Cryptographic system and methodology for creating and managing crypto policy on certificate servers
作者: Mark James McArdle , Marc David Dyksterhouse , Jonathan David Callas
DOI:
关键词: Certification path validation algorithm 、 Implicit certificate 、 Database 、 Certificate signing request 、 Certificate authority 、 Root certificate 、 Public key certificate 、 Authorization certificate 、 Computer security 、 Computer science 、 Self-signed certificate
摘要: A cryptosystem having a Certificate (Key) Server for storing and maintaining certificate or key information in database is described. The allows clients to submit retrieve keys from based on set of policy constraints which are one's particular site (e.g., company). Access the maintained by Policy Agent, makes sure that enforced given supplied during configuration. During operation, responds client requests add, search for, certificates. server accepts rejects certificates configurable parameters Agent. When submitted server, Agent checks see if it meets criteria settings specified Exemplary types can enforce include checking has been signed appropriate entities signatures User IDs associated with approved submission. If submission established configuration met, accepted server. being does not pass requirements, rejected (optionally) copy placed “pending bucket” where subsequently be examined system administrator determine should allowed
lens.org 参考文章(17)
Oded Kafri, File encryption method ,(1996)
Eric O. Bodnar, Network computer system with remote user data encipher methodology ,(1997)
Tony Lewis, Key replacement in a public key cryptosystem ,(1996)
Addison M. Fischer, Method for preventing inadvertent betrayal by a trustee of escrowed digital secrets ,(2000)
Stephen M. Matyas, Christopher J. Holloway, George M. Dolan, Public key data communications system under control of a portable security device ,(1995)
William E. Boebert, System and method for trusted path communications ,(1994)
Sead Muftic, Security infrastructure for electronic transactions ,(1998)
Rostislaw Prymak, Ramesh K. Karne, Stephen M. Matyas, Donald B. Johnson, Julian Thomas, An V. Le, John D. Wilkins, Dennis G. Abraham, Phil C. Yeh, Data cryptography operations using control vectors ,(1989)
Nicholas J. Simicich, Gene Y. Tsudik, Mark H. Linehan, Personal key archive ,(1994)