Object signing within a cloud-based architecture
First Claim
Patent Images
1. A system for cloud-based object signing, the system comprising:
- an object signing agent that receives an object to be signed;
a remote signing system that communicates with the object signing agent and validates an identity associated with the object provided by the object signing agent using one or more policies to verify the integrity and sign-ability of the object, the remote signing system configured to, in response to determining that the object is not in compliance for signing, one or more of present an alert to a user requesting the object to be signed, and lock the user out of the remote signing system; and
an isolated virtual machine dynamically created by the remote signing system in response to receiving a request for object signing, the isolated virtual machine signing the object using a digital certificate within a new encrypted store space generated using an encryption store key, the isolated virtual machine being one or more of deleted and archived in response to signing the object,wherein at least a portion of the object signing agent, the remote signing system, and the isolated virtual machine comprises one or more of logic hardware and executable code, the executable code stored on one or more non-transitory computer readable storage media.
17 Assignments
0 Petitions
Accused Products
Abstract
A system and method for digitally signing an object. An object signing agent sends a signing request for an object to remote signing server, which, in response to receiving the request, generates a virtual machine executing code for signing the object. The object is signed within the virtual machine and returned to the object signing agent.
7 Citations
19 Claims
-
1. A system for cloud-based object signing, the system comprising:
-
an object signing agent that receives an object to be signed; a remote signing system that communicates with the object signing agent and validates an identity associated with the object provided by the object signing agent using one or more policies to verify the integrity and sign-ability of the object, the remote signing system configured to, in response to determining that the object is not in compliance for signing, one or more of present an alert to a user requesting the object to be signed, and lock the user out of the remote signing system; and an isolated virtual machine dynamically created by the remote signing system in response to receiving a request for object signing, the isolated virtual machine signing the object using a digital certificate within a new encrypted store space generated using an encryption store key, the isolated virtual machine being one or more of deleted and archived in response to signing the object, wherein at least a portion of the object signing agent, the remote signing system, and the isolated virtual machine comprises one or more of logic hardware and executable code, the executable code stored on one or more non-transitory computer readable storage media. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for cloud-based object signing, the method comprising:
-
receiving a request for object signing from an object signing agent; receiving, from the object signing agent at a remote signing system, an object that is designated to be signed; validating, at the remote signing system, an identity associated with the object using one or more policies to verify the integrity and sign-ability of the object; in response to determining that the object is not in compliance for signing, one or more of; presenting an alert to a user requesting the object to be signed; and locking the user out of the remote signing system; in response to determining that the object is in compliance for signing; creating, dynamically, by the remote signing system, an isolated virtual space in response to receiving the request to sign the object, the isolated virtual space comprising an object signing manager that signs the object using a digital certificate within a new encrypted store space generated using an encryption store key, the isolated virtual space being one or more of deleted and archived in response to signing the object; and sending the signed object to the object signing agent. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification