Method for generating a certificate
First Claim
1. A method for generating a transaction-bound certificate in a system comprising a first computer system associated with an ID provider, a second computer system associated with a service provider and a third computer system associated with a user, wherein the first, second and third computer systems are at distinct physical locations and are coupled to one another via a network, the method comprising:
- sending, by the third computer system to the second computer system, a transaction request for the user to carry out a transaction;
sending, by the second computer system to the third computer system, responsive to receiving the transaction request;
data to be signed and a signature request for signing the data to be signed,wherein signing of the data to be signed is necessary to carry out the requested transaction andwherein the signature request comprises at least one data value that is only produced specifically for the requested transaction by the second computer system once the transaction request has been received by the second computer system andwherein a first data value of the at least one data value comprises a document number of an electronic document, an order number of the electronic document, an identifier of an operator of the second computer system that sends the signature request, an identifier of the second computer system that sends the signature request, or a data value derived therefrom, a data value associated with or derived from the data to be signed, or a data value derived from content of the electronic document;
checking by the third computer system, responsive to receiving the signature request whether a transaction-bound certificate is available that is suitable for the requested transaction and, if this is not the case, executing the following;
generating, by executing a program of instructions in a processor of an ID token, an asymmetric key pair consisting of a private key and a public key, wherein the ID token is associated with the user and wherein generation of the asymmetric key pair occurs exclusively external to the third computer system;
storing the generated asymmetric key pair on the ID token, wherein at least the private key is stored in a protected memory area of the ID token;
transmitting a certificate request from the ID token to the first computer system, the certificate request comprising the generated public key and at the least one data value of the signature request;
generating, by the first computer system, a transaction-bound certificate dependent upon the public key and the at least one data value; and
sending, by the first computer system to the third computer system, the transaction-bound certificate responsive to generating, by the first computer system, the transaction-bound certificate;
wherein the validity of the transaction-bound certificate is restricted to the requested transaction and is dependent upon the least one data value and wherein the generation of the transaction-bound certificate occurs exclusively external to the third computer system,wherein checking, by the third computer system, whether an available transaction-bound certificate is suitable for the requested transaction comprises;
checking, at least from the first data value of the at least one data value, whether the available transaction-bound certificate is bound to the requested transaction; and
checking whether an asymmetric key pair affiliated with the available transaction-bound certificate is stored in the ID token.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention relates to a method for generating a certificate for signing electronic documents by means of an ID token (106), having the following steps: —sending (201) a transaction request for a user to carry out a transaction, —as a result of the sending of the transaction request, a check is carried out as to whether the certificate (519) is available and if this is not the case, carrying out the following steps: generating (206) an asymmetrical key pair consisting of a private key and a public key using an ID token, said ID token (106) being assigned to the user; storing (207) the generated asymmetrical key pair on the ID token, wherein at least the private key is stored in a protected memory region of the ID token; transmitting (208; 509) the generated public key (518) to a first computer system, and generating (209) the certificate (519) by means of the first computer system for the public key.
-
Citations
17 Claims
-
1. A method for generating a transaction-bound certificate in a system comprising a first computer system associated with an ID provider, a second computer system associated with a service provider and a third computer system associated with a user, wherein the first, second and third computer systems are at distinct physical locations and are coupled to one another via a network, the method comprising:
-
sending, by the third computer system to the second computer system, a transaction request for the user to carry out a transaction; sending, by the second computer system to the third computer system, responsive to receiving the transaction request; data to be signed and a signature request for signing the data to be signed, wherein signing of the data to be signed is necessary to carry out the requested transaction and wherein the signature request comprises at least one data value that is only produced specifically for the requested transaction by the second computer system once the transaction request has been received by the second computer system and wherein a first data value of the at least one data value comprises a document number of an electronic document, an order number of the electronic document, an identifier of an operator of the second computer system that sends the signature request, an identifier of the second computer system that sends the signature request, or a data value derived therefrom, a data value associated with or derived from the data to be signed, or a data value derived from content of the electronic document; checking by the third computer system, responsive to receiving the signature request whether a transaction-bound certificate is available that is suitable for the requested transaction and, if this is not the case, executing the following; generating, by executing a program of instructions in a processor of an ID token, an asymmetric key pair consisting of a private key and a public key, wherein the ID token is associated with the user and wherein generation of the asymmetric key pair occurs exclusively external to the third computer system; storing the generated asymmetric key pair on the ID token, wherein at least the private key is stored in a protected memory area of the ID token; transmitting a certificate request from the ID token to the first computer system, the certificate request comprising the generated public key and at the least one data value of the signature request; generating, by the first computer system, a transaction-bound certificate dependent upon the public key and the at least one data value; and sending, by the first computer system to the third computer system, the transaction-bound certificate responsive to generating, by the first computer system, the transaction-bound certificate; wherein the validity of the transaction-bound certificate is restricted to the requested transaction and is dependent upon the least one data value and wherein the generation of the transaction-bound certificate occurs exclusively external to the third computer system, wherein checking, by the third computer system, whether an available transaction-bound certificate is suitable for the requested transaction comprises; checking, at least from the first data value of the at least one data value, whether the available transaction-bound certificate is bound to the requested transaction; and checking whether an asymmetric key pair affiliated with the available transaction-bound certificate is stored in the ID token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
a first computer system associated with an ID provider, the first computer system comprising; a network interface to a network; and a computer processor for executing program instructions, where the program instructions comprise; first program instructions that, when executed by the processor, authenticate the first computer system to an ID token via the network interface and the network; second program instructions that, when executed by the computer processor, form a protected connection with end-to-end encryption between the ID token and the first computer system via the network interface and the network and receives a public key and at least one data value from the ID token, wherein the public key and a private key form an asymmetric key pair, and wherein the asymmetric key pair is associated with a user and wherein a first data value of the at least one data value comprises a document number of an electronic document, an order number of the electronic document, an identifier of the operator of a third computer system that sends a signature request, an identifier of the third computer system that sends the signature request, or a data value derived therefrom, a data value associated with or derived from the data to be signed, or a data value derived from content of the electronic document; and third program instructions that, when executed by the computer processor, generate a transaction-bound certificate for the public key, wherein the certificate is suitable for a transaction requested by a second computer system associated with the user, wherein the validity of the transaction-bound certificate is determined by the received first data value and restricted to the requested transaction and wherein the transaction-bound certificate is associated with the user and wherein the generated transaction-bound certificate is sent by the first computer system to the second computer system, wherein the first and second computer systems are at distinct physical locations and are coupled to one another via a network. - View Dependent Claims (14, 15, 16)
-
-
17. A computer program product, particularly a computer-readable, non-volatile, non-transitory storage medium with executable program instructions that, when executed on a computer processor of a user computer system, perform a method for generating a transaction-bound certificate, the method comprising:
-
sending a transaction request for a user of the user computer system to carry out a transaction from the user computer to a service provider computer system; receiving, from the service provider computer system, data to be signed and a signature request for signing the data to be signed, wherein signing of the data to be signed is necessary to carry out the requested transaction and wherein the signature request comprises at least one data value that is only produced specifically for the requested transaction by the service provider computer system once the transaction request has been received by the service provider computer system and wherein a first data value of the at least one data value comprises a document number of an electronic document, an order number of the electronic document, an identifier of the operator of the service provider computer system that sends the signature request, an identifier of the service provider computer system that sends the signature request, or a data value derived therefrom, a data value associated with or derived from the data to be signed, or a data value derived from content of the electronic document; responsive to sending the transaction request, checking whether a transaction-bound certificate is available that is suitable for the requested transaction and, if this is not the case, executing the following; sending the at least one data value to an ID token to enable the ID token to generate an asymmetric key pair consisting of a private key and a public, wherein the ID token is associated with the user, wherein the generated asymmetric key pair is stored on the ID token, and wherein at least the private key is stored in a protected memory area of the ID token; transmitting the generated public key and the at least one data value to an ID provider computer system; and the user computer system receiving the transaction bound certificate from the ID provider computer system, where the transaction-bound certificate is dependent upon the public key and the at least one data value, signing the data to be signed, and sending the signed data to be signed and the transaction-bound certificate to the service provider computer system, wherein checking whether an available transaction-bound certificate is suitable for the requested transaction comprises; checking, at least from the first data value of the at least one data value, whether the available transaction-bound certificate is bound to the requested transaction; and checking whether an asymmetric key pair affiliated with the available transaction-bound certificate is stored in the ID token.
-
Specification