System and method for searching and retrieving certificates

US 8,566,582 B2
Filed: 05/30/2012
Issued: 10/22/2013
Est. Priority Date: 09/02/2004
Status: Active Grant

First Claim

Patent Images

1. A method of retrieving certificates, the method comprising:

transmitting a certificate search request from an application executing on a mobile device to one or more certificate servers;

for each of one or more located certificates, receiving, at the mobile device in response to the certificate search request, search result data associated with the located certificate from the one or more certificate servers, wherein the search result data for the located certificate comprises serial number and issuer data that uniquely identifies the located certificate and is not the entire data within the located certificate;

determining, by the application without user intervention, whether each located certificate is already stored on the mobile device by comparing the serial number and issuer data that uniquely identifies the located certificate in said search result data to serial number and issuer data associated with certificates stored on the mobile device so that the located certificate is not required to be downloaded in its entirety to the mobile device to determine whether the located certificate is stored on the mobile device;

in response to the determining, selecting certificates for retrieval after identifying which located certificates are already stored on the mobile device; and

retrieving, to the mobile device, the located certificates that are selected for retrieval by the application from the one or more certificate servers, for storage on the mobile device.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, a method is provided in which a certificate search request is received, a search of one or more certificate servers for certificates satisfying the request is performed, located certificates are retrieved and processed at a first computing device to determine data that uniquely identifies each located certificate, and search result data comprising the determined data is communicated to a second device (e.g. a mobile device) for use in determining whether each located certificate is already stored on the second device.

Citations

27 Claims

1. A method of retrieving certificates, the method comprising:
- transmitting a certificate search request from an application executing on a mobile device to one or more certificate servers;
  
  for each of one or more located certificates, receiving, at the mobile device in response to the certificate search request, search result data associated with the located certificate from the one or more certificate servers, wherein the search result data for the located certificate comprises serial number and issuer data that uniquely identifies the located certificate and is not the entire data within the located certificate;
  
  determining, by the application without user intervention, whether each located certificate is already stored on the mobile device by comparing the serial number and issuer data that uniquely identifies the located certificate in said search result data to serial number and issuer data associated with certificates stored on the mobile device so that the located certificate is not required to be downloaded in its entirety to the mobile device to determine whether the located certificate is stored on the mobile device;
  
  in response to the determining, selecting certificates for retrieval after identifying which located certificates are already stored on the mobile device; and
  
  retrieving, to the mobile device, the located certificates that are selected for retrieval by the application from the one or more certificate servers, for storage on the mobile device.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising identifying, in a user interface of the mobile device, which located certificates are not already stored on the mobile device;
    - wherein the selecting is performed, in response to the identifying which located certificates are not already stored on the mobile device, based on user input received at the mobile device.
  - 3. The method of claim 1, wherein the selecting and the retrieving is performed without user intervention.
  - 4. The method of claim 1, wherein the one or more certificate servers comprises an LDAP server.

5. A mobile device configured to retrieve certificates from one or more certificate servers, the mobile device comprising:
- a physical processor configured totransmit a certificate search request from an application executing on the mobile device to the one or more certificate servers;
  
  for each of one or more located certificates, receive, at the mobile device in response to the certificate search request, search result data associated with the located certificate from the one or more certificate servers, wherein the search result data for the located certificate comprises serial number and issuer data that uniquely identifies the located certificate and is not the entire data within the located certificate;
  
  determine, by the application without user intervention, whether each located certificate is already stored on the mobile device by comparing the serial number and issuer data that uniquely identifies the located certificate in said search result data to serial number and issuer data associated with certificates stored on the mobile device so that the located certificate is not required to be downloaded in its entirety to the mobile device to determine whether the located certificate is stored on the mobile device;
  
  in response to determining whether each located certificate is already stored on the mobile device, select certificates for retrieval after identifying which located certificates are already stored on the mobile device; and
  
  retrieve, to the mobile device, the located certificates that are selected for retrieval by the application from the one or more certificate servers, for storage on the mobile device.
- View Dependent Claims (6, 7, 8)
- - 6. The device of claim 5, wherein the processor is configured to identify, in a user interface of the mobile device, which located certificates are not already stored on the mobile device;
    - and wherein the processor is configured to select the certificates for retrieval, in response to identifying which located certificates are not already stored on the mobile device, based on user input received at the mobile device.
  - 7. The device of claim 5, wherein the processor is configured to select the certificate for retrieval and to retrieve the located certificates that are selected for retrieval without user intervention.
  - 8. The device of claim 5, wherein the one or more certificate servers comprises an LDAP server.

9. A non-transitory computer-readable medium comprising instructions for execution by a processor of a mobile device, the instructions causing the processor to perform a method of retrieving certificates comprising:
- transmitting a certificate search request from an application executing on the mobile device to one or more certificate servers;
  
  for each of one or more located certificates, receiving, at the mobile device in response to the certificate search request, search result data associated with the located certificate from the one or more certificate servers, wherein the search result data for the located certificate comprises serial number and issuer data that uniquely identifies the located certificate and is not the entire data within the located certificate;
  
  determining, by the application without user intervention, whether each located certificate is already stored on the mobile device by comparing the serial number and issuer data that uniquely identifies the located certificate in said search result data to serial number and issuer data associated with certificates stored on the mobile device so that the located certificate is not required to be downloaded in its entirety to the mobile device to determine whether the located certificate is stored on the mobile device;
  
  in response to the determining, selecting certificates for retrieval after identifying which located certificates are already stored on the mobile device; and
  
  retrieving, to the mobile device, the located certificates that are selected for retrieval by the application from the one or more certificate servers, for storage on the mobile device.
- View Dependent Claims (10, 11, 12)
- - 10. The medium of claim 9, wherein the instructions further cause the processor to identify, in a user interface of the mobile device, which located certificates are not already stored on the mobile device;
    - wherein the selecting is performed, in response to identifying which located certificates are not already stored on the mobile device, based on user input received at the mobile device.
  - 11. The medium of claim 9, wherein the selecting and the retrieving is performed without user intervention.
  - 12. The medium of claim 9, wherein the one or more certificate servers comprises an LDAP server.

13. A method of retrieving certificates, the method comprising:
- transmitting a certificate search request from an application executing on a mobile device to one or more certificate servers;
  
  for each of one or more located certificates, receiving, at the mobile device in response to the certificate search request, search result data associated with the located certificate from the one or more certificate servers, wherein the search result data for the located certificate comprises a certificate hash that uniquely identifies the located certificate and is not the entire data within the located certificate;
  
  determining, by the application without user intervention, whether each located certificate is already stored on the mobile device by comparing the certificate hash that uniquely identifies the located certificate in said search result data to certificate hashes associated with certificates stored on the mobile device so that the located certificate is not required to be downloaded in its entirety to the mobile device to determine whether the located certificate is stored on the mobile device;
  
  in response to the determining, selecting certificates for retrieval after identifying which located certificates are already stored on the mobile device; and
  
  retrieving, to the mobile device, the located certificates that are selected for retrieval by the application from the one or more certificate servers, for storage on the mobile device.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The method of claim 13, further comprising identifying, in a user interface of the mobile device, which located certificates are not already stored on the mobile device;
    - wherein the selecting is performed, in response to the identifying which located certificates are not already stored on the mobile device, based on user input received at the mobile device.
  - 15. The method of claim 13, wherein the selecting and the retrieving is performed without user intervention.
  - 16. The method of claim 13, wherein the one or more certificate servers comprises an LDAP server.
  - 17. The method of claim 13, further comprising generating one or more certificate hashes associated with certificates stored on the mobile device.

18. A mobile device configured to retrieve certificates from one or more certificate servers, the mobile device comprising:
- a physical processor configured totransmit a certificate search request from an application executing on the mobile device to the one or more certificate servers;
  
  for each of one or more located certificates, receive, at the mobile device in response to the certificate search request, search result data associated with the located certificate from the one or more certificate servers, wherein the search result data for the located certificate comprises a certificate hash that uniquely identifies the located certificate and is not the entire data within the located certificate;
  
  determine, by the application without user intervention, whether each located certificate is already stored on the mobile device by comparing the certificate hash that uniquely identifies the located certificate in said search result data to certificate hashes associated with certificates stored on the mobile device so that the located certificate is not required to be downloaded in its entirety to the mobile device to determine whether the located certificate is stored on the mobile device;
  
  in response to determining whether each located certificate is already stored on the mobile device, select certificates for retrieval after identifying which located certificates are already stored on the mobile device; and
  
  retrieve, to the mobile device, the located certificates that are selected for retrieval by the application from the one or more certificate servers, for storage on the mobile device.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The device of claim 18, wherein the processor is configured to identify, in a user interface of the mobile device, which located certificates are not already stored on the mobile device;
    - and wherein the processor is configured to select the certificates for retrieval, in response to identifying which located certificates are not already stored on the mobile device, based on user input received at the mobile device.
  - 20. The device of claim 18, wherein the processor is configured to select the certificates for retrieval and to retrieve the located certificates that are selected for retrieval without user intervention.
  - 21. The device of claim 18, wherein the one or more certificate servers comprises an LDAP server.
  - 22. The device of claim 18, wherein the processor is configured to generate one or more certificate hashes associated with certificates stored on the mobile device.

23. A non-transitory computer-readable medium comprising instructions for execution by a processor of a mobile device, the instructions causing the processor to perform a method of retrieving certificates comprising:
- transmitting a certificate search request from an application executing on the mobile device to one or more certificate servers;
  
  for each of one or more located certificates, receiving, at the mobile device in response to the certificate search request, search result data associated with the located certificate from the one or more certificate servers, wherein the search result data for the located certificate comprises a certificate hash that uniquely identifies the located certificate and is not the entire data within the located certificate;
  
  determining, by the application without user intervention, whether each located certificate is already stored on the mobile device by comparing the certificate hash that uniquely identifies the located certificate in said search result data to certificate hashes associated with certificates stored on the mobile device so that the located certificate is not required to be downloaded in its entirety to the mobile device to determine whether the located certificate is stored on the mobile device;
  
  in response to the determining, selecting certificates for retrieval after identifying which located certificates are already stored on the mobile device; and
  
  retrieving, to the mobile device, the located certificates that are selected for retrieval by the application from the one or more certificate servers, for storage on the mobile device.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The medium of claim 23, wherein the instructions further cause the processor to identify, in a user interface of the mobile device, which located certificates are not already stored on the mobile device;
    - wherein the selecting is performed, in response to identifying which located certificates are not already stored on the mobile device, based on user input received at the mobile device.
  - 25. The medium of claim 23, wherein the selecting and the retrieving is performed without user intervention.
  - 26. The medium of claim 23, wherein the one or more certificate servers comprises an LDAP server.
  - 27. The medium of claim 23, wherein the instructions further cause the processor to generate one or more certificate hashes associated with certificates stored on the mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Adams, Neil Patrick, Brown, Michael Stephen, Little, Herbert Anthony
Primary Examiner(s)
Gelagay, Shewaye

Application Number

US13/483,216
Publication Number

US 20120239927A1
Time in Patent Office

510 Days
Field of Search

None
US Class Current

713/156
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/04   for providing a confidentia...

H04L 63/0823   using certificates cryptogr...

H04L 9/3265   using certificate chains, t...

System and method for searching and retrieving certificates

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for searching and retrieving certificates

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links