Secure gateway with redundent servers

US 8,046,579 B2
Filed: 10/04/2005
Issued: 10/25/2011
Est. Priority Date: 10/04/2005
Status: Active Grant

First Claim

Patent Images

1. A system for authenticating postal devices, comprising:

a postal device including a device processor coupled to a device memory storing a device private key, a first device certificate, and a first server certificate, the first device certificate comprising a device public key and a digital signature of the device public key based upon a first server private key, the first server certificate comprising a first server public key and a digital signature thereof based upon a root private key;

a first server including a first processor coupled to a first memory storing the first server private key and the first server certificate;

a root server including a root processor coupled to a root memory storing the root private key and a root certificate comprising a root public key;

a second server providing functionality to said postal device redundant to functionality provided by said first server, said second server including a second processor coupled to a second memory storing a second server private key, a second server certificate comprising a second server public key and a digital signature thereof based upon the root private key and instructions configured to be executed by the second processor to receive from the postal device at the second server the first device certificate and the first server certificate, authenticate the first device certificate using the first server certificate, authenticate the first server certificate using the root certificate and send a second device certificate to the postal device,each of said first server and said second server being configured to service said postal device while said postal device is in an operational state,the system configured not to replicate data between said first server and said second server.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure gateway includes a TLS server for authenticating connecting devices, a connection manager for routing requests from the TLS server to service provider adapters, and a key management system for providing key management functions, wherein when a device provides a manufacturing certificate to one or more servers of the gateway, servers identify the device as authentic by validating that the manufacturing certificate provided is signed by the same root that has signed the servers its own certificate.

34 Citations

View as Search Results

20 Claims

1. A system for authenticating postal devices, comprising:
- a postal device including a device processor coupled to a device memory storing a device private key, a first device certificate, and a first server certificate, the first device certificate comprising a device public key and a digital signature of the device public key based upon a first server private key, the first server certificate comprising a first server public key and a digital signature thereof based upon a root private key;
  
  a first server including a first processor coupled to a first memory storing the first server private key and the first server certificate;
  
  a root server including a root processor coupled to a root memory storing the root private key and a root certificate comprising a root public key;
  
  a second server providing functionality to said postal device redundant to functionality provided by said first server, said second server including a second processor coupled to a second memory storing a second server private key, a second server certificate comprising a second server public key and a digital signature thereof based upon the root private key and instructions configured to be executed by the second processor to receive from the postal device at the second server the first device certificate and the first server certificate, authenticate the first device certificate using the first server certificate, authenticate the first server certificate using the root certificate and send a second device certificate to the postal device,each of said first server and said second server being configured to service said postal device while said postal device is in an operational state,the system configured not to replicate data between said first server and said second server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein at least one certificate from the group of the first device certificate, the first server certificate, and the second server certificate have a finite cryptographic lifetime at the end of which the at least one certificate is no longer valid.
  - 3. The system of claim 1, wherein the root public key is a first root public key and the rot certificate further comprises a hash of a second root public key.
  - 4. The system of claim 3, wherein the root certificate is a first root certificate, and the root memory further stores instructions configured to be executed by the root processor to receive a second root certificate that includes the second root public key, calculate the hash of the second root public key, compare the calculated hash with a hash included in the first root certificate, and if the calculated hash corresponds to the hash included in the first root certificate, then to replace the first root certificate with the second root certificate.
  - 5. The system of claim 1, wherein the second memory further stores instructions configured to be executed by the second processor to receive from the postal device the first device certificate and the first server certificate, authenticate the first device certificate using the first server certificate and authenticate the first server certificate using the root certificate and, if the certificates are successfully authenticated, to digitally sign the device public key using the second server private key and send to the postal device a second device certificate that includes a digital signature of the first device certificate based upon the second server private key.
  - 6. The system of claim 1, wherein the device private key is a first device private key, and the device public key is a first device public key, and the second memory further stores instructions configured to be executed by the second processor to receive from the postal device the first device certificate and the first server certificate, authenticate the first device certificate using the first server certificate and authenticate the first server certificate using the root certificate and, if the certificates are successfully authenticated, send to the postal device a request for a second device public key, receive from the postal device the second device public key, digitally sign the second device public key using the second server private key and send to the postal device the second device certificate that includes the second device public key and a digital signature thereof based upon the second server private key.
  - 7. The system of claim 1, wherein the first server is located in a first region and the second server is located in a second region.
  - 8. The system of claim 1, wherein the first server and the second server are located in the same region.
  - 9. The system of claim 1, wherein there is no substantial data communication between said first server and said second server.

10. A method for authenticating a postal device having a first device certificate and a first server certificate for a first server, the first device certificate including a device public key and a digital signature thereof based upon a first server private key, the first server certificate having a first public key and a digital signature thereof based upon a root server private key, comprising:
- receiving from the postal device at a second server the first device certificate and the first server certificate, the second server configured to provide functionality to the postal device redundant to functionality provided by the first server;
  
  authenticating the first device certificate using the first server certificate;
  
  authenticating the first server certificate using a root certificate that includes a root server public key corresponding to the root server private key; and
  
  in response to the first device certificate and the certificate of the first server being authenticated, creating a second device certificate and sending the second device certificate to the postal device,each of the first server and the second server being configured to service said postal device while said postal device is in an operational state,the first server and the second server configured not to replicate data between the first server and the second server.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, wherein creating the second device certificate comprises signing the public key of the first device certificate using a second server private key.
  - 12. The method of claim 10, wherein creating the second device certificate comprises receiving a second device public key and signing the second device public key using a second server private key.
  - 13. The method of claim 12, further comprising replacing the first device certificate with the second device certificate at the postal device.
  - 14. The method of claim 10, wherein the root server is a first root server, the root server public key is a first root server public key and the root certificate is a first root certificate that further includes a hash of a second root server public key and further comprising:
    - receiving at the second server the second root server public key;
      
      calculating the hash of the second root server public key;
      
      comparing the calculated hash of the second root server public key to the hash included in the first root server certificate; and
      
      in response to the calculated hash corresponding to the hash included in the first root server certificate, replacing at the second server the first root server certificate with a second root server certificate comprising the second root server public key.
  - 15. The method of claim 10, further comprising:
    - Determining availability of each of a plurality of servers and designating the most available server as the second server.
  - 16. The method of claim 10, further comprising designating one of a plurality of servers as the second server in response to a determination that another server is unavailable.
  - 17. The method of claim 10, wherein the first server and the second server are redundant servers that are configured to provide the same service to the postal device.

18. A non-transitory computer readable storage medium storing instructions configured to authenticate a postal device having a first device certificate and a first server certificate for a first server, the first device certificate including a device public key and a digital signature thereof based upon a first server private key, the first server certificate having a first public key and a digital signature thereof based upon a root server private key and to perform steps comprising:
- receiving from the postal device at a second server the first device certificate and the first server certificate, the second server configured to provide functionality to the postal device redundant to functionality provided by the first server;
  
  authenticating the first device certificate using the first server certificate;
  
  authenticating the first server certificate using a root certificate that includes a root server public key corresponding to the root server private key; and
  
  in response to the first device certificate and the certificate of the first server being authenticated, creating a second device certificate and sending the second device certificate to the postal device,each of the first server and the second server being configured to service said postal device while said postal device is in an operational state,the first server and the second server configured not to replicate data between the first server and the second server.
- View Dependent Claims (19, 20)
- - 19. The non-transitory computer readable storage medium of claim 18, wherein the instructions are configured to perform the further step of replacing the first device certificate with the second device certificate at the postal device.
  - 20. The non-transitory computer readable storage medium of claim 18, wherein the root server is a first root server, the root server public key is a first root server public key and the root certificate is a first root certificate that further includes a hash of a second root server public key and wherein the instructions are configured to perform further steps comprising:
    - receiving at the second server the second root server public key;
      
      calculating the hash of the second root server public key;
      
      comparing the calculate hash of the second root server public key to the hash included in the first root server certificate; and
      
      in response to the calculated hash corresponding to the hash included in the first root server certificate, replacing at the second server the first root server certificate with a second root server certificate comprising the second root server public key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Quadient Technologies France
Original Assignee
Neopost Technologies S.A. (Quadient SA)
Inventors
Kresina, Roman
Primary Examiner(s)
Zee; Edward
Assistant Examiner(s)
Nguy; Chi

Application Number

US11/242,964
Publication Number

US 20070079115A1
Time in Patent Office

2,212 Days
Field of Search

713155-157, 713/168, 713175-177, 713277-278, 380/273, 380/258, 380/279, 380/282, 705/67, 705/50, 705 60- 61
US Class Current

713/155
CPC Class Codes

H04L 2209/125   Parallelization or pipelini...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0428   wherein the data content is...

H04L 63/068   using time-dependent keys, ...

H04L 63/0823   using certificates cryptogr...

H04L 63/166   at the transport layer

H04L 69/40   for recovering from a failu...

H04L 9/3265   using certificate chains, t...

Secure gateway with redundent servers

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

34 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure gateway with redundent servers

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links