Patent application number | Description | Published |
20090249062 | METHOD AND APPARATUS FOR DISTRIBUTING CERTIFICATE REVOCATION LISTS (CRLs) TO NODES IN AN AD HOC NETWORK - A method and apparatus for distributing Certificate Revocation List (CRL) information in an ad hoc network are provided. Ad hoc nodes in an ad hoc network can each transmit one or more certificate revocation list advertisement message(s) (CRLAM(s)). Each CRLAM includes an issuer certification authority (CA) field that identifies a certification authority (CA) that issued a particular certificate revocation list (CRL), a certificate revocation list (CRL) sequence number field that specifies a number that specifies the version of the particular certificate revocation list (CRL) that was issued by the issuer certification authority (CA). Nodes that receive the CRLAMs can then use the CRL information provided in the CRLAM to determine whether to retrieve the particular certificate revocation list (CRL). | 10-01-2009 |
20100031027 | METHOD AND DEVICE FOR DISTRIBUTING PUBLIC KEY INFRASTRUCTURE (PKI) CERTIFICATE PATH DATA - A method and device for distributing public key infrastructure (PKI) certificate path data enables relying nodes to efficiently authenticate other nodes in an autonomous ad-hoc network. The method includes compiling, at a certificate path management unit (CPMU), the PKI certificate path data (step | 02-04-2010 |
20100070755 | METHOD AND DEVICE FOR CONFIRMING AUTHENTICITY OF A PUBLIC KEY INFRASTRUCTURE (PKI) TRANSACTION EVENT - A method and device for confirming authenticity of a public key infrastructure (PKI) transaction event between a relying node and a subject node in a communication network enables improved network security. According to some embodiments, the method includes establishing at a PKI event logging (PEL) server a process to achieve secure communications with the relying node (step | 03-18-2010 |
20110161659 | METHOD TO ENABLE SECURE SELF-PROVISIONING OF SUBSCRIBER UNITS IN A COMMUNICATION SYSTEM - A method to enable remote, secure, self-provisioning of a subscriber unit includes, a security provisioning server: receiving, from a subscriber unit, a certificate signing request having subscriber unit configuration trigger data; generating provisioning data for the subscriber unit using the subscriber unit configuration trigger data; and in response to the certificate signing request, providing to the subscriber unit the provisioning data and a subscriber unit certificate having authorization attributes associated with the provisioning data, to enable the self-provisioning of the subscriber unit. | 06-30-2011 |
20120117608 | CERTIFICATE POLICY MANAGEMENT TOOL - A certificate policy management tool ( | 05-10-2012 |
20120166796 | SYSTEM AND METHOD OF PROVISIONING OR MANAGING DEVICE CERTIFICATES IN A COMMUNICATION NETWORK - A certificate manager transmits a certificate service advertisement to a plurality of certificate clients. The certificate service advertisement identifies the certificate manager and includes segregation data. The segregation data indicates a set of services offered or a set of clients for which the certificate manager offers service. Responsive to the transmitting of the certificate service advertisement, the certificate manager receives a certificate service request from at least one certificate client of the plurality of certificate clients. The certificate manager verifies that the at least one certificate client is associated with the set of clients for which the certificate manager offers service, and the certificate manager fulfills the certificate service request. | 06-28-2012 |
20130036303 | PRIVATE CERTIFICATE VALIDATION METHOD AND APPARATUS - Methods and apparatuses for validating the status of digital certificates include a relying party receiving at least one digital certificate and determining if the at least one digital certificate is to be validated against a private certificate status database. The relying party accesses the private certificate status database and cryptographically validates the authenticity of data in the private certificate status database. The relying party also validates the at least one digital certificate based on information in at least one of the private certificate status database and a public certificate status database. | 02-07-2013 |
20130117558 | METHOD AND APPARATUS FOR AUTHENTICATING A DIGITAL CERTIFICATE STATUS AND AUTHORIZATION CREDENTIALS - A relying party obtains a certificate of a certificate subject and acquires a status information object for the certificate. The relying party validates the certificate using information in the status information object and compares authorization attributes present in the status information object with policy attributes associated with the requested service. A policy attribute is a set of constraints used by the relying party to determine if the authorization attributes associated with the certificate subject are sufficient to allow the certificate subject to access the requested service. If the authorization attributes present in the status information object match the policy attributes associated with the requested service, the relying party may grant the certificate subject access to the requested service. | 05-09-2013 |
20130159703 | UTILIZING A STAPLING TECHNIQUE WITH A SERVER-BASED CERTIFICATE VALIDATION PROTOCOL TO REDUCE OVERHEAD FOR MOBILE COMMUNICATION DEVICES - A certificate issuer ( | 06-20-2013 |
20140068251 | METHOD AND DEVICE FOR DYNAMICALLY UPDATING AND MAINTAINING CERTIFICATE PATH DATA ACROSS REMOTE TRUST DOMAINS - A method and device is provided for dynamically maintaining and updating public key infrastructure (PKI) certificate path data across remote trusted domains to enable relying parties to efficiently authenticate other nodes in an autonomous ad-hoc network. A certificate path management unit (CPMU) monitors a list of sources for an occurrence of a life cycle event capable of altering an existing PKI certificate path data. Upon determining that the life cycle event has occurred, the CPMU calculates a new PKI certificate path data to account for the occurrence of the life cycle event and provides the new PKI certificate path data to at least one of a relying party in a local domain or a remote CPMU in a remote domain. | 03-06-2014 |
20140245453 | METHOD AND APPARATUS FOR TRANSMITTING A USER DATAGRAM PROTOCOL MESSAGE THAT IS LARGER THAN A DEFINED SIZE - A first device initiates a handshake message exchange with a second device according to a security protocol. The first device determines that an application datagram is to be transmitted according to a first transport protocol that limits a size of a datagram based on a defined size. The first device also determines that an application datagram size is larger than the defined size. The first device fragments the application datagram if the application datagram size is larger than the defined size and secures the application datagram with the security protocol. The first device also encapsulates the application datagram fragments in handshake messages, wherein an encapsulated application datagram fragment is transmitted from the first device to the second device in a first security protocol record. The first device may also transmit, to the second device, another application datagram secured with the security protocol. | 08-28-2014 |