Cryptographic server with provisions for interoperability between cryptographic systems
First Claim
Patent Images
1. A method of performing remote requests for cryptographic functions on a secure server, the method comprising:
- associating a user from multiple users with one or more keys from a plurality of private cryptographic keys stored on a secure server;
receiving a request for one or more cryptographic functions from an application executing on a remote computing device;
accessing the one or more keys; and
performing one or more cryptographic functions corresponding to the request using the one or more keys;
wherein the step of accessing the one or more keys further comprises;
selecting a type of certificate matching data provided in the request; and
determining whether the user owns a certificate matching the type;
when the user owns the certificate, accessing the one or more keys from the plurality of private cryptographic keys corresponding to the certificate;
wherein the step of performing one or more cryptographic functions using the one or more keys includes using the one or more keys corresponding to the certificate;
when the user does not own the certificate, determining whether the user owns a cross-certified-certificate cross-certified with the certificate; and
when the user owns the cross-certified certificate, accessing the one or more keys from the plurality of private cryptographic keys corresponding to the cross-certified certificate.
9 Assignments
0 Petitions
Accused Products
Abstract
The invention is a cryptographic server providing interoperability over multiple algorithms, keys, standards, certificate types and issuers, protocols, and the like. Another aspect of the invention is to provide a secure server, or trust engine, having server-centric keys, or in other words, storing cryptographic keys on a server. The server-centric storage of keys provides for user-independent security, portability, availability, and straightforwardness, along with a wide variety of implementation possibilities.
-
Citations
6 Claims
-
1. A method of performing remote requests for cryptographic functions on a secure server, the method comprising:
-
associating a user from multiple users with one or more keys from a plurality of private cryptographic keys stored on a secure server;
receiving a request for one or more cryptographic functions from an application executing on a remote computing device;
accessing the one or more keys; and
performing one or more cryptographic functions corresponding to the request using the one or more keys;
wherein the step of accessing the one or more keys further comprises;
selecting a type of certificate matching data provided in the request; and
determining whether the user owns a certificate matching the type;
when the user owns the certificate, accessing the one or more keys from the plurality of private cryptographic keys corresponding to the certificate;
wherein the step of performing one or more cryptographic functions using the one or more keys includes using the one or more keys corresponding to the certificate;
when the user does not own the certificate, determining whether the user owns a cross-certified-certificate cross-certified with the certificate; and
when the user owns the cross-certified certificate, accessing the one or more keys from the plurality of private cryptographic keys corresponding to the cross-certified certificate. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification