Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
2000-01-14
2008-03-04
Zand, Kambiz (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S156000, C713S158000, C726S005000, C726S010000, C726S018000
Reexamination Certificate
active
07340600
ABSTRACT:
A public key authorization infrastructure includes a client program accessible by a user and an application program. A certificate authority issues a long-term certificate that binds a public key of the user to long-term identification information related to the user. A directory stores the issued long-term certificate and short-term authorization information related to the user. A credentials server issues a short-term certificate to the client. The short-term certificate binds the public key to the long-term identification information and to the short-term authorization information. The client presents the short-term certificate to the application program for authorization and demonstrates that the user has knowledge of a private key corresponding to the public key in the short-term certificate. The short-term certificate includes an expiration date, and is not subject to revocation.
REFERENCES:
patent: 4324645 (1982-04-01), Angevine et al.
patent: 4881264 (1989-11-01), Merkle
patent: 5210795 (1993-05-01), Lipner et al.
patent: 5224163 (1993-06-01), Gasser et al.
patent: 5276901 (1994-01-01), Howell et al.
patent: 5475826 (1995-12-01), Fischer
patent: 5793868 (1998-08-01), Micali
patent: 5796841 (1998-08-01), Cordery et al.
patent: 5825880 (1998-10-01), Sudia et al.
patent: 5850442 (1998-12-01), Muftic
patent: 5850444 (1998-12-01), Rune
patent: 5903882 (1999-05-01), Asay et al.
patent: 5982898 (1999-11-01), Hsu et al.
patent: 5996076 (1999-11-01), Rowney et al.
patent: 5999919 (1999-12-01), Jarecki et al.
patent: 6009177 (1999-12-01), Sudia
patent: 6023506 (2000-02-01), Ote et al.
patent: 6029150 (2000-02-01), Kravitz
patent: 6044462 (2000-03-01), Zubeldia et al.
patent: 6058484 (2000-05-01), Chapman et al.
patent: 6092201 (2000-07-01), Turnbull et al.
patent: 6202150 (2001-03-01), Young et al.
patent: 6202151 (2001-03-01), Musgrave et al.
patent: 6212636 (2001-04-01), Boyle et al.
patent: 6226743 (2001-05-01), Naor et al.
patent: 6230266 (2001-05-01), Perlman et al.
patent: 6233341 (2001-05-01), Riggins
patent: 6233577 (2001-05-01), Ramasubramani et al.
patent: 6253322 (2001-06-01), Susaki et al.
patent: 6263446 (2001-07-01), Kausik et al.
patent: 6282295 (2001-08-01), Young et al.
patent: 6324645 (2001-11-01), Andrews et al.
patent: 6327578 (2001-12-01), Linehan
patent: 6367013 (2002-04-01), Bisbee et al.
patent: 6389136 (2002-05-01), Young et al.
patent: 6393563 (2002-05-01), Maruyama et al.
patent: 6484259 (2002-11-01), Barlow
patent: 6607136 (2003-08-01), Atsmon et al.
patent: 6754829 (2004-06-01), Butt et al.
patent: 2001/0037358 (2001-11-01), Clubb et al.
patent: 2002/0143710 (2002-10-01), Liu
patent: WO 99/19845 (1999-04-01), None
patent: WO 99/35783 (1999-07-01), None
patent: WO 01/43344 (2001-06-01), None
Foster, Ian. A Security Architecture for Computational Grids. ACM. San Francisco CA, 1998.
Wheeler, Lynn. Three Digital Signature Models . . . for ×9.59. Nov. 28, 1997.
Stephen Cobb. Network World. Framingham: Jul. 7, 1997. vol. 14, Iss. 27; p. 53, 3 pgs.
Encryption Plus Folders. Encryption Plus Folders Enterprise. 2002.
Moeller, Michael. Digital IDs: offering expanded view of users: Verisign's next Digital certificates extend electronic ID's to include personal Data. PC Week. Zipp-Davis Publishing Co. Feb. 3, 1997.
Schneier, Bruce, “Applied Cryptography,” Second Edition, XP-002250458, pp. 31-35, 52-54, 185-187, 574-577, 587 (1996).
Vanstone, Menezes, “Handbook of Applied Cryptography,” XP-002250459, pp. 553, 576-577, 660-661 (1997). (pp. 576-577 previously cited).
Euopean Search Report for Application No. 00 12 7693 mailed on Aug. 21, 2003 (3 pages).
Adams, C. et al., “Internet X.509 Public Key Infrastructure Certificate Management Protocols,” Network Working Group, Request for Comments: 2510, pp. 1-72 (1999).
Menezes, Alfred J., “Handbook of Applied Cryptography,” Chapter 13, pp. 548 (1997).
Schneier, Bruce, “Applied Cryptography,” pp. 185 (1996).
M. Boe et al., “TLS-Based Telnet Security,” Internet Engineering Task Force, Internet Draft, pp. 1-20, (Updated Version Oct. 24, 2000, Previous Version Sep. 1998). < http://www.normos.org/letf/draft/draft-ietf-tn3270e-telnet-tls-05.txt>.
D. Borman, “Telnet Authentication Option,” Network Working Group, Request for Comments: 1416, pp. 1-7, (Feb. 1993). < http://www.csl.sony.co.jp/rfc/>.
M. Carpenter et al., “Securing FTP with TLS,” Internet Engineering Task Force, Internet Draft, pp. 1-23, (Jan. 28, 1998). < http://war.jgaa.com/ftp/draft/draft-murray-auth-ftp-ssl-03.txt>.
C. Ellison et al., “SPKI Certification Theory,” Network Working Group, Request for Comments: 2693, pp. 1-43, (Updated Version Sep. 1999, Previous Version Nov. 17, 1998). < http://www.csl.sony.co.jp/rfc/>.
S. Farrell, “TLS Extensions for AttributeCertificate Based Authorization,” Transport Layer Security Working Group, Internet Engineering Task Force, Internet Draft, pp. 1-11, (Aug. 20, 1998). <http://www.alternic.org/draft/draft-ietf-tls-attr-cert-O1.txt>.
M. Horowitz et al., “FTP Security Extensions,” Networking Working Group, Request for Comments: 2228, pp. 1-27, (Oct. 1997). < http://www.csl.sony.co.jp/rfc/>.
R. Housley et al., “FTP Authentication Using DSA,” CAT Working Group, Internet Engineering Task Force, Internet Draft, pp. 1-8, (Feb. 1998). < http://www.alternic.org/draft/draft/letf-cat-ftpdsaauth-O2.txt>.
R. Housley et al., “Telnet Authentication Using DSA,” Secure Telnet Working Group, Internet Engineering Task Force, Internet Draft, 7 pages, (Jul. 1998). < http://www.alternic.org/draft/draft/housley-telnet-auth-dsa-O2.txt.
J. Kohl et al., “The Kerberos Network Authentication Service (V5),” Network Working Group, Request for Comments: 1510, pp. 1-112, (Sep. 1993). < http://www.csl.sony.co.jp/rfc/>.
S. Micali, “Efficient Certificate Revocation,” Massachusetts Institute of Technology, Laboratory for Computer Science, pp. 1-10 (Mar. 22, 1996).
M. Myers et al., “X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP,” Netw ork Working Group, Request for Comments: 2560, pp. 1-22, (Jun. 1999). < http://w w w .csl.sony.co.jp/rfc/>.
M. Naor et al., “Certificate Revocation and Certificate Update,” USENIX Association, Seventh USENIX Security Symposium, pp. 217-228, (Jan. 26-29, 1998).
C. New man, “Telnet SASL Option,” Netw ork Working Group, Internet Engineering Task Force, Internet Draft, 6 pages, (Nov. 1998). < http://globecom.net/ietf/draft/draft-new man-telnet-sasl-O1.html>.
E. Rescorla, “HTTP Over TLS,” Internet Engineering Task Force, Internet Draft, pp. 1-6, (Sep. 1998). < http://w w w .alternic.org/draft/draft-ietf-tls-https-O2.txt>.
RSA Security Inc., “RSA Keon Advanced PKI: A Security Architecture for Enabling E-Business,” Solution White Paper, pp. 1-14, (1999). < http://w w w .rsasecurity.com/products/keon/whitepapers/advpkiw p/rsa—keon—advanced—pki—w p.pdf>.
RSA Security Inc., “Security Services Provided by the RSA Keon Desktop v5.1,” White Paper, pp. 1.8, (1999). < http://w w w .rsasecurity.com/products/keon/w hitepapers/desktop/keon—desktop—w p.pdf>.
B. Tung et al., “Public Key Cryptography for Initial Authentication in Kerberos,” Internet Engineering Task Force, Internet Draft, 21 pages (Expires May 15, 1999) < http://w w w .alternic.org/draft/draft-ietf-cat-kerberos-pk-init-O7.txt>.
Web Page of the “Simple Public Key Infrastructure (spki),” Working Group, 2 pages, (Last Modified Jan. 16, 2001), < http://w w w .ietf.org/html.charters/spki-charter.html>.
Web Page of the “Transport Layer Seucrity (tls),” Working Group, 2 pages, (Last Modified Mar. 30, 2001), < http://w w w .ietf
Brown Christopher J
Hewlett--Packard Development Company, L.P.
Zand Kambiz
LandOfFree
Authorization infrastructure based on public key cryptography does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Authorization infrastructure based on public key cryptography, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Authorization infrastructure based on public key cryptography will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3972741