Method and apparatus for distribution of digital certificates

US 7,444,507 B2
Filed: 06/30/2002
Issued: 10/28/2008
Est. Priority Date: 06/30/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving a request from a device to gain access to a network to apply for a digital certificate, the request containing existing identity information;

verifying the existing identity information; and

requesting a use once password from a certificate authority on behalf of the device, the use once password being used to access the certificate authority to obtain the digital certificate;

wherein if the use once password is granted, the use once password is forwarded to the requesting device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for distribution of digital certificates. A limited access to networks by use of existing identity information allows distribution of digital certificates.

35 Citations

View as Search Results

25 Claims

1. A method comprising:
- receiving a request from a device to gain access to a network to apply for a digital certificate, the request containing existing identity information;
  
  verifying the existing identity information; and
  
  requesting a use once password from a certificate authority on behalf of the device, the use once password being used to access the certificate authority to obtain the digital certificate;
  
  wherein if the use once password is granted, the use once password is forwarded to the requesting device.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1 wherein the network comprises a virtual private network.
  - 3. The method of claim 2 wherein the existing identity information comprises at least one of a username, a user password, a uniform resource locator, a public encryption key, a user'"'"'s distinguished name, and a network address.

4. A method comprising:
- connecting to a gateway using authentication information; and
  
  signaling to apply for a digital certificate by sending existing identity information to the gateway, the existing identity information being passed to a security server for verification, wherein the security server verifies that the existing identity information is correct and requests a use once password from a certificate authority;
  
  receiving the use once password from the certificate authority;
  
  accessing the certificate authority using the use once password; and
  
  obtaining the digital certificate from the certificate authority.
- View Dependent Claims (5)
- - 5. The method of claim 4 wherein the existing identity information is at least one of a username, a user password, a uniform resource locator, a public encryption key, a user'"'"'s distinguished name, and a network address.

6. A machine-readable storage medium having stored thereon data representing sequences of instructions which, when executed by a processor, cause the processor to perform operations comprising:
- receiving a request from a device to gain access to a network to apply for a digital certificate, the request containing existing identity information;
  
  verifying the existing identity information; and
  
  requesting a use once password from a certificate authority on behalf of the device, the use once password being used to access the certificate authority to obtain the digital certificate;
  
  wherein if the use once password is granted, the use once password is forwarded to the requesting device.
- View Dependent Claims (7, 8)
- - 7. The medium of claim 6 wherein the network is a virtual private network.
  - 8. The medium of claim 6 wherein the existing identity information is at least one of a username, a user password, a uniform resource locator, a public encryption key, a user'"'"'s distinguished name, and a network address.

9. A method comprising:
- receiving a request from a device to gain limited access to a network for purpose of requesting a digital certificate, the request containing existing identity information;
  
  verifying the existing identity information; and
  
  requesting a limited use password from a certificate authority on behalf of the device, the limited use password being used to access the certificate authority to obtain the digital certificate;
  
  wherein if the limited use password is granted, the limited use password is forwarded to the requesting device.
- View Dependent Claims (10, 11)
- - 10. The method of claim 9 wherein the network comprises a virtual private network.
  - 11. The method of claim 9 wherein the existing identity information is at least one of a username, a user password, a uniform resource locator, a public encryption key, a user'"'"'s distinguished name, and a network address.

12. A machine-readable storage medium having stored thereon data representing sequences of instructions which, when executed by a processor, cause the processor to perform operations comprising:
- connecting to a gateway using authentication information; and
  
  signaling to apply for a digital certificate by sending existing identity information to the gateway, the existing identity information being passed to a security server for verification, wherein the security server verifies that the existing identity information is correct and requests a use once password from a certificate authority;
  
  receiving the use once password from the certificate authority;
  
  accessing the certificate authority using the use once password; and
  
  obtaining the digital certificate from the certificate authority.
- View Dependent Claims (13)
- - 13. The machine-readable storage medium of claim 12 wherein the existing identity information is at least one of a username, a user password and a network address.

14. A machine-readable storage medium having stored thereon data representing sequences of instructions which, when executed by a processor, cause the processor to perform operations comprising:
- receiving a request from a device to gain limited access to a network for purpose of requesting a digital certificate, the request containing existing identity information;
  
  verifying the existing identity information; and
  
  requesting a limited use password from a certificate authority on behalf on the device, the limited use password being used to access the certificate authority to obtain the digital certificate;
  
  wherein if the limited use password is granted, the limited use password is forwarded to the requesting device.
- View Dependent Claims (15, 16)
- - 15. The machine-readable storage medium of claim 14 wherein the network comprises a virtual private network.
  - 16. The machine-readable storage medium of claim 14 wherein the existing identity information is at least one of a username, a user password, a uniform resource locator, a public encryption key, a user'"'"'s distinguished name, and a network address.

17. A system comprising:
- a gateway connected to a network; and
  
  a security server coupled to the gateway;
  
  wherein the gateway receives a request from a client to gain access to a network to apply for a digital certificate, the request containing existing identity information, the security server verifies the existing identity information and request a use once password from a certificate authority on behalf of the client, the use once password being used to access the certificate authority to obtain the digital certificate; and
  
  wherein if the use once password is granted, the use once password is forwarded to the client.
- View Dependent Claims (18, 19)
- - 18. The system of claim 17 wherein the network comprises a virtual private network.
  - 19. The system of claim 17 wherein the existing identity information is at least one of a username, a user password, a uniform resource locator, a public encryption key, a user'"'"'s distinguished name, and a network address.

20. A system comprising:
- a gateway connected to a network;
  
  a security server coupled to the gateway; and
  
  a client connecting to the gateway using authentication information, and signaling to apply for a digital certificate by sending existing identity information to the gateway, the existing identity information being passed to the security server for verification;
  
  wherein the security server verifies that the existing identity information is correct and requests a use once password from a certificate authority; and
  
  wherein the client receives the use once password from the certificate authority, accesses the certificate authority using the once password, and obtains the digital certificate from the certificate authority.
- View Dependent Claims (21, 22)
- - 21. The system of claim 20 wherein the network comprises a virtual private network.
  - 22. The system of claim 20 wherein the existing identity information is at least one of a username, a user password, a uniform resource locator, a public encryption key, a user'"'"'s distinguished name, and a network address.

23. A system comprising:
- a gateway connected to a network, the gateway receiving a request from a client to gain limited access to the network for purpose of requesting a digital certificate, the request containing existing identity information; and
  
  a security server coupled to the gateway to verify the existing identity information and request a limited use password from a certificate authority on behalf of the client, the limited use password being used to access the certificate authority to obtain the digital certificate;
  
  wherein if the limited use password is granted, the limited use password is forwarded to the client.
- View Dependent Claims (24, 25)
- - 24. The system of claim 23 wherein the network comprises a virtual private network.
  - 25. The system of claim 23 wherein the existing identity information is at least one of a username, a user password, a uniform resource locator, a public encryption key, a user'"'"'s distinguished name, and a network address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Walker, Jesse R., Mak, Wai Kwan, Robison, Victor C.
Primary Examiner(s)
NGUYEN, MINH DIEU T

Application Number

US10/187,097
Publication Number

US 20040003238A1
Time in Patent Office

2,312 Days
Field of Search

713155-156, 713/175, 726/2, 726/4, 726/8, 726 11- 12, 726/15, 380/258, 709/229, 705/67
US Class Current

713/156
CPC Class Codes

G06Q 20/3674   involving authentication

H04L 2209/60   Digital content management,...

H04L 2463/081   applying self-generating cr...

H04L 63/0838   using one-time-passwords

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

Method and apparatus for distribution of digital certificates

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

35 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for distribution of digital certificates

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others