Tenant based signature validation
First Claim
Patent Images
1. A method for validating a custom signature, the method comprising:
- receiving, at a first server in a distributed network, a first request from a first client to validate a first signing certificate of a first user of a first message received by the first client wherein the first user sent the first message, and wherein the first signing certificate is from the first user of a first tenant;
identifying, by the first server, the first tenant that relates to the first signing certificate from a plurality of tenants in response to the first request;
accessing over the network, by the first server, a first tenant certificate collection from a first private tenant store on the distributed network after identifying the first tenant, wherein the first private tenant store is separate from the first tenant and the first server;
loading, on the first server, the first tenant certificate collection from the first private tenant store as a first tenant virtual store upon receiving access to the first private tenant store; and
performing validation of the first signing certificate using the first tenant virtual store by;
identifying the first user of the first tenant;
identifying certificate requirements for the identified first user listed within the first tenant certificate collection on the first tenant virtual store; and
determining if the first signing certificate meets the certificate requirements of the first user.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for validating a signature in a multi-tenant environment. A server or other computing device that is part of a distributed network may request a certificate collection from an identified tenant store. The requested certificate collection may be loaded in a virtual store that is accessible by the server or other computing device. The sever or other computing device may then access one or more certificates from the virtual store to validate a signature.
-
Citations
18 Claims
-
1. A method for validating a custom signature, the method comprising:
-
receiving, at a first server in a distributed network, a first request from a first client to validate a first signing certificate of a first user of a first message received by the first client wherein the first user sent the first message, and wherein the first signing certificate is from the first user of a first tenant; identifying, by the first server, the first tenant that relates to the first signing certificate from a plurality of tenants in response to the first request; accessing over the network, by the first server, a first tenant certificate collection from a first private tenant store on the distributed network after identifying the first tenant, wherein the first private tenant store is separate from the first tenant and the first server; loading, on the first server, the first tenant certificate collection from the first private tenant store as a first tenant virtual store upon receiving access to the first private tenant store; and performing validation of the first signing certificate using the first tenant virtual store by; identifying the first user of the first tenant; identifying certificate requirements for the identified first user listed within the first tenant certificate collection on the first tenant virtual store; and determining if the first signing certificate meets the certificate requirements of the first user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
a distributed network of servers for data exchange with a client executed at least in part by a computing device, the computing device comprising; at least one processor; a memory for containing computer-executable instructions, which when executed by the at least one processor, cause a server to perform a method comprising; receiving a first request from a first client to validate a first signing certificate of a first user of a first message received by the first client, wherein the first user sent the first message, and wherein the first signing certificate is from the first user of a first tenant; identifying the first tenant that relates to the first signing certificate from a plurality of tenants in response to the first request; requesting access to a first tenant certificate collection stored in a first private tenant store after identifying the first tenant, where the first private tenant store is separate from the first tenant and the first client and is accessed via a network; loading the first tenant certificate collection upon receiving access to the first private tenant store; and performing validation of the first signing certificate using the first tenant certificate collection by; identifying the first user of the first tenant; identifying certificate requirements for the identified first user listed within the first tenant certificate collection on a first tenant virtual store; and determining if the first signing certificate meets the certificate requirements of the first user. - View Dependent Claims (16, 17)
-
-
18. A computer-readable storage medium comprising computer-executable instructions stored thereon which, when executed by a computing system in a distributed network, cause the computing system to perform a method comprising:
-
receiving a first request from a first client to validate a first signing certificate from a first user of a first message received by the first client, wherein the first user sent the first message, and wherein the first signing certificate is from the first user of a first tenant; identifying the first tenant that relates to the first signing certificate from a plurality of tenants; requesting access to a first tenant certificate collection stored in a first private tenant store through a network after identifying the first tenant, wherein the first private tenant store is separate from the first client; reading the first tenant certificate collection on the first private tenant store upon gaining access to the first private tenant store; loading the first tenant certificate collection as a first tenant virtual store; and determining that the first signing certificate is valid using the first tenant virtual store by; identifying the first user of the first tenant; identifying certificate requirements for the identified first user listed within the first tenant certificate collection on the first tenant virtual store; and determining if the first signing certificate meets the certificate requirements of the first user; receiving a second request from a second client to validate a second signing certificate from a second user of a second message received by the second client wherein the second user sent the second message, and wherein the second signing certificate is from the second user of a second tenant; identifying the second tenant that relates to the second signing certificate from the plurality of tenants; requesting access through the network to a second tenant certificate collection on a second private tenant store after identifying the second tenant, wherein the second private tenant store is separate from the second client; reading the second tenant certificate collection on the second private tenant store upon receiving access to the second private tenant store; loading the second tenant certificate collection as a second tenant virtual store; and determining that the second signing certificate is valid using the second tenant virtual store by; identifying the second user of the second tenant; identifying certificate requirements for the identified second user listed within the second tenant certificate collection on the second tenant virtual store; and determining if the second signing certificate meets the certificate requirements of the second user.
-
Specification