plurality of software applications, wherein the access requests are each requesting that data created via a corresponding one of the plurality of software applications be secured; and sixth storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to secure the data based on one of;
the local security parameters and the updated local security parameters. - View Dependent Claims (22, 23, 26)
-
-
24. A digital storage medium for storing programming instructions that, when read by a processing unit, causes the processing unit to centralize processing of key and certificate life cycle management, the digital storage medium comprises:
-
first storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to detecting security activation; second storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to obtain relevant security information when the security activation is detected; third storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to update local security parameters with at least a portion of the relevant security information to produce updated local security parameters; fourth storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to receive access requests from a plurality of software applications, wherein the access requests are each requesting that data created via a corresponding one of the plurality of software applications be secured; and fifth storage means for storing programming instructions that, when read by the processing unit, causes the processing unit to secure the data based on the updated local security parameters. - View Dependent Claims (25)
-
Specification