Enhancement to volume license keys

US 7,853,790 B2
Filed: 03/19/2004
Issued: 12/14/2010
Est. Priority Date: 03/19/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method for distributing digital certificates, the method comprising:

receiving a parent digital certificate from a licensor, the parent digital certificate identifying the licensor, an organizational licensee, a licensed product, and an organizational license of the licensed product to the organizational licensee;

generating, by the organizational licensee, at least two child digital certificates based on the parent digital certificate, each of the at least two child digital certificates identifying a specific entity as a sub-licensee of the organizational licensee, the specific entity being authorized to use the licensed product;

creating a composite digital certificate, the composite digital certificate including a public portion of the parent digital certificate and the at least two child digital certificates, each of the at least two child digital certificates being directly from the parent digital certificate;

accessing a directory service using a light weight directory access protocol to create an association between the composite digital certificate and the specific entity, the association created in a relational structure storing one or more entity identifiers and the composite digital certificate; and

distributing the composite digital certificate to the specific entity to authorize the specific entity to enable the licensed product.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes issuing a digital certificate to a licensee, the digital certificate identifying a licensed product and the licensee to enable the licensee to enable the licensed product. The method involves receiving a request to enable the licensed product from an entity, the request including the digital certificate and determining whether the entity is the licensee of the licensed product based on the digital certificate. A system includes a relational structure having associations among authorized entities and digital certificates within an organization. Each to digital certificate identifies a licensed product licensed to the organization. A certificate distribution module distributes the digital certificates to associated authorized entities.

41 Citations

View as Search Results

17 Claims

1. A method for distributing digital certificates, the method comprising:
- receiving a parent digital certificate from a licensor, the parent digital certificate identifying the licensor, an organizational licensee, a licensed product, and an organizational license of the licensed product to the organizational licensee;
  
  generating, by the organizational licensee, at least two child digital certificates based on the parent digital certificate, each of the at least two child digital certificates identifying a specific entity as a sub-licensee of the organizational licensee, the specific entity being authorized to use the licensed product;
  
  creating a composite digital certificate, the composite digital certificate including a public portion of the parent digital certificate and the at least two child digital certificates, each of the at least two child digital certificates being directly from the parent digital certificate;
  
  accessing a directory service using a light weight directory access protocol to create an association between the composite digital certificate and the specific entity, the association created in a relational structure storing one or more entity identifiers and the composite digital certificate; and
  
  distributing the composite digital certificate to the specific entity to authorize the specific entity to enable the licensed product.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method as recited in claim 1 further comprising creating an association between the specific entity and the composite digital certificate.
  - 3. A method as recited in claim 1 further comprising receiving a request for the licensed product from the specific entity, the request including at least a portion of the parent digital certificate.
  - 4. A method as recited in claim 1, wherein each of the at least two child digital certificates are more restrictive than the parent digital certificate.
  - 5. A method as recited in claim 1, wherein the composite digital certificate includes one or more use conditions, the one or more use conditions including:
    - an expiration time;
      
      an enrollment requirement indicating that the specific entity must enroll to receive the composite digital certificate;
      
      a notification requirement specifying that the specific entity must notify an issuer with specific information to receive the composite digital certificate;
      
      a physical location; and
      
      a product feature limitation.
  - 6. A method as recited in claim 1 further comprising assigning the composite digital certificate to the specific entity by inserting an entity identifier into the composite digital certificate.
  - 7. A method as recited in claim 1, wherein the organizational license is associated with a specific network of the organizational licensee to ensure that the specific entity is connected to the specific network in order to authorize the specific entity to enable the licensed product.

8. A system comprising:
- a processor;
  
  a memory;
  
  a relational structure maintained in the memory, the relational structure accessing a directory service using a lightweight directory access protocol to create associations among a specific entity of an organization and digital certificate hierarchies within the organization, the relational structure to store a hierarchy of entity identifiers and the digital certificate hierarchies, each digital certificate hierarchy identifying a licensed product licensed to the organization; and
  
  a certificate distribution module executable by the processor to periodically distribute the digital certificate hierarchies to associated authorized entities, each of the digital certificate hierarchies including;
  
  (1) at least a portion of a parent digital certificate issued by a licensor to the organization, the parent digital certificate including a parent private key, and (2) a child digital certificate generated based on the parent digital certificate, the child digital certificate including a public key generated from the parent private key issued by the licensor.
- View Dependent Claims (9, 10, 11)
- - 9. A system as recited in claim 8, wherein the certificate distribution module determines whether the relational structure includes the associations among the specific entity of the organization and any of the digital certificate hierarchies.
  - 10. A system as recited in claim 8, wherein the relational structure comprises the directory service.
  - 11. A system as recited in claim 8, wherein the hierarchy of entity identifiers represent a hierarchical structure of the organization.

12. A system comprising:
- a processor;
  
  a memory; and
  
  a certificate distribution module stored in the memory and executed on the processor to distribute a composite digital certificate to one or more authorized entities in an organization, the composite digital certificate including;
  
  at least a portion of a parent digital certificate issued by a licensor to the organization, the parent digital certificate specifying the licensor, the organization as a licensee, a licensed product, and an organizational license of the licensed product to the organization, the parent digital certificate including a private key,an entity child digital certificate generated by the organization based on the parent digital certificate, the entity child digital certificate identifying a specific entity within the organization authorized to use the licensed product, the entity child digital certificate being more restrictive than the parent digital certificate, anda key child digital certificate generated by the organization based on the parent digital certificate, the key child digital certificate including a public key generated from the private key, the public key associated with the specific entity; and
  
  a relational structure stored in the memory and executed on the processor to access a directory service using a light weight directory access protocol to specify an association between the composite digital certificate and the specific entity, the relational structure storing one or more entity identifiers and the composite digital certificate.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. A system as recited in claim 12, further comprising assigning the composite digital certificate to the one or more authorized entities based on the directory service.
  - 14. A system as recited in claim 12, further comprising assigning the composite digital certificate to the one or more authorized entities based on the relational structure.
  - 15. A system as recited in claim 12, wherein the composite digital certificate includes a use condition specifying a condition related to the licensed product.
  - 16. A system as recited in claim 12, wherein the licensed product comprises a digital certificate validation module to authenticate the composite digital certificate, the digital certificate validation module further to enable the licensed product when the composite digital certificate is authentic.
  - 17. A system as recited in claim 16, further comprising a certificate generator to generate the composite digital certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Gabryjelski, Henry P., Miller, Wesley
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
Debnath; Suman

Application Number

US10/805,371
Publication Number

US 20050210254A1
Time in Patent Office

2,461 Days
Field of Search

713/150, 713/156, 713168-169, 713/173, 713/175, 380/279, 705/51, 705/59
US Class Current

713/175
CPC Class Codes

G06F 21/105   Arrangements for software l...

G06F 21/335   for accessing specific reso...

G06Q 2220/18   Licensing

G06Q 50/184   Intellectual property manag...

H04L 9/3263   involving certificates, e.g...

Enhancement to volume license keys

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Enhancement to volume license keys

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links