Certificate management system and method for a communication security system

US 6,108,788 A
Filed: 12/08/1997
Issued: 08/22/2000
Est. Priority Date: 12/08/1997
Status: Expired due to Term

First Claim

Patent Images

1. A security certificate management system for an information security system that employs a certificate requestor that requests a security certificate issued by a certificate issuing unit comprising:

means for providing selection of variable certificate content specification data for selection of content of a security certificate in response to a variable certificate issue request from the certificate requester; and

means, operatively coupled to the means for providing, for issuing a variable content based certificate in response to selected variable certificate content specification data.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A certificate management system and method allows a requester, such as a subscriber using a software application, to customize certificates by selecting variable certificate content specification data. A certificate issuing unit, such as a certification authority issues a variable content based certificate in response to the requester based variable certificate content specification data, after the variable certificate content specification data has been compared with issuance criteria data to ensure that the requested certificate customization parameters do not conflict with security system constraints, such as security limits. The issuance criteria data is configurable by a security officer or other user through the certificate issuing unit. If desired, each differing software application (i.e., requester) may have its own customized certificates allowing greater flexibility for the security system and for the requesters.

200 Citations

38 Claims

1. A security certificate management system for an information security system that employs a certificate requestor that requests a security certificate issued by a certificate issuing unit comprising:
- means for providing selection of variable certificate content specification data for selection of content of a security certificate in response to a variable certificate issue request from the certificate requester; and
  
  means, operatively coupled to the means for providing, for issuing a variable content based certificate in response to selected variable certificate content specification data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The certificate management system of claim 1 wherein the means for providing selection of variable certificate content specification data includes means for providing variable certificate validation of a certificate.
  - 3. The certificate management system of claim 1 wherein the means for providing selection of variable certificate content specification data provides selection of certificate content for a plurality of application modules utilizing different certificate content specification data.
  - 4. The certificate management system of claim 1 wherein the means for providing selection of variable certificate content specification data includes means for providing at least one variable certificate template to allow customization of security certificates issued by the means for issuing.
  - 5. The certificate management system of claim 4 wherein the means for providing selection of variable certificate content specification data includes means, operatively coupled to the means for providing the variable certificate template, for requesting the variable content based certificate from the means for issuing.
  - 6. The certificate management system of claim 4 wherein the means for providing selection of variable certificate content specification data is responsive to user selected certificate parameter data to customize certificates issued from the means for issuing.
  - 7. The certificate management system of claim 4 wherein the means for providing selection of variable certificate content specification data transmits template data from the at least one variable certificate template to the means for issuing to facilitate customization of security certificates issued by the means for issuing.
  - 8. The certificate management system of claim 1 wherein the means for issuing a variable content based certificate includes configurable means for analyzing the variable certificate content specification data to determine whether the variable content based certificate is in conformance with configurable issuance criteria data.
  - 9. The certificate management system of claim 8 wherein the means for issuing a variable content based certificate further includes means for providing at least one variable certificate template based on the variable certificate content specification data and the configurable issuance criteria data.
  - 10. The certificate management system of claim 9 wherein the means for providing at least one variable certificate template includes means for storing the configurable issuance criteria data.

11. A security certificate management system for an information security system that employs a requestor that requests a security certificate issued by a certificate issuing unit comprising:
- means for providing selection of requestor based variable certificate content specification data for selection of content of a security certificate in response to a variable certificate issue request from the certificate requester, including means for providing at least one variable certificate template based on selected variable certificate content specification data; and
  
  means, operatively coupled to the means for providing, for issuing a variable content based security certificate in response to the selected variable certificate content specification data, wherein the means for issuing includes configurable means, operatively coupled to the means for providing, for analyzing the variable certificate content specification data to determine whether the variable content based security certificate is in conformance with configurable issuance criteria data.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The certificate management system of claim 11 wherein the means for providing selection of variable certificate content specification data includes means, operatively coupled to the means for providing the variable certificate template, for requesting the variable content based certificate from the means for issuing.
  - 13. The certificate management system of claim 12 wherein the means for providing selection of variable certificate content specification data is responsive to user selected certificate parameter data to customize certificates issued from the means for issuing.
  - 14. The certificate management system of claim 11 wherein the means for providing selection of variable certificate content specification data includes means for providing variable certificate validation of a certificate.
  - 15. The certificate management system of claim 11 wherein the means for issuing a variable content based certificate further includes means for providing at least one variable certificate template based on the variable certificate content specification data and the configurable issuance criteria data.
  - 16. The certificate management system of claim 11 wherein the means for providing selection of variable certificate content specification data facilitates selection of certificate content for a plurality of application modules utilizing different certificate content specification data.
  - 17. The certificate management system of claim 11 wherein the means for facilitating variable certificate content specification data transmits template data from the at least one variable certificate template to the means for issuing to facilitate customization of security certificates issued by the means for issuing.

18. A security certificate management method for an information security system that employs a requestor that requests a security certificate issued by a certificate issuing unit comprising the steps of:
- providing selection of variable certificate content specification data for selection of content of a security certificate in response to a variable certificate issue request from the certificate requester; and
  
  issuing a variable content based certificate in response to the requestor based variable certificate content specification data.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 19. The certificate management method of claim 18 wherein facilitating variable certificate content specification data includes providing variable certificate validation of a certificate.
  - 20. The certificate management method of claim 18 wherein providing selection of variable certificate content specification data includes facilitating selection of certificate content for a plurality of application modules utilizing different certificate content specification data.
  - 21. The certificate management method of claim 18 wherein facilitating variable certificate content specification data includes providing at least one variable certificate template to facilitate customization of issued security certificates.
  - 22. The certificate management method of claim 21 wherein facilitating variable certificate content specification data includes requesting the variable content based certificate from a certificate issuing unit.
  - 23. The certificate management method of claim 21 wherein facilitating variable certificate content specification data includes customizing certificates issued from a certificate issuing unit based on user selected certificate parameter data.
  - 24. The certificate management method of claim 21 where providing selection of variable certificate content specification data includes transmitting template data from the at least one variable certificate template to a certificate issuing unit to facilitate customization of security certificates issued by the certificate issuing unit.
  - 25. The certificate management method of claim 18 wherein issuing a variable content based certificate includes analyzing the variable certificate content specification data to determine whether the variable content based certificate is in conformance with configurable issuance criteria data.
  - 26. The certificate management method of claim 25 wherein issuing a variable content based certificate further includes providing at least one variable certificate template based on the variable certificate content specification data and the configurable issuance criteria data.
  - 27. The certificate management method of claim 26 wherein the step of providing at least one variable certificate template includes storing the configurable issuance criteria data for access by a certificate issuing unit.

28. A security certificate management method for an information security system that employs a certificate requester that requests a security certificate issued by a certificate issuing unit comprising the steps of:
- providing selection of variable certificate content specification data for selection of content of a security certificate in response to a variable certificate issue request from the certificate requester including providing at least one variable certificate template based on selected variable certificate content specification data, to facilitate customization of issued security certificates by the certificate issuing unit; and
  
  issuing a variable content based security certificate in response to the selected variable certificate content specification data, wherein the step of issuing includes analyzing the selected variable certificate content specification data to determine whether the variable content based security certificate is in conformance with configurable issuance criteria data.
- View Dependent Claims (29, 30, 31, 32, 33, 34)
- - 29. The certificate management method of claim 28 wherein providing selection of variable certificate content specification data includes requesting the variable content based certificate from a certificate issuing unit.
  - 30. The certificate management method of claim 29 wherein providing selection of variable certificate content specification data includes customizing certificates issued from a certificate issuing unit based on user selected certificate parameter data.
  - 31. The certificate management method of claim 28 wherein providing selection of variable certificate content specification data includes providing variable certificate validation of a certificate.
  - 32. The certificate management method of claim 28 wherein issuing a variable content based certificate further includes providing at least one variable certificate template based on the variable certificate content specification data and the configurable issuance criteria data.
  - 33. The certificate management method of claim 28 wherein providing selection of variable certificate content specification data includes facilitating selection of certificate content for a plurality of application modules utilizing different certificate content specification data.
  - 34. The certificate management method of claim 28 wherein providing selection of variable certificate content specification data includes transmitting template data from the at least one variable certificate template to a certificate issuing unit to facilitate customization of security certificates issued by the certificate issuing unit.

35. A storage medium for storing programming instructions, when read by a processing unit, causes the processing unit to perform variable content based certificate processing, the storage medium comprising:
- first means for storing programming instructions that when read by the processing unit, causes the processing unit to provide variable certificate content specification data for selection of content of a security certificate in response to a variable certificate issue request from a certificate requestor; and
  
  second means for storing programming instructions that when read by the processing unit, causes the processing unit to issue a variable content based certificate in response to selected variable certificate content specification data.
- View Dependent Claims (36, 37, 38)
- - 36. The storage medium of claim 35 wherein the second means for storing programming instructions stores programming instructions that, when read by a processing unit, causes the processing unit to facilitates analyzing the variable certificate content specification data to determine whether the variable content based certificate is in conformance with configurable issuance criteria data.
  - 37. The storage medium of claim 35 wherein the first means for storing programming instructions stores programming instructions that, when read by a processing unit, causes the processing unit to facilitates providing at least one variable certificate template to facilitate customization of security certificates issued by a certificate issuing unit.
  - 38. The storage medium of claim 37 wherein the first means for storing programming instructions stores programming instructions that, when read by a processing unit, causes the processing unit to facilitate requesting the variable content based certificate from the certificate issuing unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Entrust Incorporated (Entrust Corp.), Entrust Technologies Limited
Original Assignee
Entrust Technologies Limited
Inventors
Moses, Timothy, Vandergeest, Ronald
Primary Examiner(s)
Heckler, Thomas M.

Application Number

US08/986,653
Time in Patent Office

988 Days
Field of Search

713/200, 713/201, 380/21, 380/23, 380/25, 380/28, 380/30, 380/49
US Class Current

713/155
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3268   using certificate validatio...

Certificate management system and method for a communication security system

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

200 Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Certificate management system and method for a communication security system

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

200 Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links