Managing private keys in a free seating environment
First Claim
1. A method for managing a private key for a user in a free seating environment, said method comprising:
- receiving at a first server the private key created by a first computer, wherein said first computer is a client of said first server;
identifying a second computer that is authorized to receive said private key;
transmitting said private key from said first server to said second computer; and
wrapping said private key with a non-migratable public key of said first server, thus creating a first blob, before transmitting said private key within said first blob to said first server, such that said private key cannot be migrated from said first server while wrapped with said non-migratable public key of said first server.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for storing to a server a private key that was created on a TCPA-enabled client computer by the user. The user'"'"'s private key is wrapped in a server non-migratable public key and sent to the server. When the user wants to migrate the user private key to a TCPA-enabled client computer, the user sends a request to the server for the user'"'"'s private key along with the user'"'"'s personal migration data for user identification. The server wraps the user'"'"'s private key in the TCPA-enabled client computer'"'"'s non-migratable public key, and transmits this “blob” to the client computer, which unwraps the blob to reveal the user'"'"'s private key.
-
Citations
16 Claims
-
1. A method for managing a private key for a user in a free seating environment, said method comprising:
-
receiving at a first server the private key created by a first computer, wherein said first computer is a client of said first server; identifying a second computer that is authorized to receive said private key; transmitting said private key from said first server to said second computer; and wrapping said private key with a non-migratable public key of said first server, thus creating a first blob, before transmitting said private key within said first blob to said first server, such that said private key cannot be migrated from said first server while wrapped with said non-migratable public key of said first server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A client computer in a computer network, said client computer comprising:
-
means for wrapping a private key with a non-migratable public key of a first server to form a first blob, wherein said client computer creates said private key utilizing a Trusted Computing Platform Alliance (TCPA) protocol, and wherein said first blob that cannot be migrated out of said first server; and means for transmitting said first blob to said first server. - View Dependent Claims (9)
-
-
10. A server in a computer network, said server comprising:
-
means for providing a public key to another computer; means for receiving a blab from said another computer, said blob comprising a private key, from said another computer, encrypted with a public key of the server, wherein said private key is created by said another computer utilizing a Trusted Computing Platform (TCPA) protocol; means for exposing said private key within said server by decrypting said public key; means for receiving a request for said private key from a requesting computer; means for wrapping said private key wit a non-migratable public key of said requesting computer to form a blob; and means for transmitting said blob to said requesting computer.
-
-
11. A computer program product, residing on a computer usable medium, for managing a private key for a user in a free seating environment, said computer program product comprising:
-
program code means for receiving at a first server the private key from a first computer, wherein said private key is created by said first computer utilizing a Trusted Computing Platform (TCPA) protocol; program code means for identifying a second computer that is authorized to receive said private key; program code means for transmitting said private key from said first server to said second computer; and program code means for wrapping said private key with a non-migratable public key of said first server, thus creating a first blob, before transmitting said private key within said first blob to said first server, such that said private key cannot be migrated from said first server while wrapped with said non-migratable public key of said first server. - View Dependent Claims (12, 13, 14, 15, 16)
-
Specification