Methods and system for a key recovery plan
First Claim
Patent Images
1. A method comprising:
- storing a key recovery plan associated with a token comprising a plurality of lost status states, wherein each of the plurality of lost status states comprises at least one of a plurality of subject keys, an action to be taken for each of the plurality of subject keys or a token action;
receiving a unique identifier associated with the token;
identifying at least one of the subject keys associated with the token based on the unique identifier;
receiving an indication that the token was lost and a reason that the token was lost;
selecting, by a hardware processor, a key recovery plan based on the reason that the token was lost, wherein the key recovery plan identifies an action to be taken with the at least one subject key and wherein the action corresponds to the reason that the token was lost, and wherein the action to be taken is to recover at least one prior subject key associated with the same token; and
wherein the action further comprises;
generating a new subject key and certificate to be associated with the token and managing a certificate associated with the at least one prior subject key.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems and computer readable mediums are provided for recovering subject keys and/or certificates for a token. A unique identifier associated with the token is obtained. The token is associated with subject keys and with a first status of statuses, the statuses including a lost status state and an other status state. In response to the token being in the lost status state, a key recovery plan is determined to recover at least one of the subject keys and the certificates associated with the token.
216 Citations
17 Claims
-
1. A method comprising:
-
storing a key recovery plan associated with a token comprising a plurality of lost status states, wherein each of the plurality of lost status states comprises at least one of a plurality of subject keys, an action to be taken for each of the plurality of subject keys or a token action; receiving a unique identifier associated with the token; identifying at least one of the subject keys associated with the token based on the unique identifier; receiving an indication that the token was lost and a reason that the token was lost; selecting, by a hardware processor, a key recovery plan based on the reason that the token was lost, wherein the key recovery plan identifies an action to be taken with the at least one subject key and wherein the action corresponds to the reason that the token was lost, and wherein the action to be taken is to recover at least one prior subject key associated with the same token; and wherein the action further comprises;
generating a new subject key and certificate to be associated with the token and managing a certificate associated with the at least one prior subject key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
a memory containing instructions; and a hardware processor configured to execute the instructions contained in the memory to; store a key recovery plan associated with a token comprising a plurality of lost status states, wherein each of the plurality of lost status states comprises at least one of a plurality of subject keys, an action to be taken for each of the plurality of subject keys or a token action; receive a unique identifier associated with the token; identify at least one of the subject keys associated with the token based on the unique identifier; receive an indication that the token was lost and a reason that the token was lost; select a key recovery plan based on the reason that the token was lost, wherein the key recovery plan identifies an action to be taken with the at least one of the subject keys and wherein the action corresponds to the reason that the token was lost, and wherein the action to be taken is to recover at least one prior subject key associated with the same token; and wherein the action further comprises;
generating a new subject key and certificate to be associated with the token and managing a certificate associated with the at least one prior subject key.
-
-
10. A non-transitory computer-readable medium comprising instructions for causing the hardware processor to perform a method comprising:
-
storing a key recovery plan associated with a token comprising a plurality of lost status states, wherein each of the plurality of lost status states comprises at least one of a plurality of subject keys, an action to be taken for each of the plurality of subject keys or a token action; receiving a unique identifier associated with the token; identifying at least one of the subject keys associated with the token based on the unique identifier; receiving an indication that the token was lost and a reason that the token was lost; selecting, by a hardware processor, a key recovery plan based on the reason that the token was lost, wherein the key recovery plan identifies an action to be taken with the at least one subject key and wherein the action corresponds to the reason that the token was lost, and wherein the action to be taken is to recover at least one prior subject key associated with the same token; and wherein the action further comprises;
generating a new subject key and certificate to be associated with the token and managing a certificate associated with the at least one prior subject key.
-
-
11. A method comprising:
-
storing a key recovery plan associated with a token comprising a plurality of lost status states, wherein each of the plurality of lost status states comprises at least one of a plurality of subject keys, an action to be taken for each of the plurality of subject keys or a token action; receiving an indication that the token was lost and a reason that the token was lost; selecting, by a hardware processor, an action to be performed for the at least one of the subject keys associated with the token based on the reason that the token was lost; performing the action for the at least one of the subject keys associated with the token, wherein the action to be taken is to recover at least one prior subject key associated with the same token; and wherein the action further comprises at least one of generating a new subject key and certificate to be associated with the token; and
managing a certificate associated with the at least one prior subject key. - View Dependent Claims (12, 13, 14, 15)
-
-
16. An apparatus comprising:
-
a memory containing instructions; and a hardware processor configured to execute the instructions contained in the memory to; store a key recovery plan associated with a token comprising a plurality of lost status states, wherein each of the plurality of lost status states comprises at least one of a plurality of subject keys, an action to be taken for each of the plurality of subject keys or a token action; receive an indication that the token was lost and a reason that the token was lost; select an action to be performed for at least one of the subject keys associated with the token based on the reason that the token was lost; perform the action for the at least one of the subject keys associated with the token, wherein the action to be taken is to recover at least one prior subject key associated with the same token; and wherein the action further comprises at least one of generating a new subject key and certificate to be associated with the token; and
managing a certificate associated with the at least one prior subject key.
-
-
17. A non-transitory computer-readable medium comprising instructions for causing a hardware processor to perform a method comprising:
-
storing a key recovery plan associated with a token comprising a plurality of lost status states, wherein each of the plurality of lost status states comprises at least one of a plurality of subject keys, an action to be taken for each of the plurality of subject keys or a token action; receiving an indication that the token was lost and a reason that the token was lost; selecting, by a hardware processor, an action to be performed for the at least one of the subject keys associated with the token based on the reason that the token was lost; performing the action for the at least one of the subject keys associated with the token, wherein the action to be taken is to recover at least one prior subject key associated with the same token; and wherein the action further comprises at least one of generating a new subject key and certificate to be associated with the token; and
managing a certificate associated with the at least one prior subject key.
-
Specification