Electronic certificate issuance system, electronic certificate issuing device, communication device, and program therefor
First Claim
1. An electronic certificate issuance system comprising:
- a plurality of communication devices; and
an electronic certificate issuing device for issuing an electronic certificate and a private key corresponding to the electronic certificate as a certification set for each of the plurality of communication devices,wherein the electronic certificate issuing device includes;
a first connecting interface, through which an external storage device can be removably connected to the electronic certificate issuing device;
an obtaining system configured to obtain a node ID assigned to each of the plurality of communication devices by requesting each of the plurality of communication devices for the node ID;
a generating system configured to generate a certification set for each of the plurality of communication devices whom a node ID was obtained, the electronic certificate in each certification set including the node ID obtained by the obtaining system as owner ID information of the electronic certificate and the private key corresponding to the electronic certificate for each of the plurality of communication devices; and
a writing system configured to collectively write a plurality of certification sets, one certification set for each of the plurality of communication devices whom a node ID was obtained generated by the generating system into the external storage device connected to the first connecting interface in a batch, andwherein each of the plurality of communication devices includes;
a second connecting interface, through which the external storage device can be removably connected to the communication device;
a judging system configured to, when the external storage device is connected to the communication device through the second connecting interface, judge as to whether one of the collectively written plurality of certification sets stored in said external storage device is for the communication device, said judging being based upon a comparison of the owner ID information included in said electronic certificate in each of the collectively written plurality of certification sets and the node ID assigned to the communication device; and
an installing system configured to install the electronic certificate and the private key corresponding to the electronic certificate into the communication device itself based upon the judging.
1 Assignment
0 Petitions
Accused Products
Abstract
An electronic certificate issuance system comprising at least one communication device, and an electronic certificate issuing device for issuing a set of an electronic certificate and a private key corresponding to the electronic certificate as a certification set for each of the at least one communication device, is provided. The electronic certificate issuing device includes a first connecting interface, an obtaining system, which is adapted to obtain a node ID assigned to each of the at least one communication device, a generating system, and a writing system. The at least one communication device includes a second connecting interface, a judging system, and an installing system.
14 Citations
19 Claims
-
1. An electronic certificate issuance system comprising:
a plurality of communication devices; and an electronic certificate issuing device for issuing an electronic certificate and a private key corresponding to the electronic certificate as a certification set for each of the plurality of communication devices, wherein the electronic certificate issuing device includes; a first connecting interface, through which an external storage device can be removably connected to the electronic certificate issuing device; an obtaining system configured to obtain a node ID assigned to each of the plurality of communication devices by requesting each of the plurality of communication devices for the node ID; a generating system configured to generate a certification set for each of the plurality of communication devices whom a node ID was obtained, the electronic certificate in each certification set including the node ID obtained by the obtaining system as owner ID information of the electronic certificate and the private key corresponding to the electronic certificate for each of the plurality of communication devices; and a writing system configured to collectively write a plurality of certification sets, one certification set for each of the plurality of communication devices whom a node ID was obtained generated by the generating system into the external storage device connected to the first connecting interface in a batch, and wherein each of the plurality of communication devices includes; a second connecting interface, through which the external storage device can be removably connected to the communication device; a judging system configured to, when the external storage device is connected to the communication device through the second connecting interface, judge as to whether one of the collectively written plurality of certification sets stored in said external storage device is for the communication device, said judging being based upon a comparison of the owner ID information included in said electronic certificate in each of the collectively written plurality of certification sets and the node ID assigned to the communication device; and an installing system configured to install the electronic certificate and the private key corresponding to the electronic certificate into the communication device itself based upon the judging. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. An electronic certificate issuance system comprising:
-
a plurality of communication devices; and an electronic certificate issuing device for issuing an electronic certificate and a private key corresponding to the electronic certificate as a certification set for each of the plurality of communication device said electronic certificate including an owner ID information, wherein the electronic certificate issuing device includes; a first connecting interface, through which an external storage device can be removably connected to the electronic certificate issuing device; an obtaining system configured to obtain node ID information indicating a routable network address to be assigned to the plurality of communication devices; a generating system configured to generate the certification set including the electronic certificate and the private key corresponding to the electronic certificate and further including configuration data, which contains an instruction for each of the plurality of communication devices to set a routable network address of the communication device to the owner ID information contained in the electronic certificate in the certification set; and a writing system configured to collectively write a plurality of certification sets, one certification set for each of the plurality of communication devices including the configuration data, the electronic certificate, and the private key corresponding to the electronic certificate generated by the generating system for each of the plurality of communication devices, into the external storage device connected to the first connecting interface in a batch, and wherein the at least one communication device includes; a second connecting interface, through which the external storage device can be removably connected to the communication device; a judging system configured to, when the external storage device is connected to each of the plurality of communication devices through the second connecting interface, judge as to whether there is at least one certificate set stored in said external storage; and a configuration installing system configured to arbitrarily select one certificate set among said at least one certificate sets, sets the routable network address of the communication device to the owner ID information contained in the electronic certificate in the certification set, and install the electronic certificate and the private key corresponding to the electronic certificate included in the selected certificate set into the communication device.
-
-
9. An electronic certificate issuance system comprising:
-
a plurality of communication device, which are communicably connected to a network; and an electronic certificate issuing device, which is communicably connected with the plurality of communication devices through the network, for issuing an electronic certificate for the plurality of communication devices, wherein the electronic certificate issuing device includes; a first connecting interface, through which an external storage device can be removably connected to the electronic certificate issuing device; an obtaining system configured to obtain a node ID assigned to each of the plurality of communication devices and a public key corresponding to a private key generated in each of the plurality of communication devices by requesting each of the plurality of the communication devices for the node ID through the network; a generating system configured to generate an electronic certificate for each of the plurality of communication devices whom a node ID was obtained, the electronic certificate including the node ID obtained from the communication device by the obtaining system as owner ID information of the electronic certificate, the public key from the communication device and certify authenticity of the public key obtained from each of the plurality of communication devices by the obtaining system; a writing system configured to collectively write a plurality of the electronic certificates generated for each of the plurality of communication devices by the generating system into the external storage device connected to the first connecting interface in a batch, wherein each of the plurality of communication devices includes; a second connecting interface, through which the external storage device can be removably connected to the communication device; a key generating system, which generates the private key to be used in the communication device and the public key corresponding to the private key; an ID information transmitting system, which transmits the public key generated by the key generating system and the node ID assigned to the communication device to the electronic certificate issuing device through the network; a judging system configured to judge as to whether an electronic certificate issued for the communication device is written in the external storage device when the external storage device is connected to the communication device through the second connecting interface; and an installing system, which installs the electronic certificate into the communication device when the judging system determines the electronic certificate issued for the communication device is written in the external storage device. - View Dependent Claims (10, 11, 12)
-
-
13. A communication device with a node ID assigned thereto, comprising:
-
a key generating system, which generates a private key to be used in the communication device and a public key corresponding to the private key; an ID information transmitting system, which transmits the public key generated by the key generating system and the node ID assigned to the communication device to an electronic certificate issuing device through the network; a connecting interface through which an external storage device containing a plurality of encrypted data sets, each of said plurality of encrypted data sets includes data representing an electronic certificate and a private key corresponding to the electronic certificate can be removably connected to the communication device, said encrypting using said public key generated by the key generating system; a judging system configured to, when the external storage device is connected to the connecting interface, judge as to whether one of the plurality of encrypted data sets stored in said external storage device is for the communication device, said judging being based upon a comparison of a owner ID information contained in an electronic certificate in each of the at least one encrypted data set and the node ID assigned to the communication device; and an installing system configured to install a decrypted electronic certificate based on the judgement of the judging system. - View Dependent Claims (14)
-
-
15. A communication device comprising:
-
a connecting interface through which an external storage device can be removably connected; a judging system for judging as to whether a plurality of data sets including configuration data, each of said plurality of data sets contains a routable network address for the communication device and an instruction for the communication device to set the contained routable network address to the communication device, an electronic certificate, which includes a routable network address as owner ID information of the electronic certificate being identical to the routable network address indicated in the configuration data, and a private key corresponding to the electronic certificate, is written in the external storage device; and a configuration installing system configured to arbitrarily select one data set among the plurality of data sets written in the external storage device, sets the routable network address of the communication device to the routable network address node ID contained in the configuration data which is included in the selected certificate set, and install the electronic certificate and the private key corresponding to the electronic certificate included in the selected certificate set into the communication device.
-
-
16. A computer readable storage device comprising computer readable instructions for controlling a computer, having a connecting interface through which an external storage device is connected to the computer, to have an electronic certificate and a private key corresponding to the electronic certificate issued for the computer, by executing steps of:
-
generating a private key to be used in a communication device and a public key corresponding to the private key; transmitting the public key and a node ID assigned to the communication device to an electronic certificate issuing device through the network; judging when the external storage device is connected to the computer through the connecting interface whether one of a plurality of encrypted data sets stored in said external storage device is for the computer, each of the plurality of encrypted data sets including an encrypted electronic certificate including a node ID as owner ID information of the encrypted electronic certificate being identical to a node ID assigned to the communication device and the private key corresponding to the encrypted electronic certificate, said judging being based upon a comparison of a owner ID information contained in an electronic certificate in each of the plurality of encrypted data sets and the node ID assigned to the communication device; and installing a decrypted electronic certificate and the private key corresponding to the encrypted electronic certificate written in the external storage device into the communication device based on the judging.
-
-
17. A computer readable storage device comprising computer readable instructions for controlling a computer, having a connecting interface through which an external storage device is connected to the computer, to execute a method of:
-
judging whether a plurality of data sets, each of said plurality of data sets includes configuration data, which contains a routable network address for a communication device and an instruction for the communication device to set the contained routable network address to the communication device, an electronic certificate, which includes a routable network address as owner ID information of the electronic certificate being identical to the routable network address indicated in the configuration data, and a private key corresponding to the electronic certificate, is written in the external storage device; selecting arbitrarily one data set among said plurality of data sets written in the external storage device; setting the routable network address of the communication device to the routable network address contained in the configuration data which is included in the selected certificate set; and installing the electronic certificate and the private key corresponding to the electronic certificate included in the selected certificate set into the communication device.
-
-
18. A communication device comprising:
-
a connecting interface, through which an external storage device can be removably connected to the communication device; a judging system configured to, when the external storage device is connected to the communication device through the connecting interface, judge as to whether one of a plurality of certification sets stored in said external storage device is for the communication device, each certification set includes an electronic certificate with a node ID as owner ID information of the electronic certificate and a private key corresponding to the electronic certificate, said judging being based upon a comparison of the owner ID information included in said electronic certificate in each of the plurality of certification sets and the node ID assigned to the communication device; and an installing system configured to install the electronic certificate and the private key corresponding to the electronic certificate into the communication device based upon the judging.
-
-
19. A computer readable storage device comprising computer readable instructions for controlling a computer in a communication device, the communication device having a connecting interface through which an external storage device is connected, to execute the method of:
-
judging, when the external storage device is connected to the communication device through the connecting interface, whether one of a plurality of certification sets stored in said external storage device is for the communication device, each of said plurality of data sets includes an electronic certificate with a node ID as owner ID information of the electronic certificate and a private key corresponding to the electronic certificate, said judging being based upon a comparison of the owner ID information included in said electronic certificate in each of the plurality of certification sets and the node ID assigned to the communication device; and installing the electronic certificate and the private key corresponding to the electronic certificate into the communication device based upon the judging.
-
Specification