Certificate management and transfer system and method

US 7,546,453 B2
Filed: 06/12/2002
Issued: 06/09/2009
Est. Priority Date: 06/12/2001
Status: Active Grant

First Claim

Patent Images

1. A method of Certificate (Cert) management and transfer between a computer system having a first data transfer interface and a wireless communication device enabled for communications in a wireless communication network and having a second data transfer interface compatible with the first data transfer interface, the method comprising the steps of:

establishing communications between the computer system and the wireless communication device via the first data transfer interface and the second data transfer interface;

checking at the computer system status of each Cert stored at the wireless communication device to detect expired, revoked or invalid Certs in a data store;

retrieving by the computer system a new Cert for each detected expired, revoked or invalid Cert; and

transferring each new Cert from the computer system to the wireless communication device,wherein a transferred new Cert is used to handle messages communicated via the wireless communication network that are received from or to be transmitted to remote entities whose communications are associated with the transferred new Cert.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for Certificate management and transfer between messaging clients are disclosed. When communications are established between a first messaging client and a second messaging client, one or more Certificates stored on the first messaging client may be selected and transferred to the second messaging client. Messaging clients may thereby share Certificates. Certificate management functions such as Certificate deletions, Certificate updates and Certificate status checks may also be provided.

64 Citations

View as Search Results

27 Claims

1. A method of Certificate (Cert) management and transfer between a computer system having a first data transfer interface and a wireless communication device enabled for communications in a wireless communication network and having a second data transfer interface compatible with the first data transfer interface, the method comprising the steps of:
- establishing communications between the computer system and the wireless communication device via the first data transfer interface and the second data transfer interface;
  
  checking at the computer system status of each Cert stored at the wireless communication device to detect expired, revoked or invalid Certs in a data store;
  
  retrieving by the computer system a new Cert for each detected expired, revoked or invalid Cert; and
  
  transferring each new Cert from the computer system to the wireless communication device,wherein a transferred new Cert is used to handle messages communicated via the wireless communication network that are received from or to be transmitted to remote entities whose communications are associated with the transferred new Cert.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein:
    - the step of establishing communications between the computer system and the wireless communication device comprises the step of establishing a communications link between the first data transfer interface and the second data transfer interface; and
      
      the communications link is selected from the group consisting of;
      
      a physical communications link and a wireless communications link.
  - 3. The method of claim 1, further comprising the steps of:
    - generating a list of Certs stored at the wireless communication device; and
      
      displaying the generated list of Certs,wherein user input provides a selection of the one or more Certs from the displayed list.
  - 4. The method of claim 3, wherein:
    - the step of displaying comprises displaying the generated list on the computer system.
  - 5. The method of claim 3, wherein the step of generating comprises the steps of:
    - identifying the Certs that are stored at the one of the computer system and the wireless communication device;
      
      identifying the Certs that are stored at the other of the computer system and the wireless communication device; and
      
      generating a list of the Certs that are stored only at the one of the computer system and the wireless communication device and not at the other of the computer system and the wireless communication device.
  - 6. The method of claim 1, further comprising the step of storing each of the transferred new Certs in the data store on the wireless communication device.
  - 7. The method of claim 1, further comprising the step, after the step of checking, of prompting for user input when an expired, revoked or invalid Cert is detected, wherein the steps of retrieving and transferring are responsive to user input.
  - 8. The method of claim 1, wherein the step of retrieving comprises retrieving a new Cert from the Public Key Server (PKS).
  - 9. The method of claim 1, further comprising the steps of:
    - generating a list of Certs stored in the data store at the wireless communication device;
      
      displaying the generated list of Certs on the computer system;
      
      receiving user input to select for deletion from the data store one or more Certs from the displayed list via a user interface associated with the computer system; and
      
      deleting the selected one or more Certs from the data store.
  - 10. The method of claim 1, wherein the computer system is selected from the group consisting of:
    - a desktop computer system, a laptop computer system, and a wireless mobile communication device.
  - 11. The method of claim 1, wherein the Certs associated with the remote entities are available from a third-party certificate authority.

12. A system for Certificate (Cert) management and transfer between a computer system and a wireless communication device, the system comprising:
- at the computer system;
  
  a first memory comprising a first Cert store configured to store Certs;
  
  a first Cert synchronization (sync) system configured to access the first Cert store; and
  
  a first communications interface; and
  
  at the wireless communication device;
  
  a second memory comprising a second Cert store configured to store Certs;
  
  a second Cert sync system configured to access the second Cert store;
  
  a wireless transceiver that enables the wireless communication device for communications in a wireless communication network; and
  
  a second communications interface compatible with the first communications interface,wherein the first Cert sync system is further configured to;
  
  check status of each Cert stored in the second Cert store to detect expired, invalid or revoked Certs stored in the second Cert store,retrieve a new Cert for each detected expired, invalid or revoked Cert in the second Cert store, andtransfer each new Cert from the computer system to the wireless communication device when a communications link is established between the computer system and the wireless communication device via the first communications interface and the second communications interface,wherein a transferred new Cert is used to handle messages communicated via the wireless communication network that are received from or to be transmitted to remote entities whose communications are associated with the transferred new Cert.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The system of claim 12, wherein the second Cert sync system is further configured to store Certs transferred from the computer system to the wireless communication device to the second Cert store.
  - 14. The system of claim 13, wherein the second Cert sync system is further configured to transfer Certs stored in the second Cert store from the wireless communication device to the computer system when the communications link is established between the computer system and the wireless communication device via the first communications interface and the second communications interface.
  - 15. The system of claim 13, wherein the user interface at the computer system is further configured to accept user inputs to select one or more of the Certs stored in the second Cert store, wherein the selected Certs are transferred from the wireless communication device to the computer system.
  - 16. The system of claim 12, wherein the computer system is selected from the group consisting of:
    - a desktop computer system, a laptop computer system, and a wireless mobile communication device.
  - 17. The system of claim 12, wherein the wireless communication device is selected from the group consisting of:
    - a data communication device, a voice communication device, a dual-mode communication device having both data and voice communications functionality, a cellular telephone having data communications functionality, a personal digital assistant (PDA) enabled for wireless communications, and a laptop or desktop computer system with a wireless modem.
  - 18. The system of claim 12, further comprising:
    - at the computer system;
      
      a first messaging system; and
      
      a first communications subsystem; and
      
      at the wireless communication device;
      
      a second messaging system; and
      
      a second communications subsystem,wherein the first messaging system is configured to store Certs received via the first communications subsystem to the first Cert store and the second messaging system is configured to store Certs received via the second communications subsystem to the second Cert store.
  - 19. The system of claim 12, wherein the first communications interface and the second communications interface establish a physical link between the computer system and the wireless communication device.
  - 20. The system of claim 19, wherein the first communications interface and the second communications interface are selected from the group consisting of:
    - serial ports and Universal Serial Bus (USB) ports.
  - 21. The system of claim 19, wherein the first communications interface and the second communications interface are selected from the group consisting of:
    - Infrared Data Association (IrDA) ports, Bluetooth modules and 802.11 modules.
  - 22. The system of claim 12, wherein the first communications interface and the second communications interface establish a wireless link between the computer system and the wireless communication device.

23. A system for transferring Certificates (Certs) between a computer system and a wireless mobile communication device, the system comprising:
- a serial port associated with the computer system;
  
  a mobile device cradle connected to the serial port, the mobile device cradle having an interface; and
  
  a mobile device interface associated with the wireless mobile communication device and compatible with the interface of the mobile device cradle,wherein the computer system is configured to check status of each Cert stored at the wireless mobile communication device to detect expired, invalid or revoked Certs stored at the wireless communication device, and is configured to retrieve a new Cert for each detected expired, invalid or revoked Cert at the wireless communication device, and is configured to transfer each new Cert from the computer system to the wireless mobile communication device;
  
  wherein a transferred new Cert is used to handle messages communicated via the wireless communication network that are received from or to be transmitted to remote entities whose communications are associated with the transferred new Cert.

24. A wireless mobile communication device comprising:
- a wireless transceiver;
  
  a messaging system coupled to the wireless transceiver;
  
  a communications interface for exchanging data with a computer system;
  
  a Cert store configured to store Certificates (Certs); and
  
  a Cert synchronization (sync) system coupled to the Cert store and the communications interface,wherein the computer system is configured to cheek status of each Cert stored in the Cert store to detect expired, invalid or revoked Certs stored in the Cert store, and is configured to retrieve a new Cert for each detected expired, invalid or revoked Cert in the Cert Store, and is configured to transfer each new Cert from the computer system to the wireless mobile communication device;
  
  wherein the messaging system is configured to store Certs, that are received via the wireless transceiver, to the Cert store, and the Cert sync system is configured to store Certs, that are received from the computer system via the communications interface, to the Cert store,wherein the stored Certs are used to handle messages communicated via the wireless communication network that are received from or to be transmitted to remote entities whose communications are associated with the stored Certs.
- View Dependent Claims (25, 26, 27)
- - 25. The wireless mobile communication device of claim 24, wherein the messaging system is further configured to request Certs from a Public Key Server (PKS).
  - 26. The wireless mobile communication device of claim 24, wherein the communications interface is selected from the group consisting of:
    - a serial port, a Universal Serial Bus (USB) port, and Infrared Data Association (IrDA) port, a Bluetooth module and an 802.11 module.
  - 27. The wireless mobile communication device of claim 24, wherein the wireless mobile communication device is selected from the group consisting of:
    - a data communication device, a voice communication device, a dual-mode communication device having both data and voice communications functionality, a cellular telephone having data communications functionality, a personal digital assistant (PDA) enabled for wireless communications, and a laptop or desktop computer system with a wireless modem.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Adams, Neil P., Brown, Michael S., Kirkup, Michael G., Godfrey, James A., Little, Herbert A., Tapuska, David F.
Primary Examiner(s)
CHEN, SHIN HON

Application Number

US10/480,615
Publication Number

US 20040171369A1
Time in Patent Office

2,554 Days
Field of Search

713156-158, 713/189, 713/194, 713/170, 709/203, 709/204, 709/224, 709/227, 709/217, 709/221
US Class Current

713/156
CPC Class Codes

G06Q 10/107   Computer-aided management o...

H04L 12/189   in combination with wireles...

H04L 51/00   User-to-user messaging in p...

H04L 51/58   Message adaptation for wire...

H04L 63/0272   Virtual private networks

H04L 63/0442   wherein the sending and rec...

H04L 63/045   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/101   Access control lists [ACL]

H04L 63/126   the source of the received ...

H04L 67/04   specially adapted for termi...

H04W 12/033   of the user plane, e.g. use...

H04W 12/041   Key generation or derivation

H04W 12/0471   Key exchange

H04W 12/106   Packet or message integrity

H04W 92/18   between terminal devices

Certificate management and transfer system and method

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Certificate management and transfer system and method

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links