Remote certificate management
First Claim
Patent Images
1. A computer-implemented method to facilitate security administration by a certificate manager computing system that is connected to a plurality of client computing systems that each store their own security certificates separately from the certificate manager, comprising:
- a certificate manager computing system identifying a plurality of user accounts that are associated with a remote client computer of a plurality of client computing systems, the remote client computer being remotely connected to the certificate manager computing system, the remote client computer storing a plurality of security certificates independent of the certificate manager computing system, the plurality of security certificates including at least one corresponding security certificate for each of the plurality of user accounts that are associated with the remote client computer;
the certificate manager computing system querying the remote client computer, including the certificate manager computing system contacting a client module at the remote client computer, the client module being configured to return to the certificate manager computing system information identifying the plurality of security certificates at the remote client computer for the plurality of user accounts at the remote computer;
based on querying the remote client computer, the certificate manager computing system receiving the information identifying the plurality of security certificates at the remote client computer;
based on receiving the information identifying the plurality of security certificates, the certificate manager computing system verifying the validity of each of the plurality of security certificates at the remote client computer, including verifying integrity of each security certificate in the plurality of security certificates;
the certificate manager computing system presenting a report of verifying the validity of each of the plurality of security certificates to a user;
the certificate manager computing system receiving user input specifying that the plurality of security certificates are to be updated at the remote client computer; and
the certificate manager computing system updating the plurality of security certificates at the remote client computer, including;
the certificate manager computing system establishing communications with the client module at the remote client computer; and
using the established communications with the client module at the remote client computer, the certificate manager computing system providing a corresponding authentication credential for each user account of the plurality of user accounts at the remote client computer, and causing the client module to perform one or both of installing or deleting at least one security certificate for each of the plurality of user accounts at the remote client computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for managing security certificates on a plurality of remote computers comprises a certificate manager that can determine in accordance with at least one preestablished criterion whether a security certificate on a remote computer is to be managed. The system also includes an installer module that can access an account of the remote computer to manage the security certificate. Methods of using the system are also provided.
7 Citations
16 Claims
-
1. A computer-implemented method to facilitate security administration by a certificate manager computing system that is connected to a plurality of client computing systems that each store their own security certificates separately from the certificate manager, comprising:
-
a certificate manager computing system identifying a plurality of user accounts that are associated with a remote client computer of a plurality of client computing systems, the remote client computer being remotely connected to the certificate manager computing system, the remote client computer storing a plurality of security certificates independent of the certificate manager computing system, the plurality of security certificates including at least one corresponding security certificate for each of the plurality of user accounts that are associated with the remote client computer; the certificate manager computing system querying the remote client computer, including the certificate manager computing system contacting a client module at the remote client computer, the client module being configured to return to the certificate manager computing system information identifying the plurality of security certificates at the remote client computer for the plurality of user accounts at the remote computer; based on querying the remote client computer, the certificate manager computing system receiving the information identifying the plurality of security certificates at the remote client computer; based on receiving the information identifying the plurality of security certificates, the certificate manager computing system verifying the validity of each of the plurality of security certificates at the remote client computer, including verifying integrity of each security certificate in the plurality of security certificates; the certificate manager computing system presenting a report of verifying the validity of each of the plurality of security certificates to a user; the certificate manager computing system receiving user input specifying that the plurality of security certificates are to be updated at the remote client computer; and the certificate manager computing system updating the plurality of security certificates at the remote client computer, including; the certificate manager computing system establishing communications with the client module at the remote client computer; and using the established communications with the client module at the remote client computer, the certificate manager computing system providing a corresponding authentication credential for each user account of the plurality of user accounts at the remote client computer, and causing the client module to perform one or both of installing or deleting at least one security certificate for each of the plurality of user accounts at the remote client computer. - View Dependent Claims (2, 3, 4, 5, 16)
-
-
6. A computer storage device having stored computer-executable instructions which, when executed by a computing system, implement a method to facilitate security administration, wherein the method comprises:
-
a certificate manager computing system identifying a plurality of user accounts that are associated with a remote client computer of a plurality of client computing systems, the remote client computer being remotely connected to the certificate manager computing system, the remote client computer storing a plurality of security certificates independent of the certificate manager computing system, the plurality of security certificates including at least one corresponding security certificate for each of the plurality of user accounts that are associated with the remote client computer; the certificate manager computing system querying the remote client computer, including the certificate manager computing system contacting a client module at the remote client computer, the client module being configured to return to the certificate manager computing system information identifying the plurality of security certificates at the remote client computer for the plurality of user accounts at the remote computer; based on querying the remote client computer, the certificate manager computing system receiving the information identifying the plurality of security certificates at the remote client computer; based on receiving the information identifying the plurality of security certificates, the certificate manager computing system verifying the validity of each of the plurality of security certificates at the remote client computer, including verifying integrity of each security certificate in the plurality of security certificates; the certificate manager computing system presenting a report of verifying the validity of each of the plurality of security certificates to a user; the certificate manager computing system receiving user input specifying that the plurality of security certificates are to be updated at the remote client computer; and the certificate manager computing system updating the plurality of security certificates at the remote client computer, including; the certificate manager computing system establishing communications with the client module at the remote client computer; and using the established communications with the client module at the remote client computer, the certificate manager computing system providing a corresponding authentication credential for each user account of the plurality of user accounts at the remote client computer, and causing the client module to perform one or both of installing or deleting at least one security certificate for each of the plurality of user accounts at the remote client computer. - View Dependent Claims (12, 13, 14, 15)
-
-
7. A certificate manager computer system, comprising:
-
one or more hardware processors; and one or more hardware storage devices having stored thereon computer-executable instructions which, when executed by the one or more hardware processors, cause the certificate manager computer system to perform at least the following; identifying a plurality of user accounts that are associated with a remote client computer of a plurality of client computing systems, the remote client computer being remotely connected to the certificate manager computing system, the remote client computer storing a plurality of security certificates independent of the certificate manager computing system, the plurality of security certificates including at least one corresponding security certificate for each of the plurality of user accounts that are associated with the remote client computer; the certificate manager computing system querying the remote client computer, including the certificate manager computing system contacting a client module at the remote client computer, the client module being configured to return to the certificate manager computing system information identifying the plurality of security certificates at the remote client computer for the plurality of user accounts at the remote computer; based on querying the remote client computer, the certificate manager computing system receiving the information identifying the plurality of security certificates at the remote client computer; based on receiving the information identifying the plurality of security certificates, the certificate manager computing system verifying the validity of each of the plurality of security certificates at the remote client computer, including verifying integrity of each security certificate in the plurality of security certificates; the certificate manager computing system presenting a report of verifying the validity of each of the plurality of security certificates to a user; the certificate manager computing system receiving user input specifying that the plurality of security certificates are to be updated at the remote client computer; and updating the plurality of security certificates at the remote client computer, including; the certificate manager computing system establishing communications with the client module at the remote client computer; and using the established communications with the client module at the remote client computer, the certificate manager computing system providing a corresponding authentication credential for each user account of the plurality of user accounts at the remote client computer, and causing the client module to perform one or both of installing or deleting at least one security certificate for each of the plurality of user accounts at the remote client computer. - View Dependent Claims (8, 9, 10, 11)
-
Specification