Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
1999-07-22
2008-12-02
Sheikh, Ayaz (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S158000, C713S168000, C713S173000, C713S175000, C713S176000, C713S180000, C713S182000, C726S010000
Reexamination Certificate
active
07461250
ABSTRACT:
In an embodiment of a system and method according to the present invention, a chain of one or more certificates certifying a principal's public key is exchanged for a single substitute certificate. The substitute certificate is used as a replacement for the certificate chain. The substitute certificate is useful for authentication of the principal. In one embodiment, an authentication server exchanges the certificates. The substitute certificate is signed by the authentication server and used for authentication and communication with principals that have knowledge of and trust the authentication server. In one embodiment the substitute certificate also includes the principal's access information.
REFERENCES:
patent: 4868877 (1989-09-01), Fischer
patent: 5220603 (1993-06-01), Parker
patent: 5220604 (1993-06-01), Gasser et al.
patent: 5475753 (1995-12-01), Barbara et al.
patent: 5497422 (1996-03-01), Tysen et al.
patent: 5604804 (1997-02-01), Micali
patent: 5606617 (1997-02-01), Brands
patent: 5666416 (1997-09-01), Micali
patent: 5745574 (1998-04-01), Muftic
patent: 5768519 (1998-06-01), Swift et al.
patent: 5774552 (1998-06-01), Grimmer
patent: 5787172 (1998-07-01), Arnold
patent: 5867578 (1999-02-01), Brickell et al.
patent: 5903882 (1999-05-01), Asay et al.
patent: 5960083 (1999-09-01), Micali
patent: 5982898 (1999-11-01), Hsu et al.
patent: 6058383 (2000-05-01), Narasimhalu et al.
patent: 6097811 (2000-08-01), Micali
patent: 6233577 (2001-05-01), Ramasubramani et al.
patent: 6233685 (2001-05-01), Smith et al.
patent: 6321333 (2001-11-01), Murray
patent: 6367009 (2002-04-01), Davis et al.
patent: 6513116 (2003-01-01), Valente
patent: 6532540 (2003-03-01), Kocher
patent: 6564319 (2003-05-01), Peters et al.
patent: 6766450 (2004-07-01), Micali
patent: 6823454 (2004-11-01), Hind et al.
patent: 6826690 (2004-11-01), Hind et al.
patent: 6981147 (2005-12-01), Hamann et al.
patent: 2382501 (2003-05-01), None
patent: WO 98/49805 (1998-11-01), None
patent: WO 99/35783 (1999-07-01), None
patent: WO 2008013525 (2008-01-01), None
Anonymous, X. 509 Certificates and Certificates Revocation Lists (CRLs), May 20, 1998, pp. 1-5.
Levi et al, Use of Nested Certificates for Efficient, Dynamic, and Trust Preserving Public Key Infrastructure, 2004, ACM, pp. 21-59.
Huang et al, An Approach to Certificate Path Discovery in Mobile Ad Hoc Networks, 2003, ACM, pp. 41-53.
Dhakal et al, Optimal Dispersal of Certificate Chains, 2007, IEEE, pp. 474-484.
Li et al, Recovery mechanism of online certification chain in grid computing, 2006, IEEE, pp. 1-5.
Adams, C. et al. “Internet X-509 Public Key Infrastructure Data Certification Server Protocols <draft-ietf-pkix-dcs-00.txt>,” http://www.ietf.org/internet-drafts/drafts-ietf-pkix-dcs-00.txt, Sep. 23, 1998, printed May 19, 1999, 13 pgs.
Farrell, S. et al. “An Internet Attribute Certificate Profile for Authorization <draft-ietf-pkix-ac509prof-00.txt>,” http://www.ietf.org/internet-drafts/draft-ietf-pkix-ac509prof-00.txt, Apr. 1999, printed May 21, 1999. 28 pgs.
Housley, R. et al. “Internet X.509 Public Key Infrastructure Certificate and CRL Profile,” ftp://ftp.isi.edu/in-notes/rfc2459.txt, Jan. 1999, printed Jun. 15, 1999, 113 pgs.
Linn, J. “Practical Authentication for Distributed Computing,” 1990 IEEE Symposium on Research in Security and Privacy, May 7, 1990, pp. 31-40.
Santesson, S. Internet X.509 Public Key Infrastructure Qualified Certificates <draft-ietf-pkix-qc-00.txt>, http://www.ietf.org/internet-drafts/draft-ietf-pkix-qc-00.txt, Feb. 3, 1999, printed Jun. 15, 1999. 19 pgs.
PRBAC Applications. Enterprise Security Applications of Partition Rule Based Access Control (PRBAC), http://www.anassoc.com/prbac%20home/PRBACapp.html, printed May 19, 1999, 14 pgs.
FPDAM on Certificate Extensions. Final Proposed Draft Amendment on Certificate Extensions (V6), Collaborative ITU and ISO/IEC meeting on the Directory, Orlando, Florida, USA, Apr. 1999, 62 pgs.
Chokhani, Santosh, “Toward a National Public Key Infrastructure,”IEEE Communications Magazine, US, IEEE Serice Center, Piscataway, NJ, vol. 32, No. 9, Sep. 1, 1994, pp. 70-74.
Patent Cooperation Treaty, International Search Report, International Application No. PCT/US00/19654, mailed on Dec. 7, 2000, 7 pages.
Duane William M.
Röstin Peter
BainwoodHuang
Moorthy Aravind K
RSA Security Inc.
Sheikh Ayaz
LandOfFree
System and method for certificate exchange does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for certificate exchange, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for certificate exchange will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4039892