Assignment of user certificates/private keys in token enabled public key infrastructure system
First Claim
Patent Images
1. A method for assigning certificates and associated private keys to a token, comprising:
- accessing the token through a token reader connected to a computer system by a certificate authority;
reading a token ID and a user-signature certificate from the token;
searching for a match for the token ID and the user signature certificate in an authoritative database;
creating a certificate and an associated private key, wherein the certificate and the associated private key are wrapped with a public key associated with the token ID and digitally signing the certificate and the associated private key using a signature certificate of the certificate authority if a match for the token ID and the user signature certificate is found in the authoritative database;
downloading the certificate and the associated private key to the token; and
decrypting the certificate and the associated private key using a private key stored in the token, such that the token stores at least the token ID, the private key, the user signature certificate and the certificate and the associated private key.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and computer program to assign certificates/private keys to a token. This method and computer program allows a user to access a certificate authority and have certificates/private keys that are used for signature, encryption and role purposes generated and downloaded to the token. The use of secure communication lines and computers is not necessary since the token contains a unique token ID and private key, while the certificate authority contains the associated public key for the token. The certificate generated is wrapped in the public key and only the token, having the associated private key, may activate the certificate.
72 Citations
16 Claims
-
1. A method for assigning certificates and associated private keys to a token, comprising:
-
accessing the token through a token reader connected to a computer system by a certificate authority; reading a token ID and a user-signature certificate from the token; searching for a match for the token ID and the user signature certificate in an authoritative database; creating a certificate and an associated private key, wherein the certificate and the associated private key are wrapped with a public key associated with the token ID and digitally signing the certificate and the associated private key using a signature certificate of the certificate authority if a match for the token ID and the user signature certificate is found in the authoritative database; downloading the certificate and the associated private key to the token; and decrypting the certificate and the associated private key using a private key stored in the token, such that the token stores at least the token ID, the private key, the user signature certificate and the certificate and the associated private key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program embodied on a computer readable medium and executable by a computer for assigning certificates and associated private keys to a token, comprising:
-
accessing the token through a token reader connected to a computer system by a certificate authority; reading a token ID and a user signature certificate from the token; searching for a match for the token ID and the user signature certificate in an authoritative database; creating a certificate and an associated private key, wherein the certificate and the associated private key are wrapped with a public key associated with the token ID and digitally signing the certificate and the associated private key using a signature certificate of the certificate authority if a match for the token ID and the user signature certificate is found in the authoritative database; downloading the certificate and the associated private key to the token; and decrypting the certificate and the associated private key using a private key stored in the token, such that the token stores at least the token ID, the private key, the user signature certificate and the certificate and the associated private key. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification