Enhancement to volume license keys
First Claim
1. A method for distributing digital certificates, the method comprising:
- receiving a parent digital certificate from a licensor, the parent digital certificate identifying the licensor, an organizational licensee, a licensed product, and an organizational license of the licensed product to the organizational licensee;
generating, by the organizational licensee, at least two child digital certificates based on the parent digital certificate, each of the at least two child digital certificates identifying a specific entity as a sub-licensee of the organizational licensee, the specific entity being authorized to use the licensed product;
creating a composite digital certificate, the composite digital certificate including a public portion of the parent digital certificate and the at least two child digital certificates, each of the at least two child digital certificates being directly from the parent digital certificate;
accessing a directory service using a light weight directory access protocol to create an association between the composite digital certificate and the specific entity, the association created in a relational structure storing one or more entity identifiers and the composite digital certificate; and
distributing the composite digital certificate to the specific entity to authorize the specific entity to enable the licensed product.
2 Assignments
0 Petitions
Accused Products
Abstract
A method includes issuing a digital certificate to a licensee, the digital certificate identifying a licensed product and the licensee to enable the licensee to enable the licensed product. The method involves receiving a request to enable the licensed product from an entity, the request including the digital certificate and determining whether the entity is the licensee of the licensed product based on the digital certificate. A system includes a relational structure having associations among authorized entities and digital certificates within an organization. Each to digital certificate identifies a licensed product licensed to the organization. A certificate distribution module distributes the digital certificates to associated authorized entities.
41 Citations
17 Claims
-
1. A method for distributing digital certificates, the method comprising:
-
receiving a parent digital certificate from a licensor, the parent digital certificate identifying the licensor, an organizational licensee, a licensed product, and an organizational license of the licensed product to the organizational licensee; generating, by the organizational licensee, at least two child digital certificates based on the parent digital certificate, each of the at least two child digital certificates identifying a specific entity as a sub-licensee of the organizational licensee, the specific entity being authorized to use the licensed product; creating a composite digital certificate, the composite digital certificate including a public portion of the parent digital certificate and the at least two child digital certificates, each of the at least two child digital certificates being directly from the parent digital certificate; accessing a directory service using a light weight directory access protocol to create an association between the composite digital certificate and the specific entity, the association created in a relational structure storing one or more entity identifiers and the composite digital certificate; and distributing the composite digital certificate to the specific entity to authorize the specific entity to enable the licensed product. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a processor; a memory; a relational structure maintained in the memory, the relational structure accessing a directory service using a lightweight directory access protocol to create associations among a specific entity of an organization and digital certificate hierarchies within the organization, the relational structure to store a hierarchy of entity identifiers and the digital certificate hierarchies, each digital certificate hierarchy identifying a licensed product licensed to the organization; and a certificate distribution module executable by the processor to periodically distribute the digital certificate hierarchies to associated authorized entities, each of the digital certificate hierarchies including;
(1) at least a portion of a parent digital certificate issued by a licensor to the organization, the parent digital certificate including a parent private key, and (2) a child digital certificate generated based on the parent digital certificate, the child digital certificate including a public key generated from the parent private key issued by the licensor. - View Dependent Claims (9, 10, 11)
-
-
12. A system comprising:
-
a processor; a memory; and a certificate distribution module stored in the memory and executed on the processor to distribute a composite digital certificate to one or more authorized entities in an organization, the composite digital certificate including; at least a portion of a parent digital certificate issued by a licensor to the organization, the parent digital certificate specifying the licensor, the organization as a licensee, a licensed product, and an organizational license of the licensed product to the organization, the parent digital certificate including a private key, an entity child digital certificate generated by the organization based on the parent digital certificate, the entity child digital certificate identifying a specific entity within the organization authorized to use the licensed product, the entity child digital certificate being more restrictive than the parent digital certificate, and a key child digital certificate generated by the organization based on the parent digital certificate, the key child digital certificate including a public key generated from the private key, the public key associated with the specific entity; and a relational structure stored in the memory and executed on the processor to access a directory service using a light weight directory access protocol to specify an association between the composite digital certificate and the specific entity, the relational structure storing one or more entity identifiers and the composite digital certificate. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification