Employing electronic certificate workflows
First Claim
1. A method comprising:
- associating each workflow of a plurality of workflows with a corresponding domain of a plurality of domains in an Identity System, each domain of said plurality of domains comprising one or more entities and each workflow of said plurality of workflows using a different predefined set of steps to perform a certificate related action affecting validity of the certificate, the certificate comprising a security credential, wherein each workflow in said plurality of workflows corresponds to a different set of characteristics for a user, wherein the first workflow contains a first set of steps and a second workflow in said plurality of workflows contains a second set of steps, wherein said first set of steps is different from said second set of steps, wherein said first workflow calls for obtaining an approval before performing a certificate related action for users having a first user type, and wherein said second workflow does not call for obtaining an approval before performing a certificate related action for users having a second user type;
receiving at the Identity System a request for a first certificate related action for a first user wherein the first certificate related action is selected from a group consisting of a certificate enrollment action, a certificate renewal action, and a certificate revocation action;
determining from said plurality of domains a domain that includes said user;
determining from said plurality of workflows, one or more workflows associated with said domain and capable of performing said certificate related action;
retrieving by the Identity System from said one or more workflows associated with said domain a first workflow for responding to said request wherein retrieving the first workflow comprises selecting the first workflow from the one or more workflows associated with said domain based on the first certificate related action and a user type of the first user from a set of characteristics for the first user from an identity profile for the first user maintained by the Identity System being the first user type and wherein the request includes an identification of said identity profile for the first user;
performing said first workflow, wherein performing said first workflow comprises executing said predefined set of steps of said first workflow to perform said certificate related action including retrieving an approval response from an entity associated with the first user and identified in the identity profile for the first user and obtaining a certificate and a real time status for the certificate from a certificate authority based on the approval response; and
storing the certificate and said real time status in the Identity System, wherein the certificate authority is external to the Identity System.
5 Assignments
0 Petitions
Accused Products
Abstract
An Identity System manages certificate related actions for organization members and affiliates. Examples of certificate related actions include certificate enrollment, renewal, and revocation. The Identity System maintains and employs different certificate related workflows for different organization members and affiliates. After receiving a request for a certificate related action, the Identity System retrieves a workflow for responding to the request. The Identity System selects the workflow from a plurality of workflows for responding to the type of certificate related action being requested. Each workflow in the plurality corresponds to a different set of user characteristics. The Identity System selects the workflow that corresponds to the requested certificate related action, as well as the type of user for which the request is made.
244 Citations
27 Claims
-
1. A method comprising:
-
associating each workflow of a plurality of workflows with a corresponding domain of a plurality of domains in an Identity System, each domain of said plurality of domains comprising one or more entities and each workflow of said plurality of workflows using a different predefined set of steps to perform a certificate related action affecting validity of the certificate, the certificate comprising a security credential, wherein each workflow in said plurality of workflows corresponds to a different set of characteristics for a user, wherein the first workflow contains a first set of steps and a second workflow in said plurality of workflows contains a second set of steps, wherein said first set of steps is different from said second set of steps, wherein said first workflow calls for obtaining an approval before performing a certificate related action for users having a first user type, and wherein said second workflow does not call for obtaining an approval before performing a certificate related action for users having a second user type; receiving at the Identity System a request for a first certificate related action for a first user wherein the first certificate related action is selected from a group consisting of a certificate enrollment action, a certificate renewal action, and a certificate revocation action; determining from said plurality of domains a domain that includes said user; determining from said plurality of workflows, one or more workflows associated with said domain and capable of performing said certificate related action; retrieving by the Identity System from said one or more workflows associated with said domain a first workflow for responding to said request wherein retrieving the first workflow comprises selecting the first workflow from the one or more workflows associated with said domain based on the first certificate related action and a user type of the first user from a set of characteristics for the first user from an identity profile for the first user maintained by the Identity System being the first user type and wherein the request includes an identification of said identity profile for the first user; performing said first workflow, wherein performing said first workflow comprises executing said predefined set of steps of said first workflow to perform said certificate related action including retrieving an approval response from an entity associated with the first user and identified in the identity profile for the first user and obtaining a certificate and a real time status for the certificate from a certificate authority based on the approval response; and storing the certificate and said real time status in the Identity System, wherein the certificate authority is external to the Identity System. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 23, 24, 25)
-
-
9. One or more processor readable storage devices having processor readable code embodied on said processor readable storage devices, said processor readable code for programming one or more processors to perform a method comprising:
-
associating each workflow of a plurality of workflows with a corresponding domain of a plurality of domains in an Identity System, each domain of said plurality of domains comprising one or more entities and each workflow of said plurality of workflows using a different predefined set of steps to perform a certificate related action affecting validity of the certificate, the certificate comprising a security credential, wherein each workflow in said plurality of workflows corresponds to a different set of characteristics for a user, wherein the first workflow contains a first set of steps and a second workflow in said plurality of workflows contains a second set of steps, wherein said first set of steps is different from said second set of steps, wherein said first workflow calls for obtaining an approval before performing a certificate related action for users having a first user type, and wherein said second workflow does not call for obtaining an approval before performing a certificate related action for users having a second user type; receiving at the Identity System a request for a first certificate related action for a first user wherein the first certificate related action is selected from a group consisting of a certificate enrollment action, a certificate renewal action, and a certificate revocation action; determining from said plurality of domains a domain that includes said user; determining from said plurality of workflows, one or more workflows associated with said domain and capable of performing said certificate related action; retrieving by the Identity System from said one or more workflows associated with said domain a first workflow for responding to said request wherein retrieving the first workflow comprises selecting the first workflow from the one or more workflows associated with said domain based on the first certificate related action and a user type of the first user from a set of characteristics for the first user from an identity profile for the first user maintained by the Identity System being the first user type and wherein the request includes an identification of said identity profile for the first user; performing said first workflow, wherein performing said first workflow comprises executing said predefined set of steps of said first workflow to perform said certificate related action including retrieving an approval response from an entity associated with the first user and identified in the identity profile for the first user and obtaining a certificate and a real time status for the certificate from a certificate authority based on the approval response; and storing the certificate and said real time status in the Identity System, wherein the certificate authority is external to the Identity System. - View Dependent Claims (10, 11, 12, 13, 14, 15, 26)
-
-
16. An apparatus comprising:
-
one or more communications interfaces; one or more storage devices; and one or more processors in communication with said one or more storage devices and said one or more communication interfaces, said one or more processors perform a method comprising; associating each workflow of a plurality of workflows with a corresponding domain of a plurality of domains in an Identity System, each domain of said plurality of domains comprising one or more entities and each workflow of said plurality of workflows using a different predefined set of steps to perform a certificate related action affecting validity of the certificate, the certificate comprising a security credential, wherein each workflow in said plurality of workflows corresponds to a different set of characteristics for a user, wherein the first workflow contains a first set of steps and a second workflow in said plurality of workflows contains a second set of steps, wherein said first set of steps is different from said second set of steps, wherein said first workflow calls for obtaining an approval before performing a certificate related action for users having a first user type, and wherein said second workflow does not call for obtaining an approval before performing a certificate related action for users having a second user type; receiving at the Identity System a request for a first certificate related action for a first user wherein the first certificate related action is selected from a group consisting of a certificate enrollment action, a certificate renewal action, and a certificate revocation action; determining from said plurality of domains a domain that includes said user; determining from said plurality of workflows, one or more workflows associated with said domain and capable of performing said certificate related action; retrieving by the Identity System from said one or more workflows associated with said domain a first workflow for responding to said request wherein retrieving the first workflow comprises selecting the first workflow from the one or more workflows associated with said domain based on the first certificate related action and a user type of the first user from a set of characteristics for the first user from an identity profile for the first user maintained by the Identity System being the first user type and wherein the request includes an identification of said identity profile for the first user; performing said first workflow, wherein performing said first workflow comprises executing said predefined set of steps of said first workflow to perform said certificate related action including retrieving an approval response from an entity associated with the first user and identified in the identity profile for the first user and obtaining a certificate and a real time status for the certificate from a certificate authority based on the approval response; and storing the certificate and said real time status in the Identity System, wherein the certificate authority is external to the Identity System. - View Dependent Claims (17, 18, 19, 20, 21, 22, 27)
-
Specification