Method and system for certificate delivery and management
First Claim
1. A method for utilizing a certificate as an access method to a host system from one of a plurality of access points, comprising:
- creating and distributing a certificate for certificate-based authentication to each of a plurality of storage methods consisting of a microcomputer of a smart card and at least one of a computer disk of a computing device disposed in a secure environment and a Hardware Security Module (HSM) associated with a computing device;
managing the certificate over a life span of the certificate at least in part via a Lightweight Directory Assistance protocol (LDAP) directory shared by a Certificate Authority (CA) and the host system; and
allowing access to the host system using the certificate for public key-based authentication to the host system.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for combining multiple access points and utilizing certificates as an access method to a system from multiple access points enables use of a certificate that is stored within a smart card to access a host system through a browser, such that when the user accesses the application on the server, the application requires that the card and certificate be present for authentication of the individual user, and concurrently allows an external system to access applications on a host server using a certificate stored on the external system for authenticating itself to the host server. A certificate for certificate-based authentication is created and distributed to a choice of storage methods, such as a microcomputer of an integrated chip card, a computer disk of a computing device disposed in a secure environment, or a Hardware Security Module (HSM) associated with the computing device. The certificate is managed over its life span at least partly via a Lightweight Directory Assistance protocol (LDAP) directory shared by a certificate authority (CA) and the host system. Access to the host system is allowed using the certificate for public key-based authentication to the host system.
-
Citations
41 Claims
-
1. A method for utilizing a certificate as an access method to a host system from one of a plurality of access points, comprising:
-
creating and distributing a certificate for certificate-based authentication to each of a plurality of storage methods consisting of a microcomputer of a smart card and at least one of a computer disk of a computing device disposed in a secure environment and a Hardware Security Module (HSM) associated with a computing device; managing the certificate over a life span of the certificate at least in part via a Lightweight Directory Assistance protocol (LDAP) directory shared by a Certificate Authority (CA) and the host system; and allowing access to the host system using the certificate for public key-based authentication to the host system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A system for utilizing a certificate as an access method to a host system from one of a plurality of access points, comprising:
-
means for creating and distributing a certificate for certificate-based authentication to each of a plurality of storage methods consisting of a microcomputer of an smart card and at least one of a computer disk of a computing device disposed in a secure environment and a Hardware Security Module (HSM) associated with a computing device; means for managing the certificate over a life span of the certificate at least in part via a Lightweight Directory Assistance Protocol (LDAP) directory shared by a Certificate Authority (CA) and the host system; and means for allowing access to the host system by the user at a client terminal using the certificate for public key-based authentication to an application on a host server.
-
Specification