Multi-server location-independent authentication certificate management system
First Claim
1. An authentication certificate management apparatus comprising:
- means, responsive to a user initiating a request for issuance of an authentication certificate, for automatically generating an authentication certificate request, which has a predetermined format and content including a plurality of fields of data, wherein the means for automatically generating an authentication certificate request includes;
means for prompting said user to input at least one set of data for entry into at least one of said plurality of fields of data,means for verifying form and format of said user input data,means for automatically generating at least one set of data,means for processing said automatically generated at least one set of data and said user input data into said predetermined authentication certificate request format and content; and
means for transmitting said generated authentication certificate request to an authentication certificate granting authority.
2 Assignments
0 Petitions
Accused Products
Abstract
The multi-server, location-independent authentication certificate management system overcomes the limitations of the existing systems by automating the authentication certificate request, grant and installation processes. Much of the data used to create the authentication certificate request is readily available information, such as: requestor identification, Internet locus, date, time. The authentication certificate management system populates the certificate request with the available data and then prompts the user to provide the additional data in a simple manner, verifying the form and format of the input data. This automation of the authentication certificate request generation minimizes the number of malformed authentication certificate requests. In addition, the authentication certificate management system is capable of being installed on a shared basis, wherein multiple servers and/or multiple services are provided with the authentication certificate from a centralized source. The authentication certificate management system automatically tracks the expiration date of the authentication certificate and also ensures the secure storage of the RSA encryption cryptographic key pair as well as the authentication certificate itself.
231 Citations
38 Claims
-
1. An authentication certificate management apparatus comprising:
means, responsive to a user initiating a request for issuance of an authentication certificate, for automatically generating an authentication certificate request, which has a predetermined format and content including a plurality of fields of data, wherein the means for automatically generating an authentication certificate request includes; means for prompting said user to input at least one set of data for entry into at least one of said plurality of fields of data, means for verifying form and format of said user input data, means for automatically generating at least one set of data, means for processing said automatically generated at least one set of data and said user input data into said predetermined authentication certificate request format and content; and means for transmitting said generated authentication certificate request to an authentication certificate granting authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A method of providing network services to at least one application process on at least one target machine, the method comprising:
-
automatically generating, in response to a user initiating a request for issuance of an authentication certificate, an authentication certificate request, which has a predetermined format and content including a plurality of fields of data, wherein the step of automatically generating an authentication certificate request includes; prompting said user to input at least one set of data for entry into at least one of said plurality of fields of data, verifying form and format of said user input data, automatically generating at least one set of data, processing said automatically generated at least one set of data and said user input data into said predetermined authentication certificate request format and content; and transmitting said generated authentication certificate request to an authentication certificate granting authority. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. An authentication certificate management apparatus comprising:
-
means, responsive to a user initiating a request for issuance of an authentication certificate, for automatically generating an authentication certificate request, which has a predetermined format and content including a plurality of fields of data, wherein the means for automatically generating an authentication certificate request includes; means for prompting said user to input at least one set of data for entry into at least one of said plurality of fields of data, means for verifying form and format of said user input data, means for automatically generating at least one set of data, wherein the at least one set of data includes a private-public encryption cryptographic key pair, means for processing said automatically generated at least one set of data and said user input data into said predetermined authentication certificate request format and content; means for transmitting said generated authentication certificate request to an authentication certificate granting authority; means, responsive to receipt of a signed authentication certificate from said authentication certifying granting authority, for installing said signed authentication certificate on a server for at least one target machine, wherein the means for installing includes; means, responsive to a user inputting a password, for unlocking said private-public encryption cryptographic key pair, means for matching said signed authentication certificate with said private-public encryption cryptographic key pair and said stored authentication certificate request, means, responsive to a validated signed authentication certificate, for storing said validated signed authentication certificate in said server for said at least one target machine. - View Dependent Claims (19, 20, 24)
-
-
21. A method of providing network services to at least one application process on at least one target machine, the method comprising:
-
automatically generating, in response to a user initiating a request for issuance of an authentication certificate, an authentication certificate request, which has a predetermined format and content including a plurality of fields of data, wherein the step of automatically generating an authentication certificate request includes; prompting said user to input at least one set of data for entry into at least one of said plurality of fields of data, verifying form and format of said user input data, automatically generating at least one set of data, wherein the at least one set of data includes a private-public encryption cryptographic key pair, processing said automatically generated at least one set of data and said user input data into said predetermined authentication certificate request format and content; transmitting said generated authentication certificate request to an authentication certificate granting authority; installing, in response to receipt of a signed authentication certificate from said authentication certifying granting authority, said signed authentication certificate on a server for at least one target machine, wherein the step of installing includes; unlocking, in response to a user inputting a password, said private-public encryption cryptographic key pair, matching said signed authentication certificate with said private-public encryption cryptographic key pair and said stored authentication certificate request, storing, in response to a validated signed authentication certificate, said validated signed authentication certificate in said server for said at least one target machine. - View Dependent Claims (22, 23)
-
-
25. A method of generating an authentication certificate request, the method comprising:
-
prompting a user to input at least one set of data for entry into at least one field of data in the authentication certificate request; verifying form and format of said user input data; generating at least one set of data for entry into at least one field of data in the authentication certificate request; processing said automatically generated data and said user input data to create an authentication certificate request, wherein the authentication certificate request complies with a predetermined authentication certificate request format and content, and wherein the authentication certificate request is capable of being transmitted to an authentication certificate granting authority. - View Dependent Claims (26, 27, 28, 29)
-
-
30. One or more computer-readable media having stored thereon a computer program comprising the following steps:
-
prompting a user to input at least one set of data for entry into at least on field of data in an authentication certificate request; verifying form and format of said user input data; automatically generating at least one set of data for entry into at least one field of data in the authentication certificate request; processing said user input data and said automatically generated data to create an authentication certificate request, wherein the authentication certificate request complies with a predetermined authentication certificate request format and content, and wherein the authentication certificate request is capable of being transmitted to an authentication certificate granting authority. - View Dependent Claims (31, 32)
-
-
33. An authentication certificate management apparatus comprising:
-
an interface module to prompt a user to input at least one set of data for entry into at least one of a plurality of data fields; a verification module to verify form and format of said data input by the user; a data generation module to automatically generate at least one set of data; a processor to process the data input by the user and the automatically generated data into an authentication certificate request having a predetermined format and content; and a transmitter to transmit the authentication certificate request to an authentication certificate granting authority. - View Dependent Claims (34, 35, 36, 37, 38)
-
Specification