Scalable certificate validation and simplified PKI management
First Claim
1. A method of accessing a door, comprising:
- providing a card with previously-verified data that includes a digital signature;
causing the card to receive a proof of access rights to the door for a specified time interval, wherein the specified time interval includes at least some time after a time that the previously-verified data was verified, and wherein the proof is unverified and separate from the previously-verified data, wherein the unverified proof does not include an associated digital signature;
causing the card to be presented to a mechanism of the door at a current time, the mechanism being local to the door;
causing the mechanism to locally verify the proof without verification of the proof from any other party; and
causing the door to open if the proof is verified and the current time is within the specified time interval.
7 Assignments
0 Petitions
Accused Products
Abstract
Managing a digital certificate includes a landlord providing a digital certificate, a secure hardware device generating a series of n hash values, the secure hardware device providing an nth hash value to the landlord, wherein other hash values are not readily available to the landlord, the landlord placing the nth hash value in the certificate, the landlord digitally verifying the certificate containing the nth hash value to obtain a digitally signed certificate, a tenant obtaining the digitally signed certificate, the tenant obtaining the n hash values and the tenant managing the certificate by periodically issuing a previous hash value in the series of n hash values in response to the certificate being valid when the previous hash value is issued.
-
Citations
42 Claims
-
1. A method of accessing a door, comprising:
-
providing a card with previously-verified data that includes a digital signature; causing the card to receive a proof of access rights to the door for a specified time interval, wherein the specified time interval includes at least some time after a time that the previously-verified data was verified, and wherein the proof is unverified and separate from the previously-verified data, wherein the unverified proof does not include an associated digital signature; causing the card to be presented to a mechanism of the door at a current time, the mechanism being local to the door; causing the mechanism to locally verify the proof without verification of the proof from any other party; and causing the door to open if the proof is verified and the current time is within the specified time interval. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method of issuing a card to a user for accessing a door, comprising:
-
verifying that the user is entitled to access rights to the door; providing the card with previously-verified data that includes a digital signature; and if the user is entitled to access rights to the door, causing the card to receive a proof of access rights to the door for a specified time interval, wherein the proof is unverified and separate from the previously-verified data, wherein the unverified proof does not include an associated digital signature, wherein the specified time interval includes at least some time after a time that the previously-verified data was verified, and wherein, in response to the card being presented to a mechanism of the door at a current time, the mechanism being local to the door, and without verification of the proof from any other party, the mechanism locally verifies the proof and causes the door to open if the proof is verified and the current time is within the specified time interval. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29)
-
-
30. A method of granting access to a door, comprising:
-
providing previously-verified data that includes a digital signature; locally verifying a proof provided to a mechanism of the door at a current time, the mechanism being local to the door, and without verification of the proof from any other party, wherein the proof is unverified and separate from the previously-verified data, wherein the unverified proof does not include an associated digital signature, wherein the proof indicates access rights to the door for a specified time interval, and wherein the specified time interval includes at least some time after a time that the previously-verified data was verified; and causing the door to open if the proof is verified and the current time is within the specified time interval. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
Specification