CA2492986A1 - System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components - Google Patents

System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components Download PDF

Info

Publication number
CA2492986A1
CA2492986A1 CA002492986A CA2492986A CA2492986A1 CA 2492986 A1 CA2492986 A1 CA 2492986A1 CA 002492986 A CA002492986 A CA 002492986A CA 2492986 A CA2492986 A CA 2492986A CA 2492986 A1 CA2492986 A1 CA 2492986A1
Authority
CA
Canada
Prior art keywords
status
certificate
tcu
css
cache memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002492986A
Other languages
French (fr)
Other versions
CA2492986C (en
Inventor
Stephen F. Bisbee
Jack J. Moskowitz
Keith F. Becker
Walter J. Hilton
Joshua D. Szebenyi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
eOriginal Inc
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CA2492986A1 publication Critical patent/CA2492986A1/en
Application granted granted Critical
Publication of CA2492986C publication Critical patent/CA2492986C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/389Keeping log of transactions for guaranteeing non-repudiation of a transaction
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Abstract

Certificate Status Service that is configurable, directed, and able to retrieve status from any approved Certification Authority (CA) is disclosed.
The CSS may be used by a Trusted Custodial Utility (TCU) and comparable systems or applications whose roles are validating the right of an individual to perform a requisite action, the authenticity of submitted electronic information objects, and the status of authentication certificates used in digital signature verification and user authentication processes. The validity check on authentication certificates is performed by querying an issuing CA.
Traditionally, to create a trusted Public Key Infrastructure (PKI) needed to validate certificates, complex relationships are formed by cross-certification among CAs or by use of PKI bridges. The PKI and CA
interoperability problem is addressed from a different point of view, with a focus on establishing a trust environment suitable for the creation, execution, maintenance, transfer, retrieval and destruction of electronic original information objects that may also be transferable records (ownership may change hands). A TCU is concerned only with a known set of "approved CAs"
although they may support a multitude of business environments, and within that set of CAs, only with those certificates that are associated with TCU
user accounts. Building PKI/CA trusted relationships is not required as the CSS achieves a trusted environment by querying only approved CAs and maintaining caches of valid certificates' status.

Claims (33)

1. A method of providing a Certificate Status Service ("CSS") for checking validities of authentication certificates issued by respective issuing Certification Authorities ("CAs"), comprising the steps of:
identifying information needed for retrieving a status of an authentication certificate from an issuing CA that issued the authentication certificate;
configuring a connector based on the identified information for communicating with the issuing CA;
communicating with the issuing CA according to the configured connector when the status of the authentication certificate is queried; and retrieving the status of the authentication certificate;
wherein the issuing CA and the connector are designated on a list of approved CAs in a configuration store.
2. The method of claim 1, wherein a local date and time are checked for whether they fall within a validity period indicated in the authentication certificate.
3. The method of claim 1, wherein the issuing CA is included in the list of approved CAs by vetting and approving the issuing CA according to predetermined business rules, and if the issuing CA is vetted and not approved, the issuing CA is designated on a list of not-approved CAs in the configuration store.
4. The method of claim 3, wherein vetting and approving the issuing CA
includes registering a representation of a trusted authentication certificate with the CSS and adding at least the representation, status and a time-to-live data element to a local cache memory, and a connector is configured for retrieving the added status when the status of the trusted authentication certificate is queried.
5. The method of claim 2, further comprising the steps of checking a local cache memory for the status, and if the status is found in the local cache memory and the local date and time are within the validity period, retrieving the status from the local cache memory, wherein if the status is not found in the local cache memory or if the local date and time are not within the validity period, the CSS establishes a communication session with a certificate status reporting component of the issuing CA, composes a certificate status request according to the configured connector, retrieves the status from the certificate status reporting component, closes the communication session with certificate status reporting component, and adds at least the authentication certificate's identification, status, and time-to-live to the local cache memory.
6. The method of claim 1, wherein the certificate status is indicated by a Certificate Revocation List (CRL), according to a publication schedule of the issuing CA, the CSS retrieves the CRL from a certificate status reporting component listed in the configuration store, the CSS clears a cache memory associated with the issuing CA, and the CSS determines the status of the authentication certificate from the CRL and stores the status in the cache memory associated with the issuing CA.
7. The method of claim 1, wherein the certificate status is indicated by a Delta Certificate Revocation List (" CRL"); upon notification by the issuing CA that a CRL is available, the CSS retrieves the CRL from a certificate status reporting component listed in the configuration store; if the CRL is a complete CRL, then the CSS
clears a cache memory associated with the issuing CA, determines the status from the CRL, and stores the status in the cache memory; and if the CRL contains only changes occurring after publication of a full CRL, the CSS determines the status from the CRL, and stores the status in the cache memory.
8. The method of claim 1, wherein the communicating step includes communicating according to a sequence of connectors.
9. The method of claim 1, wherein a connector embeds more than one certificate status check in a single communicating step.
10. The method of claim 1, wherein the authentication certificate is not used for identification.
11. A method of retrieving a status of an authentication certificate issued by an issuing Certification Authority ("CA") in response to a query from a Trusted Custodial Utility ("TCU") to a Certificate Status Service ("CSS") to validate the authentication certificate's status, comprising the steps of:
locating and reporting the status if the status is present and current in a cache memory of the CSS;
otherwise performing the steps of:
obtaining a status type and retrieval method from a CSS configuration store;
if the status type is Certificate Revocation List ("CRL") and the status is not found in the cache memory, then reporting the status as valid;

if the status type is not CRL, then composing a certificate status request according to the status type;
establishing a communication session with the issuing CA;
retrieving the status from a status reporting component of the issuing CA
using the obtained retrieval method and ending the communication session;
interpreting the retrieved status;
associating, with the interpreted retrieved status, a time-to-live value representing a period specified by a CSS policy for the status type;
adding at least the authentication certificate's identification, status, and time-to-live values to the cache memory; and reporting the status to the TCU in response to the query.
12. The method of claim 11, wherein the CSS uses a certificate status protocol in the communication session.
13. The method of claim 11, wherein more than one status is retrieved using the obtained retrieval method.
14. The method of claim 11, wherein the authentication certificate is not used for identification.
15. A Certificate Status Service ("CSS") for providing accurate and timely status indications of authentication certificates issued by issuing Certification Authorities T
("CAs"), comprising:
providing a status of an authentication certificate as indicated by a Certificate Revocation List ("CRL") when the certificate's issuing CA uses CRLs for indicating status;
otherwise, providing the status indicated by a cache memory when the cache memory includes a status and a time-to-live data element is not exceeded;
if the time-to-live data element is exceeded, clearing the status from the cache memory;
requesting and retrieving the status using a real-time certificate status reporting protocol when the status is not in the cache memory;
adding at least the certificate's identification, status, and time-to-live data element to the cache memory; and providing the retrieved status.
16. The CSS of claim 15, wherein a status use-counter data element is added to the cache memory; the status use-counter data element is incremented or decremented every time the certificate's status is checked; and if the status use-counter data element passes a threshold, then the status is provided and the cache memory is cleared with respect to the status.
17. The CSS of claim 16, wherein a status last-accessed data element is added to the cache memory, and the status last-accessed data element in conjunction with the status use-counter data element enable determination of an activity level of the certificate's status.
18. The CSS of claim 17, wherein when a request is made to the CSS to retrieve a status of a new certificate and the cache memory has reached an allocated buffer size limit, the CSS searches the cache memory for a lasted-accessed data element indicating an oldest date and clears the respective cache memory entry; and the CSS then retrieves the requested status, places it in the cache memory, and provides the requested status.
19. A method of executing a transaction between a first party and a second party by transferring control of an authenticated information object having a verifiable evidence trail, comprising the steps of:
retrieving an authenticated information object from a trusted repository, wherein the authenticated information object includes a first digital signature block comprising a digital signature of a submitting party and a first authentication certificate relating at least an identity and a cryptographic key to the submitting party, a date and time indicator, and a second digital signature block comprising a second digital signature of the trusted repository and a second authentication certificate relating at least an identity and a cryptographic key to the trusted repository; the first digital signature block was validated by the trusted repository; and the authenticated information object is stored as an electronic original information object under the control of the trusted repository;
executing the retrieved authenticated information object by the second party by including in the retrieved authenticated information object a third digital signature block comprising at least a third digital signature and a third authentication certificate of the second party; and forwarding the executed retrieved authenticated information object to a trusted custodial utility ("TCU"), wherein the TCU verifies digital signatures and validates authentication certificates associated with the digital signatures included in information objects by at least retrieving status of the authentication certificates from a Certificate Status Service ("CSS") provided according to claim 1; the TCU rejects a digital signature block if the respective digital signature is not verified or the status of the respective authentication certificate is expired or is revoked; and if at least one signature block in the information object is not rejected, the TCU appends the TCU's digital signature block and a date and time indicator to the information object and takes control of the object on behalf of the first party.
20. The method of claim 19, wherein a signature block includes at least one hash of at least a portion of the information object in which the signature block is included, the at least one hash is encrypted by the cryptographic key of the block's respective signer, thereby forming the signer's digital signature, and the signer's digital signature is included in the signature block with the signer's authentication certificate.
21. The method of claim 20, wherein the executing step includes displaying a local date and time to the second party, affirming, by the second party, that the displayed local date and time are correct, and correcting the local date and time if either is incorrect.
22. The method of claim 19, wherein if the TCU rejects a digital signature block, the TCU requests a remedy that requires the digital signature to be recomputed and the signature block to be reforwarded.
23. The method of claim 19, wherein the TCU checks the local date and time for accuracy and that they are within a validity period indicated by the second party's authentication certificate.
24. The method of claim 23, wherein if the local date and time are not within the validity period indicated by the second party's authentication certificate, the TCU
notifies the second party that the authentication certificate is rejected and the first party that the transaction is incomplete.
25. The method of claim 19, wherein one or more digitized handwritten signatures are included in the information object, and placement of the digitized handwritten signatures in a data structure is specified by at least one signature tag.
26. The method of claim 19, wherein placement of one or more signature blocks in a data structure is specified by at least one signature tag.
27. The method of claim 26, wherein one or more signature blocks are separately forwarded to the TCU with respective signature tags, and the TCU
validates the signature blocks by:
rejecting a signature block if either the respective digital signature is not verified or the respective authentication certificate is not validated, and placing the signature block according to the respective signature tag if the signature block is not rejected, wherein, to signature blocks sent separately, the TCU adds a date and time indication to each signature block and appends according to business rules the TCU's signature block in a wrapper that encompasses the information object and placed signature blocks.
28. The method of claim 27, wherein the TCU verifies a digital signature and validates an authentication certificate in a signature block by:
determining from the business rules whether a party associated with the authentication certificate has authority, verifying the party's digital signature, checking that the authentication certificate's validity period overlaps the TCU's current date and time, checking that the local date and time falls within an allowable deviation from the TCU's current date and time, and retrieving status of the authentication certificate from the CSS, and if any of the preceding steps results in an invalid or false output, the digital signature is deemed invalid, the transaction is not executed, otherwise the digital signature is deemed valid and the transaction is executed.
29. The method of claim 19, wherein the CSS provides authentication certificate status to the TCU by at least the steps of checking a local cache memory for the status, and if the status is found in the local cache memory and the local date and time are within the validity period, and retrieving the status from the local cache memory; if the status is not found in the local cache memory or if the local date and time are not within the validity period, the CSS establishes a communication session with a certificate status reporting component of the issuing CA, composes a certificate status request according to the configured connector, retrieves the status from the certificate status reporting component, closes the communication session with certificate status reporting component, and adds at least the authentication certificate's identification, status, and a time-to-live data element to the local cache memory.
30. The method of claim 19, wherein the first party is a first TCU and the transaction is for transferring custody of one or more electronic originals to the first TCU
from a second TCU, an owner of the transaction provides the second TCU with a manifest that identifies electronic originals to be transferred to the first TCU, the second TCU establishes communication with the first TCU and identifies the purpose of its actions, the manifest is communicated to the first TCU so that it is able to determine when the transfer of custody has been completed, the second TCU transfers each identified electronic original to the first TCU, the first TCU retrieves status of the second TCU's certificate and verifies the second TCU's digital signature on each transferred electronic original, if any of the second TCU's digital signatures or certificates are invalid, then the first TCU notifies the second TCU and seeks a remedy, if the second TCU does not provide a remedy, the first TCU notifies the transaction owner that the requested transfer of custody has failed, otherwise the second TCU creates a new wrapper for each successfully transferred information object, adding a date-time stamp and the first TCU's signature block.
31. The method of claim 30, wherein the transaction is a transfer of ownership in response to an instruction, transfer of ownership documentation is placed in either the first TCU or the second TCU, the TCU having the transfer of ownership documentation validates authenticity of the transfer of ownership documentation by verifying all digital signatures, certificate validity periods, and using the CSS to check certificate status of all authentication certificates included in the transfer of ownership documentation, appends a date and time indication, and digitally signs, wraps and stores the transfer of ownership documentation, which are added to the manifest.
32. The method of claim 19, wherein certificate status is indicated to the CSS
by a Certificate Revocation List ("CRL"), according to a publication schedule of the issuing CA, the CSS retrieves the CRL from a certificate status reporting component listed in the configuration store, the CSS clears a cache memory associated with the issuing CA, and the CSS determines the status of the authentication certificate from the CRL
and stores the status in the cache memory associated with the issuing CA.
33. The method of claim 19, wherein certificate status is indicated to the CSS
by a Delta Certificate Revocation List (" CRL"); upon notification by the issuing CA that a CRL is available, the CSS retrieves the CRL from a certificate status reporting component listed in the configuration store; if the CRL is a complete CRL, then the CSS
clears a cache memory associated with the issuing CA, determines the status from the CRL, and stores the status in the cache memory; and if the CRL contains only changes occurring after publication of a full CRL, the CSS determines the status from the CRL, and stores the status in the cache memory.
CA2492986A 2002-07-18 2003-07-17 System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components Expired - Lifetime CA2492986C (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US39717802P 2002-07-18 2002-07-18
US60/397,178 2002-07-18
US10/620,817 US7743248B2 (en) 1995-01-17 2003-07-16 System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components
US10/620,817 2003-07-16
PCT/US2003/022191 WO2004010271A2 (en) 2002-07-18 2003-07-17 System and method for the transmission, storage and retrieval of authenticated documents

Publications (2)

Publication Number Publication Date
CA2492986A1 true CA2492986A1 (en) 2004-01-29
CA2492986C CA2492986C (en) 2011-03-15

Family

ID=30772994

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2492986A Expired - Lifetime CA2492986C (en) 2002-07-18 2003-07-17 System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components

Country Status (13)

Country Link
US (1) US7743248B2 (en)
EP (1) EP1540881B1 (en)
KR (1) KR101105121B1 (en)
CN (1) CN1682490B (en)
AU (1) AU2003259136B2 (en)
BR (2) BRPI0312774B1 (en)
CA (1) CA2492986C (en)
EA (1) EA007089B1 (en)
HK (1) HK1083252A1 (en)
IL (1) IL166311A0 (en)
MX (1) MXPA05000696A (en)
NZ (1) NZ537994A (en)
WO (1) WO2004010271A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9130918B2 (en) 2009-09-21 2015-09-08 Thomson Licensing System and method for automatically verifying storage of redundant contents into communication equipments, by data comparison

Families Citing this family (133)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI105965B (en) * 1998-07-07 2000-10-31 Nokia Networks Oy Authentication in telecommunications networks
GB0014414D0 (en) * 2000-06-12 2000-08-09 Business Information Publicati Electronic deposit box system
US7395430B2 (en) * 2001-08-28 2008-07-01 International Business Machines Corporation Secure authentication using digital certificates
IL159341A0 (en) * 2001-06-12 2004-06-01 Research In Motion Ltd System and method for compressing secure e-mail for exchange with a mobile data communication device
IL159342A0 (en) * 2001-06-12 2004-06-01 Research In Motion Ltd Certificate management and transfer system and method
WO2002102009A2 (en) * 2001-06-12 2002-12-19 Research In Motion Limited Method for processing encoded messages for exchange with a mobile data communication device
WO2003007570A1 (en) * 2001-07-10 2003-01-23 Research In Motion Limited System and method for secure message key caching in a mobile communication device
CN100380895C (en) * 2001-08-06 2008-04-09 捷讯研究有限公司 System and method for processing encoded messages
US7818657B1 (en) * 2002-04-01 2010-10-19 Fannie Mae Electronic document for mortgage transactions
US7562053B2 (en) 2002-04-02 2009-07-14 Soluble Technologies, Llc System and method for facilitating transactions between two or more parties
US9811805B2 (en) * 2002-09-18 2017-11-07 eSys Technologies, Inc. Automated work-flow management system with dynamic interface
US8019989B2 (en) * 2003-06-06 2011-09-13 Hewlett-Packard Development Company, L.P. Public-key infrastructure in network management
US20050120207A1 (en) * 2003-12-02 2005-06-02 John Hines Method and system for enabling PKI in a bandwidth restricted environment
JP4607567B2 (en) * 2004-01-09 2011-01-05 株式会社リコー Certificate transfer method, certificate transfer apparatus, certificate transfer system, program, and recording medium
DE602005018038D1 (en) * 2004-04-30 2010-01-14 Research In Motion Ltd SYSTEM AND METHOD FOR TESTING DIGITAL CERTIFICATES
CA2535371C (en) * 2004-05-05 2011-11-01 Research In Motion Limited System and method for sending secure messages
US7546454B2 (en) * 2004-06-30 2009-06-09 At&T Intellectual Property I, L.P. Automated digital certificate discovery and management
US20060036849A1 (en) * 2004-08-09 2006-02-16 Research In Motion Limited System and method for certificate searching and retrieval
US9094429B2 (en) * 2004-08-10 2015-07-28 Blackberry Limited Server verification of secure electronic messages
US7631183B2 (en) 2004-09-01 2009-12-08 Research In Motion Limited System and method for retrieving related certificates
US7549043B2 (en) 2004-09-01 2009-06-16 Research In Motion Limited Providing certificate matching in a system and method for searching and retrieving certificates
US7640428B2 (en) * 2004-09-02 2009-12-29 Research In Motion Limited System and method for searching and retrieving certificates
US7509120B2 (en) * 2004-09-07 2009-03-24 Research In Motion Limited System and method for updating message trust status
US8694788B1 (en) * 2005-04-29 2014-04-08 Progressive Casualty Insurance Company Security system
FI20050491A0 (en) * 2005-05-09 2005-05-09 Nokia Corp System for delivery of certificates in a communication system
US7849101B2 (en) * 2005-05-12 2010-12-07 Microsoft Corporation Method and system for enabling an electronic signature approval process
JP4636607B2 (en) * 2005-06-29 2011-02-23 株式会社日立ソリューションズ How to protect sensitive files in security application
JP4410166B2 (en) * 2005-07-14 2010-02-03 株式会社リコー Image forming apparatus, electronic signature generation method, electronic signature generation program, and recording medium
EP1803249B1 (en) * 2005-10-14 2010-04-07 Research In Motion Limited System and method for protecting master encryption keys
US8316230B2 (en) * 2005-11-14 2012-11-20 Microsoft Corporation Service for determining whether digital certificate has been revoked
JP4960685B2 (en) * 2005-11-22 2012-06-27 株式会社リコー Service processing system and service processing control method
EP1955236A4 (en) * 2005-11-29 2010-06-09 Athena Smartcard Solutions Kk Device, system and method of performing an adminstrative operation on a security token
WO2007072468A1 (en) * 2005-12-22 2007-06-28 Digiprove Limited Establishing proof of existence and possession of digital content
JP4315161B2 (en) * 2006-02-16 2009-08-19 村田機械株式会社 Image reader with time authentication request function
JP4501885B2 (en) * 2006-03-30 2010-07-14 村田機械株式会社 Server device with revocation list acquisition function.
US20070239504A1 (en) * 2006-04-11 2007-10-11 Austin Paul R Forms for business case management
US8935416B2 (en) 2006-04-21 2015-01-13 Fortinet, Inc. Method, apparatus, signals and medium for enforcing compliance with a policy on a client computer
US9710615B1 (en) * 2006-06-09 2017-07-18 United Services Automobile Association (Usaa) Systems and methods for secure online repositories
US8718236B1 (en) 2006-06-09 2014-05-06 United Services Automobile Association (Usaa) Systems and methods for secure on-line repositories
US7814161B2 (en) 2006-06-23 2010-10-12 Research In Motion Limited System and method for handling electronic mail mismatches
US11019007B1 (en) 2006-07-13 2021-05-25 United Services Automobile Association (Usaa) Systems and methods for providing electronic official documents
US8788829B2 (en) 2006-08-17 2014-07-22 Aol Inc. System and method for interapplication communications
US20080120416A1 (en) * 2006-11-07 2008-05-22 Tiversa, Inc. System and method for peer to peer compensation
AT504214B1 (en) * 2007-01-03 2008-04-15 Bernhard Hans Peter Dipl Ing D METHOD FOR THE DYNAMIC, DATA DEPENDENT DETERMINATION AND USE OF AUTHORIZATIONS IN HIERARCHICAL AND RELATIONAL ENVIRONMENTS
US20090077655A1 (en) * 2007-09-19 2009-03-19 Novell, Inc. Processing html extensions to enable support of information cards by a relying party
JP4829822B2 (en) * 2007-03-19 2011-12-07 株式会社リコー Remote device management system
US8650038B2 (en) * 2007-07-17 2014-02-11 William Howard Peirson, JR. Systems and processes for obtaining and managing electronic signatures for real estate transaction documents
US8490206B1 (en) * 2007-09-28 2013-07-16 Time Warner, Inc. Apparatuses, methods and systems for reputation/content tracking and management
US20090198618A1 (en) * 2008-01-15 2009-08-06 Yuen Wah Eva Chan Device and method for loading managing and using smartcard authentication token and digital certificates in e-commerce
US7676501B2 (en) 2008-03-22 2010-03-09 Wilson Kelce S Document integrity verification
US9461827B2 (en) * 2008-04-11 2016-10-04 Toyota Motor Engineering & Manufacturing North America, Inc. Method for distributing a list of certificate revocations in a vanet
US7904450B2 (en) 2008-04-25 2011-03-08 Wilson Kelce S Public electronic document dating list
US8990221B2 (en) * 2008-05-30 2015-03-24 Google Technology Holdings LLC Device and method for updating a certificate
US8776238B2 (en) * 2008-07-16 2014-07-08 International Business Machines Corporation Verifying certificate use
KR101007521B1 (en) * 2008-07-23 2011-01-18 (주)에스알파트너즈 Document authentication system using electronic signature of licensee and document authentication method thereof
US8281379B2 (en) * 2008-11-13 2012-10-02 Vasco Data Security, Inc. Method and system for providing a federated authentication service with gradual expiration of credentials
WO2010144898A1 (en) * 2009-06-12 2010-12-16 General Instrument Corporation Certificate status information protocol (csip) proxy and responder
JP2011055307A (en) * 2009-09-02 2011-03-17 Konica Minolta Business Technologies Inc Image processing apparatus, method for creating electronic certificate in the image processing apparatus, and program for creating the electronic certificate
US8356172B2 (en) 2009-10-08 2013-01-15 At&T Intellectual Property I, L.P. Apparatus and method for monitoring certificate acquisition
US8458776B2 (en) * 2009-10-21 2013-06-04 Microsoft Corporation Low-latency peer session establishment
US20110161663A1 (en) * 2009-12-29 2011-06-30 General Instrument Corporation Intelligent caching for ocsp service optimization
US9118485B2 (en) * 2010-02-26 2015-08-25 Red Hat, Inc. Using an OCSP responder as a CRL distribution point
US8875285B2 (en) 2010-03-24 2014-10-28 Microsoft Corporation Executable code validation in a web browser
CN101860548B (en) * 2010-06-17 2012-11-21 北京握奇数据系统有限公司 Method, device and system for verifying data signature
CN101931537B (en) * 2010-09-15 2012-08-29 北京数字认证股份有限公司 Digital certificate generation method for limiting signature contents
CN101931631B (en) * 2010-09-15 2013-08-14 北京数字认证股份有限公司 Method for digital signatures capable of establishing reliable correspondence with handwritten signatures
US8850191B2 (en) * 2011-04-28 2014-09-30 Netapp, Inc. Scalable groups of authenticated entities
WO2012161720A1 (en) * 2011-05-20 2012-11-29 Primerevenue, Inc. Supply chain finance system
US8832447B2 (en) * 2011-08-10 2014-09-09 Sony Corporation System and method for using digital signatures to assign permissions
US9509505B2 (en) 2011-09-28 2016-11-29 Netapp, Inc. Group management of authenticated entities
WO2013066016A1 (en) * 2011-11-04 2013-05-10 주식회사 케이티 Method for forming a trust relationship, and embedded uicc therefor
KR101986312B1 (en) 2011-11-04 2019-06-05 주식회사 케이티 Method for Creating Trust Relationship and Embedded UICC
US8955084B2 (en) * 2011-11-10 2015-02-10 Blackberry Limited Timestamp-based token revocation
JP5786670B2 (en) * 2011-11-17 2015-09-30 ソニー株式会社 Information processing apparatus, information storage apparatus, information processing system, information processing method, and program
US9330188B1 (en) 2011-12-22 2016-05-03 Amazon Technologies, Inc. Shared browsing sessions
US10026120B2 (en) * 2012-01-06 2018-07-17 Primerevenue, Inc. Supply chain finance system
CN102609841B (en) * 2012-01-13 2015-02-25 东北大学 Remote mobile payment system based on digital certificate and payment method
US9374244B1 (en) * 2012-02-27 2016-06-21 Amazon Technologies, Inc. Remote browsing session management
US9230130B2 (en) * 2012-03-22 2016-01-05 Docusign, Inc. System and method for rules-based control of custody of electronic signature transactions
CN103368902A (en) * 2012-03-27 2013-10-23 湖南亲安网络科技有限公司 Data interaction method
US8909929B2 (en) * 2012-05-31 2014-12-09 Atmel Corporation Stored public key validity registers for cryptographic devices and systems
US9756036B2 (en) 2012-06-15 2017-09-05 Nokia Technologies Oy Mechanisms for certificate revocation status verification on constrained devices
WO2014000148A1 (en) * 2012-06-25 2014-01-03 华为技术有限公司 Resource obtaining method and device
US9292283B2 (en) 2012-07-11 2016-03-22 Intel Corporation Method for fast large-integer arithmetic on IA processors
US8914641B2 (en) * 2012-07-11 2014-12-16 Intel Corporation Method for signing and verifying data using multiple hash algorithms and digests in PKCS
US9685057B2 (en) * 2013-03-15 2017-06-20 Assa Abloy Ab Chain of custody with release process
EP3910876A1 (en) 2013-03-15 2021-11-17 Assa Abloy Ab Method, system, and device for generating, storing, using, and validating nfc tags and data
EP3017580B1 (en) 2013-07-01 2020-06-24 Assa Abloy AB Signatures for near field communications
CN104331643A (en) * 2013-07-22 2015-02-04 腾讯科技(深圳)有限公司 Electronic book management method and device
US9887982B2 (en) * 2013-10-09 2018-02-06 Digicert, Inc. Accelerating OCSP responses via content delivery network collaboration
JP6410189B2 (en) * 2013-12-16 2018-10-24 パナソニックIpマネジメント株式会社 Authentication system and authentication method
US20150207786A1 (en) * 2014-01-17 2015-07-23 Satyan G. Pitroda System and method for electronic vault to manage digital contents
US9722794B2 (en) * 2014-02-10 2017-08-01 Ims Health Incorporated System and method for remote access, remote digital signature
US9838381B2 (en) * 2014-02-26 2017-12-05 Mitsubishi Electric Corporation Certificate management apparatus and certificate management method
JP6459642B2 (en) 2014-05-19 2019-01-30 セイコーエプソン株式会社 Printer control method and printer
WO2016009245A1 (en) 2014-07-15 2016-01-21 Assa Abloy Ab Cloud card application platform
CN105516059B (en) * 2014-09-25 2018-11-06 阿里巴巴集团控股有限公司 A kind of resource access control method and device
GB2531247B (en) * 2014-10-07 2021-10-06 Arm Ip Ltd Method, hardware and digital certificate for authentication of connected devices
US20160162991A1 (en) * 2014-12-04 2016-06-09 Hartford Fire Insurance Company System for accessing and certifying data in a client server environment
US10453058B2 (en) 2014-12-17 2019-10-22 Heartland Payment Systems, Inc. E-signature
US10181955B2 (en) 2015-05-29 2019-01-15 Eoriginal, Inc. Method for conversation of an original paper document into an authenticated original electronic information object
CN104980438B (en) * 2015-06-15 2018-07-24 中国科学院信息工程研究所 The method and system of digital certificate revocation status checkout in a kind of virtualized environment
US10970274B2 (en) 2015-09-17 2021-04-06 Eoriginal, Inc. System and method for electronic data capture and management for audit, monitoring, reporting and compliance
CA2999303C (en) * 2015-09-23 2023-02-28 Viasat, Inc. Acceleration of online certificate status checking with an internet hinting service
US10574459B2 (en) 2015-09-30 2020-02-25 Microsoft Technology Licensing, Llc Code signing service
US11301823B2 (en) 2015-10-02 2022-04-12 Eoriginal, Inc. System and method for electronic deposit and authentication of original electronic information objects
US20170124261A1 (en) * 2015-10-28 2017-05-04 Docsnap, Inc. Systems and methods for patient health networks
CN106899408B (en) * 2015-12-18 2019-12-06 北京网御星云信息技术有限公司 method and device for updating CRL
CN105653412A (en) * 2015-12-31 2016-06-08 深圳市金立通信设备有限公司 Fingerprint device compatibility detection method and terminal
US10019588B2 (en) 2016-01-15 2018-07-10 FinLocker LLC Systems and/or methods for enabling cooperatively-completed rules-based data analytics of potentially sensitive data
US9672487B1 (en) 2016-01-15 2017-06-06 FinLocker LLC Systems and/or methods for providing enhanced control over and visibility into workflows where potentially sensitive data is processed by different operators, regardless of current workflow task owner
US9904957B2 (en) * 2016-01-15 2018-02-27 FinLocker LLC Systems and/or methods for maintaining control over, and access to, sensitive data inclusive digital vaults and hierarchically-arranged information elements thereof
GB2547025A (en) * 2016-02-05 2017-08-09 Thales Holdings Uk Plc A method of data transfer, a method of controlling use of data and a cryptographic device
CN107203302B (en) * 2016-03-17 2021-01-01 创新先进技术有限公司 Page display method and device
HUP1600467A2 (en) * 2016-07-26 2018-03-28 Intersoft Hungary Kft Method and system for authentically determining the identity of an electronic document and copy or futureversion
US10540652B2 (en) * 2016-11-18 2020-01-21 Intel Corporation Technology for secure partitioning and updating of a distributed digital ledger
CN108206821A (en) * 2016-12-20 2018-06-26 航天信息股份有限公司 A kind of identity authentication method and system
ES2764128T3 (en) * 2016-12-21 2020-06-02 Merck Patent Gmbh Reading device to read a composite mark that includes a non-clonal physical function to fight counterfeiting
CN109891823B (en) * 2017-02-13 2022-02-11 惠普发展公司,有限责任合伙企业 Method, system, and non-transitory computer readable medium for credential encryption
CN108073772B (en) * 2017-12-25 2021-06-22 沈阳鼓风机集团股份有限公司 Centrifugal compressor design method
CN110858804B (en) * 2018-08-25 2022-04-05 华为云计算技术有限公司 Method for determining certificate status
CA3041159C (en) 2018-11-07 2021-12-07 Alibaba Group Holding Limited Managing communications among consensus nodes and client nodes
US11218329B2 (en) * 2019-02-20 2022-01-04 Arris Enterprises Llc Certificate generation with fallback certificates
US11444776B2 (en) * 2019-05-01 2022-09-13 Kelce S. Wilson Blockchain with daisy chained records, document corral, quarantine, message timestamping, and self-addressing
US11362843B1 (en) * 2019-11-19 2022-06-14 Amazon Technologies, Inc. Certificate rotation on host
US11843706B1 (en) 2019-11-19 2023-12-12 Amazon Technologies, Inc. Gradual certificate rotation
US11483162B1 (en) 2019-12-18 2022-10-25 Wells Fargo Bank, N.A. Security settlement using group signatures
EP3851923B1 (en) * 2020-01-14 2023-07-12 Siemens Aktiengesellschaft Control system for technical installations with certificate management
US11240726B2 (en) * 2020-07-01 2022-02-01 Bank Of America Corporation Communication continuity device
US11863678B2 (en) 2020-08-26 2024-01-02 Tenet 3, LLC Rendering blockchain operations resistant to advanced persistent threats (APTs)
US11507686B2 (en) * 2020-09-01 2022-11-22 Crosstech Solutions Group LLC System and method for encrypting electronic documents containing confidential information
EP4002756B1 (en) * 2020-11-24 2022-11-02 Axis AB Systems and methods of managing a certificate associated with a component located at a remote location
KR20220085604A (en) * 2020-12-15 2022-06-22 효성티앤에스 주식회사 Apparatus for receipting and disbursementing of certificate, system for automating of financial work

Family Cites Families (124)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US34954A (en) * 1862-04-15 Cord-windek
US141360A (en) * 1873-07-29 Improvement in bottling liquids
US892521A (en) * 1907-10-05 1908-07-07 James N Hoag Compound for stopping leaks in steam apparatus.
US4200770A (en) 1977-09-06 1980-04-29 Stanford University Cryptographic apparatus and method
US4405829A (en) 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US4264782A (en) * 1979-06-29 1981-04-28 International Business Machines Corporation Method and apparatus for transaction and identity verification
US4625076A (en) 1984-03-19 1986-11-25 Nippon Telegraph & Telephone Public Corporation Signed document transmission system
US4977594A (en) 1986-10-14 1990-12-11 Electronic Publishing Resources, Inc. Database usage metering and protection system and method
US4827508A (en) 1986-10-14 1989-05-02 Personal Library Software, Inc. Database usage metering and protection system and method
US5050213A (en) 1986-10-14 1991-09-17 Electronic Publishing Resources, Inc. Database usage metering and protection system and method
US4893338A (en) 1987-12-31 1990-01-09 Pitney Bowes Inc. System for conveying information for the reliable authentification of a plurality of documents
US4853961A (en) 1987-12-18 1989-08-01 Pitney Bowes Inc. Reliable document authentication system
US5005200A (en) 1988-02-12 1991-04-02 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5003405A (en) 1988-11-25 1991-03-26 Wulforst Howard E Method and apparatus for transmitting verified copy of a document over distances and to substitute for original document
EP0383985A1 (en) 1989-02-24 1990-08-29 Claus Peter Prof. Dr. Schnorr Method for subscriber identification and for generation and verification of electronic signatures in a data exchange system
US4981370A (en) 1990-01-29 1991-01-01 Dziewit Halina S Document authentication apparatus
US5031214A (en) 1990-01-29 1991-07-09 Dziewit Halina S Document authentication apparatus
US5163091A (en) 1990-01-29 1992-11-10 Graziano James M Knowledge based system for document authentication (apparatus)
DE4008971A1 (en) 1990-03-20 1991-09-26 Siemens Nixdorf Inf Syst METHOD FOR AUTHENTICATING A USER USING A DATA STATION
US5214703A (en) 1990-05-18 1993-05-25 Ascom Tech Ag Device for the conversion of a digital block and use of same
US5136646A (en) 1991-03-08 1992-08-04 Bell Communications Research, Inc. Digital document time-stamping with catenate certificate
US5136647A (en) 1990-08-02 1992-08-04 Bell Communications Research, Inc. Method for secure time-stamping of digital documents
US5191613A (en) 1990-11-16 1993-03-02 Graziano James M Knowledge based system for document authentication
US5231668A (en) 1991-07-26 1993-07-27 The United States Of America, As Represented By The Secretary Of Commerce Digital signature algorithm
US5164988A (en) 1991-10-31 1992-11-17 International Business Machines Corporation Method to establish and enforce a network cryptographic security policy in a public key cryptosystem
CA2093094C (en) 1992-04-06 2000-07-11 Addison M. Fischer Method and apparatus for creating, supporting, and using travelling programs
US5276737B1 (en) 1992-04-20 1995-09-12 Silvio Micali Fair cryptosystems and methods of use
US5315658B1 (en) 1992-04-20 1995-09-12 Silvio Micali Fair cryptosystems and methods of use
US5241594A (en) 1992-06-02 1993-08-31 Hughes Aircraft Company One-time logon means and methods for distributed computing systems
DE69332633T2 (en) 1992-07-20 2003-11-06 Compaq Computer Corp Procedure and system for discovering aliases based on certification
US5311596A (en) 1992-08-31 1994-05-10 At&T Bell Laboratories Continuous authentication using an in-band or out-of-band side channel
US5267314A (en) 1992-11-17 1993-11-30 Leon Stambler Secure transaction system and method utilized therein
US5339361A (en) 1992-12-04 1994-08-16 Texas Instruments Incorporated System and method for authenticating transmission and receipt of electronic information
US5373561A (en) 1992-12-21 1994-12-13 Bell Communications Research, Inc. Method of extending the validity of a cryptographic certificate
JPH06223041A (en) 1993-01-22 1994-08-12 Fujitsu Ltd Rarge-area environment user certification system
FR2700905B1 (en) 1993-01-28 1995-03-10 France Telecom Device and method for securing fax transmission, and secure facsimile machine comprising such a device.
US5363448A (en) 1993-06-30 1994-11-08 United Technologies Automotive, Inc. Pseudorandom number generation and cryptographic authentication
US5377270A (en) 1993-06-30 1994-12-27 United Technologies Automotive, Inc. Cryptographic authentication of transmitted messages using pseudorandom numbers
GB2281645A (en) 1993-09-03 1995-03-08 Ibm Control of access to a networked system
US5590199A (en) 1993-10-12 1996-12-31 The Mitre Corporation Electronic information network user authentication and authorization system
US5371794A (en) 1993-11-02 1994-12-06 Sun Microsystems, Inc. Method and apparatus for privacy and authentication in wireless networks
US6038035A (en) 1994-02-08 2000-03-14 Wulforst; Howard E. Method and apparatus for substitute original documents
US5999711A (en) 1994-07-18 1999-12-07 Microsoft Corporation Method and system for providing certificates holding authentication and authorization information for users/machines
US5544255A (en) * 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures
BR9509131A (en) 1994-10-28 1997-09-02 Surety Technologies Inc Registration process of first digital document for authentication process for authentication of digital document process for naming of first digital document digital representation of document certificate authentication and clock-stamp process for first digital document for authentication
US5655077A (en) 1994-12-13 1997-08-05 Microsoft Corporation Method and system for authenticating access to heterogeneous computing services
US5689638A (en) 1994-12-13 1997-11-18 Microsoft Corporation Method for providing access to independent network resources by establishing connection using an application programming interface function call without prompting the user for authentication data
US6237096B1 (en) 1995-01-17 2001-05-22 Eoriginal Inc. System and method for electronic transmission storage and retrieval of authenticated documents
US5748738A (en) 1995-01-17 1998-05-05 Document Authentication Systems, Inc. System and method for electronic transmission, storage and retrieval of authenticated documents
US5615268A (en) 1995-01-17 1997-03-25 Document Authentication Systems, Inc. System and method for electronic transmission storage and retrieval of authenticated documents
US7162635B2 (en) 1995-01-17 2007-01-09 Eoriginal, Inc. System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents
US6367013B1 (en) 1995-01-17 2002-04-02 Eoriginal Inc. System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents
US5892900A (en) 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US5943422A (en) 1996-08-12 1999-08-24 Intertrust Technologies Corp. Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels
EP1643340B1 (en) 1995-02-13 2013-08-14 Intertrust Technologies Corp. Secure transaction management
NL1000530C2 (en) 1995-06-08 1996-12-10 Defil N V Holland Intertrust A Filtering method.
EP0751453B1 (en) 1995-06-30 2000-09-06 International Business Machines Corporation Method and apparatus for a system wide logon in a distributed computing environment
US6487658B1 (en) * 1995-10-02 2002-11-26 Corestreet Security, Ltd. Efficient certificate revocation
US6766450B2 (en) * 1995-10-24 2004-07-20 Corestreet, Ltd. Certificate revocation system
US7337315B2 (en) * 1995-10-02 2008-02-26 Corestreet, Ltd. Efficient certificate revocation
US6292893B1 (en) * 1995-10-24 2001-09-18 Silvio Micali Certificate revocation system
US5666416A (en) * 1995-10-24 1997-09-09 Micali; Silvio Certificate revocation system
US5699431A (en) 1995-11-13 1997-12-16 Northern Telecom Limited Method for efficient management of certificate revocation lists and update information
US5692047A (en) 1995-12-08 1997-11-25 Sun Microsystems, Inc. System and method for executing verifiable programs with facility for using non-verifiable programs from trusted sources
US5937068A (en) 1996-03-22 1999-08-10 Activcard System and method for user authentication employing dynamic encryption variables
US5903651A (en) * 1996-05-14 1999-05-11 Valicert, Inc. Apparatus and method for demonstrating and confirming the status of a digital certificates and other data
US6901509B1 (en) * 1996-05-14 2005-05-31 Tumbleweed Communications Corp. Apparatus and method for demonstrating and confirming the status of a digital certificates and other data
US5684950A (en) 1996-09-23 1997-11-04 Lockheed Martin Corporation Method and system for authenticating users to multiple computer servers via a single sign-on
US6023509A (en) 1996-09-30 2000-02-08 Intel Corporation Digital signature purpose encoding
US5848872A (en) 1996-11-15 1998-12-15 Storage Technology Corporation Apparatus for handling cartridges in a storage library system
US7177839B1 (en) * 1996-12-13 2007-02-13 Certco, Inc. Reliance manager for electronic transaction system
US5903882A (en) 1996-12-13 1999-05-11 Certco, Llc Reliance server for electronic transaction system
US5872848A (en) 1997-02-18 1999-02-16 Arcanvs Method and apparatus for witnessed authentication of electronic documents
US5920861A (en) 1997-02-25 1999-07-06 Intertrust Technologies Corp. Techniques for defining using and manipulating rights management data structures
US5884312A (en) 1997-02-28 1999-03-16 Electronic Data Systems Corporation System and method for securely accessing information from disparate data sources through a network
US6044462A (en) 1997-04-02 2000-03-28 Arcanvs Method and apparatus for managing key revocation
US5944824A (en) 1997-04-30 1999-08-31 Mci Communications Corporation System and method for single sign-on to a plurality of network elements
DE69834406T2 (en) 1997-05-13 2006-12-07 Passlogix, Inc. GENERALIZED USER IDENTIFICATION AND AUTHENTICATION SYSTEM
JP3595109B2 (en) 1997-05-28 2004-12-02 日本ユニシス株式会社 Authentication device, terminal device, authentication method in those devices, and storage medium
US6584565B1 (en) 1997-07-15 2003-06-24 Hewlett-Packard Development Company, L.P. Method and apparatus for long term verification of digital signatures
US6397329B1 (en) * 1997-11-21 2002-05-28 Telcordia Technologies, Inc. Method for efficiently revoking digital identities
US5987429A (en) 1997-12-16 1999-11-16 Sun Microsystems, Inc. Computer-based fee processing for electronic commerce
US6484174B1 (en) 1998-04-20 2002-11-19 Sun Microsystems, Inc. Method and apparatus for session management and user authentication
US6178511B1 (en) 1998-04-30 2001-01-23 International Business Machines Corporation Coordinating user target logons in a single sign-on (SSO) environment
US6275944B1 (en) 1998-04-30 2001-08-14 International Business Machines Corporation Method and system for single sign on using configuration directives with respect to target types
US6615347B1 (en) * 1998-06-30 2003-09-02 Verisign, Inc. Digital certificate cross-referencing
US6351812B1 (en) * 1998-09-04 2002-02-26 At&T Corp Method and apparatus for authenticating participants in electronic commerce
US6301658B1 (en) * 1998-09-09 2001-10-09 Secure Computing Corporation Method and system for authenticating digital certificates issued by an authentication hierarchy
US6671803B1 (en) * 1998-10-06 2003-12-30 Koninklijke Philips Electronics N.V. Method and system for consumer electronic device certificate management
US6304974B1 (en) * 1998-11-06 2001-10-16 Oracle Corporation Method and apparatus for managing trusted certificates
US6421768B1 (en) 1999-05-04 2002-07-16 First Data Corporation Method and system for authentication and single sign on using cryptographically assured cookies in a distributed computer environment
WO2001006701A1 (en) * 1999-07-15 2001-01-25 Sudia Frank W Certificate revocation notification systems
US20020029200A1 (en) * 1999-09-10 2002-03-07 Charles Dulin System and method for providing certificate validation and other services
US6401211B1 (en) 1999-10-19 2002-06-04 Microsoft Corporation System and method of user logon in combination with user authentication for network access
US6842863B1 (en) * 1999-11-23 2005-01-11 Microsoft Corporation Certificate reissuance for checking the status of a certificate in financial transactions
CN1182479C (en) * 2000-01-07 2004-12-29 国际商业机器公司 System and method for effectively collecting aranging and access to withdrew table of certificate
US6581059B1 (en) * 2000-01-24 2003-06-17 International Business Machines Corporation Digital persona for providing access to personal information
US6961858B2 (en) * 2000-06-16 2005-11-01 Entriq, Inc. Method and system to secure content for distribution via a network
EP2770455B1 (en) * 2000-06-16 2017-01-25 MIH Technology Holdings BV Method and system to exercise geographic restrictions over the distribution of content via a network
US7076653B1 (en) * 2000-06-27 2006-07-11 Intel Corporation System and method for supporting multiple encryption or authentication schemes over a connection on a network
US20020019838A1 (en) 2000-07-05 2002-02-14 Silanis Technology Inc. Status identifier for identifying the approval status of an electronic document
US6836765B1 (en) * 2000-08-30 2004-12-28 Lester Sussman System and method for secure and address verifiable electronic commerce transactions
US6948061B1 (en) * 2000-09-20 2005-09-20 Certicom Corp. Method and device for performing secure transactions
US6944648B2 (en) 2000-09-22 2005-09-13 Docusign, Inc. System and method for managing transferable records
US7024691B1 (en) * 2000-10-17 2006-04-04 International Business Machines Corporation User policy for trusting web sites
DE10061102B4 (en) 2000-12-07 2010-09-02 Tc Trust Center Gmbh System for status inquiry of digital certificates
WO2002048925A2 (en) 2000-12-14 2002-06-20 Silanis Technology Inc. Method and system for the approval of an electronic document over a network
AU2002215782B2 (en) 2000-12-14 2008-03-06 Silanis Technology Inc. Web-based method and system for applying a legally enforceable signature on an electronic document
US7475151B2 (en) * 2000-12-22 2009-01-06 Oracle International Corporation Policies for modifying group membership
US7349912B2 (en) * 2000-12-22 2008-03-25 Oracle International Corporation Runtime modification of entries in an identity system
WO2002059725A2 (en) 2001-01-26 2002-08-01 Shearman & Sterling Methods and systems for electronically representing records of obligations
US20030088771A1 (en) * 2001-04-18 2003-05-08 Merchen M. Russel Method and system for authorizing and certifying electronic data transfers
US7020645B2 (en) 2001-04-19 2006-03-28 Eoriginal, Inc. Systems and methods for state-less authentication
US6970862B2 (en) * 2001-05-31 2005-11-29 Sun Microsystems, Inc. Method and system for answering online certificate status protocol (OCSP) requests without certificate revocation lists (CRL)
US7149892B2 (en) * 2001-07-06 2006-12-12 Juniper Networks, Inc. Secure sockets layer proxy architecture
US7383433B2 (en) * 2001-07-31 2008-06-03 Sun Microsystems, Inc. Trust spectrum for certificate distribution in distributed peer-to-peer networks
US7120793B2 (en) * 2001-09-28 2006-10-10 Globalcerts, Lc System and method for electronic certificate revocation
US20030074555A1 (en) * 2001-10-17 2003-04-17 Fahn Paul Neil URL-based certificate in a PKI
US20030078987A1 (en) * 2001-10-24 2003-04-24 Oleg Serebrennikov Navigating network communications resources based on telephone-number metadata
US20030130960A1 (en) * 2001-11-28 2003-07-10 Fraser John D. Bridging service for security validation within enterprises
CN1352434A (en) * 2001-11-29 2002-06-05 上海维豪信息安全技术有限公司 Electronic government affairs safety platform system based on trust and authorization service
US20030126433A1 (en) * 2001-12-27 2003-07-03 Waikwan Hui Method and system for performing on-line status checking of digital certificates
US8086867B2 (en) * 2002-03-26 2011-12-27 Northrop Grumman Systems Corporation Secure identity and privilege system
FI20021738A0 (en) * 2002-09-30 2002-09-30 Ssh Comm Security Oyj Procedure for producing certificate revocation lists

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9130918B2 (en) 2009-09-21 2015-09-08 Thomson Licensing System and method for automatically verifying storage of redundant contents into communication equipments, by data comparison

Also Published As

Publication number Publication date
CN1682490B (en) 2012-11-14
MXPA05000696A (en) 2005-04-08
AU2003259136B2 (en) 2009-06-04
BR0312774A (en) 2005-05-03
US7743248B2 (en) 2010-06-22
EP1540881B1 (en) 2014-09-10
EP1540881A2 (en) 2005-06-15
KR20050074430A (en) 2005-07-18
US20040093493A1 (en) 2004-05-13
HK1083252A1 (en) 2006-06-30
AU2003259136A1 (en) 2004-02-09
CN1682490A (en) 2005-10-12
EA200500227A1 (en) 2005-08-25
CA2492986C (en) 2011-03-15
WO2004010271A2 (en) 2004-01-29
IL166311A0 (en) 2006-01-15
KR101105121B1 (en) 2012-01-16
BRPI0312774B1 (en) 2018-02-06
EA007089B1 (en) 2006-06-30
NZ537994A (en) 2006-09-29
WO2004010271A3 (en) 2004-08-05

Similar Documents

Publication Publication Date Title
CA2492986A1 (en) System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components
US11516016B2 (en) Method and system for signing and authenticating electronic documents via a signature authority which may act in concert with software controlled by the signer
US11233657B2 (en) Method and system for registering digital documents
US9654298B2 (en) Signature # efficient real time credentials for OCSP and distributed OCSP
CN111092737B (en) Digital certificate management method and device and block link points
US7178029B2 (en) Method and apparatus for validating a digital signature
JP4796971B2 (en) Efficiently signable real-time credentials for OCSP and distributed OCSP
US7058619B2 (en) Method, system and computer program product for facilitating digital certificate state change notification
US20050044369A1 (en) Electronic document management system
CN110851877B (en) Data processing method and device, block chain node equipment and storage medium
TWI661331B (en) System and method for identity verification and privacy protection in public blockchain
US8176330B2 (en) Method, apparatus and article for off-line certification in mobile applications
Das et al. A secure blockchain-enabled vehicle identity management framework for intelligent transportation systems
KR100349224B1 (en) A secure flexible electronic submission
JP4846464B2 (en) System for issuing and verifying multiple public key certificates, and method for issuing and verifying multiple public key certificates
CN1922815B (en) Sign-efficient real time credentials for ocsp and distributed ocsp
KR100419484B1 (en) An efficient certificate validation system and method using validation authority in PKI
Wang et al. Decentralized CRL Management for Vehicular Networks With Permissioned Blockchain
JP2004056635A (en) Update instrument of certificate invalidation list, system and method
TW202042527A (en) Verification and management system for a digital certificate and method thereof
Pinkas et al. RFC 5126: CMS Advanced Electronic Signatures (CAdES)
CN117714062A (en) Asset information processing method, device, equipment and medium based on block chain
AU2006202855A1 (en) Signature-efficient real time credentials for OCSP and distributed OCSP

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20230717