Communications apparatus, communications system, and method of setting certificate

US 7,647,501 B2
Filed: 09/10/2004
Issued: 01/12/2010
Est. Priority Date: 09/12/2003
Status: Active Grant

First Claim

Patent Images

1. An apparatus for communicating in a system which includes at least a high-level apparatus, and a plurality of low-level apparatuses, said apparatus being a low-level apparatus, comprising:

communicating means for communicating with a communications counterparty;

said communicating means comprisingmeans for providing an individual certificate set which includes an individual public key certificate that is a digital certificate being provided with information identifying said apparatus for communicating in order to receive an authentication by said communications counterparty when communicating, an individual private key corresponding to the individual public key certificate which is used by the apparatus for encrypting information, and an individual root key which is used to validate the communications counterparty, wherein the individual root key is the same root key used by the high-level apparatus and the other low-level apparatuses, andmeans for communicating when having been authenticated with said individual certificate by the communications counterparty; and

the apparatus for communicating further comprisingat least one storage area for storing said individual certificate set and a common certificate set which includes a common public key certificate that is a digital certificate not being provided with apparatus identifying information and is the same common public key certificate for the other low-level apparatuses, a common private key corresponding to the common public key certificate which is used by the apparatus for encrypting information, and a common root key which is used to validate the communications counterparty and which is set to be the same for the other low-level apparatuses and different for the high-level apparatus, said common certificate set being used for storing a new individual public key certificate in the apparatus when the individual public key certificate is not stored on the apparatus, and said common certificate set being stored in a replacement component as a minimum unit enabled for replacement.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus for communicating, including a communicating unit that enables the apparatus to communicate with a communications counterparty via the communicating unit. The communicating unit includes a unit for providing an individual certificate that is a digital certificate being provided with information identifying the apparatus for communicating in order to receive an authentication by the communications counterparty when communicating, and a unit for communicating when having been authenticated with the individual certificate by the communications counterparty. The apparatus further includes at least one storage area for storing the individual certificate and a common certificate that is a digital certificate not being provided with apparatus identifying information, in a replacement component as a minimum unit enabled for replacement.

Citations

16 Claims

1. An apparatus for communicating in a system which includes at least a high-level apparatus, and a plurality of low-level apparatuses, said apparatus being a low-level apparatus, comprising:
- communicating means for communicating with a communications counterparty;
  
  said communicating means comprisingmeans for providing an individual certificate set which includes an individual public key certificate that is a digital certificate being provided with information identifying said apparatus for communicating in order to receive an authentication by said communications counterparty when communicating, an individual private key corresponding to the individual public key certificate which is used by the apparatus for encrypting information, and an individual root key which is used to validate the communications counterparty, wherein the individual root key is the same root key used by the high-level apparatus and the other low-level apparatuses, andmeans for communicating when having been authenticated with said individual certificate by the communications counterparty; and
  
  the apparatus for communicating further comprisingat least one storage area for storing said individual certificate set and a common certificate set which includes a common public key certificate that is a digital certificate not being provided with apparatus identifying information and is the same common public key certificate for the other low-level apparatuses, a common private key corresponding to the common public key certificate which is used by the apparatus for encrypting information, and a common root key which is used to validate the communications counterparty and which is set to be the same for the other low-level apparatuses and different for the high-level apparatus, said common certificate set being used for storing a new individual public key certificate in the apparatus when the individual public key certificate is not stored on the apparatus, and said common certificate set being stored in a replacement component as a minimum unit enabled for replacement.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus for communicating as claimed in claim 1, said communicating means further comprising:
    - means for providing said common public key certificate in order to receive the authentication by the communications counterparty when communicating; and
      
      the apparatus for communicating further comprisingindividual-certificate setting means for obtaining said individual public key certificate from the communications counterparty via said communicating means when having been authenticated by the communications counterparty with said common public key certificate and storing the obtained individual public key certificate in said storage area.
  - 3. The apparatus for communicating as claimed in claim 2, wherein said replacement component is a component configured to store said common public key certificate, and not store said public key individual certificate, before being installed into said apparatus for communicating.
  - 4. The apparatus for communicating as claimed in claim 3, wherein said replacement component with said common public key certificate is configured to be used without depending on the information identifying said apparatus for communicating.
  - 5. The apparatus for communicating as claimed in claim 1, wherein the identifying information being provided in said individual public key certificate is machine serial number information of said apparatus for communicating.
  - 6. The apparatus for communicating as claimed in claim 1, wherein said authentication is to be performed with an authentication process according to a Secure Socket Layer (SSL) protocol or a Transport Layer Security (TLS) protocol.

7. A system for communicating, including a high-level apparatus, and low-level apparatuses, each of which is to be a communications counterparty of the high-level apparatus, a low-level apparatus comprising:
- means for providing an individual certificate set which includes an individual public key certificate that is a digital certificate being provided with information identifying the low-level apparatus in order to receive an authentication by a communications counterparty when communicating, an individual private key corresponding to the individual public key certificate which is used by the low-level apparatus for encrypting information, and an individual root key which is used to validate the communications counterparty, wherein the individual root key is the same root key used by the high-level apparatus and the other low-level apparatuses; and
  
  communicating means for communicating when having been authenticated with said individual certificate by said communications counterparty; and
  
  at least one storage area for storing said individual certificate set and a common certificate set which includes a common public key certificate that is a digital certificate not being provided with apparatus-identifying information and is the same common public key certificate for the other low-level apparatuses, a common private key corresponding to the common public key certificate which is used by the low-level apparatus for encrypting information, and a common root key which is used to validate the communications counterparty and which is the same for the other low-level apparatuses and set to be different for the high-level apparatus, said common certificate set being used for storing a new individual public key certificate in the low-level apparatus when the individual public key certificate is not stored on the apparatus, and said common certificate set being stored in a replacement component as a minimum unit enabled for replacement.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system for communicating as claimed in claim 7, said communicating means in the low-level apparatus further comprising:
    - means for providing said common public key certificate in order to receive the authentication by the communications counterparty when communicating; and
      
      the low-level apparatus further comprising individual-certificate setting means for obtaining said individual public key certificate from said communications counterparty via said communicating means when having been authenticated by the communications counterparty with said common public key certificate and storing the obtained individual public key certificate in said storage area.
  - 9. The system for communicating as claimed in claim 8,wherein said replacement component is a component configured to store said common public key certificate, and not store said individual public key certificate, before being installed into the low-level apparatus.
  - 10. The system for communicating as claimed in claim 9, wherein said replacement component having stored said common public key certificate is configured to be used without depending on the information identifying said low-level apparatus.
  - 11. The system for communicating as claimed in claim 7, wherein the identifying information being provided in said individual public key certificate is machine serial number information of the low-level apparatus.
  - 12. The system for communicating as claimed in claim 7, wherein said authentication is to be performed with an authentication process according to a Secure Socket Layer (SSL) protocol or a Transport Layer Security (TLS) protocol.

13. A method of setting, in an apparatus for communicating in a system which includes at least a high-level apparatus, and a plurality of low-level apparatuses, said apparatus being a low-level apparatus including communicating means enabled to communicate with a communications counterparty via said communicating means, an individual certificate set which includes an individual public key certificate that is a digital certificate being provided with information identifying said apparatus for communicating, an individual private key corresponding to the individual public key certificate which is used by the apparatus for encrypting information, and an individual root key which is used to validate the communications counterparty, wherein the individual root key is the same root key used by the high-level apparatus and the other low-level apparatuses, the method comprising:
- installing into said apparatus for communicating a replacement component as a minimum unit enabled for replacement having been provided with at least a storage area for storing said individual certificate set and a common certificate set which includes a common public key certificate that is a digital certificate not being provided with apparatus-identifying information and is the same common public key certificate for the other low-level apparatuses, a common private key corresponding to the common public key certificate which is used by the apparatus for encrypting information, and a common root key which is used to validate the communications counterparty and which is the same for the other low-level apparatuses and set to be different for the high-level apparatus based on a group of authentication subjects to be distinguished, said common certificate set being used for storing a new individual public key certificate in the apparatus when the individual public key certificate is not stored in the apparatus; and
  
  having said apparatus for communicating to provide said common public key certificate in order to receive an authentication by said communications counterparty when communicating, and to obtain via said communicating means said individual public key certificate from the communications counterparty so as to have the obtained individual public key certificate stored in said storage area when having been authenticated with said common public key certificate by the communications counterparty.
- View Dependent Claims (14, 15, 16)
- - 14. The method of setting the individual public key certificate as claimed in claim 13, wherein said replacement component is configured to be used, without depending on the information identifying said apparatus for communicating.
  - 15. The method of setting the individual public key certificate as claimed in claim 13, wherein the identifying information being provided in said individual public key certificate is machine serial number information of said apparatus for communicating.
  - 16. The method of setting the individual public key certificate as claimed in claim 13, wherein said authentication is to be performed with an authentication process according to a Secure Socket Layer (SSL) protocol or a Transport Layer Security (TLS) protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ricoh Company Limited
Original Assignee
Ricoh Company Limited
Inventors
Imai, Tatsuya
Primary Examiner(s)
Simitoski; Michael J
Assistant Examiner(s)
Tabor; Amare

Application Number

US10/937,309
Publication Number

US 20050097332A1
Time in Patent Office

1,950 Days
Field of Search

713/173, 713/175, 713/176, 380/277
US Class Current

713/175
CPC Class Codes

G06F 21/33   using certificates

H04L 63/0823   using certificates cryptogr...

H04L 63/166   at the transport layer

Communications apparatus, communications system, and method of setting certificate

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Communications apparatus, communications system, and method of setting certificate

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links