Secure server using public key registration and methods of operation
First Claim
1. Apparatus for use in establishing a secure exchange of information between an end user and a server in a distributed network environment, the apparatus comprising:
- a network-based controller associated with the server and operative to;
(i) control one or more secure areas accessible by one or more authenticated entities for storing data and for executing one or more processes;
(ii) interact with a registration authority, via one of the secure areas, for registering to obtain certification information for use by the end user in establishing a secure exchange of information between the end user and the server, wherein the secure area through which the controller and the registration authority interact is operative to execute a registration process for use in registering the end user to obtain the certification information; and
(iii) interact with a certification authority, via one of the secure areas, for obtaining the certification information, wherein the secure area through which the controller and the certification authority interact is operative to execute a certification process for use in at least one of issuing, renewing and revoking the certification information.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure-end-to-end communication system for electronic business system and method of operation, e.g., the Internet, includes a web server—vault controller having personal storage vaults in the controller for users, registration and certification authorities. Each personal vault runs programs on the controller under a unique UNIX user ID. Data storage is provided by the controller wherein the storage is owned by the same user ID assigned to the vault. A registration authority running as a software application in the controller processes requests to issue, renew and revoke digital certificates issued by a certification authority using two pairs of public-private keys. The registration authority interacts with the vault controller to decide whether an applicant qualifies to receive a digital certificate. The certification authority running as software application in the controller includes a certificate management system that provides services such as issuing, revoking, suspending, resuming, and renewing a user'"'"'s right to digital certificates.
98 Citations
23 Claims
-
1. Apparatus for use in establishing a secure exchange of information between an end user and a server in a distributed network environment, the apparatus comprising:
a network-based controller associated with the server and operative to;
(i) control one or more secure areas accessible by one or more authenticated entities for storing data and for executing one or more processes;
(ii) interact with a registration authority, via one of the secure areas, for registering to obtain certification information for use by the end user in establishing a secure exchange of information between the end user and the server, wherein the secure area through which the controller and the registration authority interact is operative to execute a registration process for use in registering the end user to obtain the certification information; and
(iii) interact with a certification authority, via one of the secure areas, for obtaining the certification information, wherein the secure area through which the controller and the certification authority interact is operative to execute a certification process for use in at least one of issuing, renewing and revoking the certification information.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
12. A method for use in establishing a secure exchange of information between an end user and a server in a distributed network environment, the method comprising the steps of:
-
in accordance with a network-based controller associated with the server, the controller;
controlling one or more secure areas accessible by one or more authenticated entities for storing data and for executing one or more processes;
interacting with a registration authority, via one of the secure areas, for registering to obtain certification information for use by the end user in establishing a secure exchange of information between the end user and the server, wherein the secure area through which the controller and the registration authority interact is operative to execute a registration process for use in registering the end user to obtain the certification information; and
interacting with a certification authority, via one of the secure areas, for obtaining the certification information, wherein the secure area through which the controller and the certification authority interact is operative to execute a certification process for use in at least one of issuing, renewing and revoking the certification information. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. An article of manufacture for use in establishing a secure exchange of information between an end user and a server in a distributed network environment, comprising a machine readable medium containing one or more programs which when executed implement the steps of:
-
in accordance with a network-based controller associated with the server, the controller;
controlling one or more secure areas accessible by one or more authenticated entities for storing data and for executing one or more processes;
interacting with a registration authority, via one of the secure areas, for registering to obtain certification information for use by the end user in establishing a secure exchange of information between the end user and the server, wherein the secure area through which the controller and the registration authority interact is operative to execute a registration process for use in registering the end user to obtain the certification information; and
interacting with a certification authority, via one of the secure areas, for obtaining the certification information, wherein the secure area through which the controller and the certification authority interact is operative to execute a certification process for use in at least one of issuing, renewing and revoking the certification information.
-
Specification