CA2328645A1 - A method and a system for certificate revocation list consolidation and access - Google Patents

A method and a system for certificate revocation list consolidation and access Download PDF

Info

Publication number
CA2328645A1
CA2328645A1 CA002328645A CA2328645A CA2328645A1 CA 2328645 A1 CA2328645 A1 CA 2328645A1 CA 002328645 A CA002328645 A CA 002328645A CA 2328645 A CA2328645 A CA 2328645A CA 2328645 A1 CA2328645 A1 CA 2328645A1
Authority
CA
Canada
Prior art keywords
crl
access
cas
revocation list
certificate revocation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002328645A
Other languages
French (fr)
Other versions
CA2328645C (en
Inventor
Jing Min Xu
Zhong Tian
Leo Y. Liu
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CA2328645A1 publication Critical patent/CA2328645A1/en
Application granted granted Critical
Publication of CA2328645C publication Critical patent/CA2328645C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/06Asset management; Financial planning or analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/42Anonymization, e.g. involving pseudonyms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Abstract

This invention discloses a system for certificate revocation list (CRL) consolidation and access, comprising: a plurality of certificate authorities (CAs); a pluralit y of CRL retrieval agents associated with CRL distribution mechanisms of CAs, for consolidating the CR Ls from multiple CAs; CRL databases, for storing the consolidated CRLs from multiple CRL retrieval agents and the replication of CRLs; and CRL access API. Therefore, application can acce ss the nearest CRL database to determine whether a digital certificate has been revoked via a s et of unified APIs without bothering the detailed of CRL distribution mechanisms. In addition, the system of the invention is also adapted for consolidating and accessing all kinds of black list.
CA002328645A 2000-01-07 2000-12-15 A method and a system for certificate revocation list consolidation and access Expired - Fee Related CA2328645C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP00100915.X 2000-01-07
CNB00100915XA CN1182479C (en) 2000-01-07 2000-01-07 System and method for effectively collecting aranging and access to withdrew table of certificate

Publications (2)

Publication Number Publication Date
CA2328645A1 true CA2328645A1 (en) 2001-07-07
CA2328645C CA2328645C (en) 2009-04-21

Family

ID=4575733

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002328645A Expired - Fee Related CA2328645C (en) 2000-01-07 2000-12-15 A method and a system for certificate revocation list consolidation and access

Country Status (4)

Country Link
US (1) US7761467B2 (en)
CN (1) CN1182479C (en)
CA (1) CA2328645C (en)
SG (1) SG92778A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7225164B1 (en) * 2000-02-15 2007-05-29 Sony Corporation Method and apparatus for implementing revocation in broadcast networks

Families Citing this family (68)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7743248B2 (en) * 1995-01-17 2010-06-22 Eoriginal, Inc. System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components
US7730300B2 (en) 1999-03-30 2010-06-01 Sony Corporation Method and apparatus for protecting the transfer of data
US7039614B1 (en) 1999-11-09 2006-05-02 Sony Corporation Method for simulcrypting scrambled data to a plurality of conditional access devices
US20020099822A1 (en) * 2001-01-25 2002-07-25 Rubin Aviel D. Method and apparatus for on demand certificate revocation updates
US6912582B2 (en) * 2001-03-30 2005-06-28 Microsoft Corporation Service routing and web integration in a distributed multi-site user authentication system
US6970862B2 (en) * 2001-05-31 2005-11-29 Sun Microsystems, Inc. Method and system for answering online certificate status protocol (OCSP) requests without certificate revocation lists (CRL)
US7747853B2 (en) 2001-06-06 2010-06-29 Sony Corporation IP delivery of secure digital content
US20030005326A1 (en) * 2001-06-29 2003-01-02 Todd Flemming Method and system for implementing a security application services provider
US20030037234A1 (en) * 2001-08-17 2003-02-20 Christina Fu Method and apparatus for centralizing a certificate revocation list in a certificate authority cluster
JP3935879B2 (en) * 2001-11-06 2007-06-27 インターナショナル・ビジネス・マシーンズ・コーポレーション System for data supply
KR100698514B1 (en) * 2002-03-11 2007-03-21 (주)케이사인 A procesing method and a computer program product effective CRL
US8423763B2 (en) * 2002-03-20 2013-04-16 Research In Motion Limited System and method for supporting multiple certificate status providers on a mobile communication device
US7523490B2 (en) 2002-05-15 2009-04-21 Microsoft Corporation Session key security protocol
US8572408B2 (en) 2002-11-05 2013-10-29 Sony Corporation Digital rights management of a digital device
US7724907B2 (en) 2002-11-05 2010-05-25 Sony Corporation Mechanism for protecting the transfer of digital content
US8645988B2 (en) 2002-12-13 2014-02-04 Sony Corporation Content personalization for digital content
US8667525B2 (en) 2002-12-13 2014-03-04 Sony Corporation Targeted advertisement selection from a digital stream
US7934263B2 (en) * 2002-12-17 2011-04-26 Sony Pictures Entertainment Inc. License management in a media network environment
US7370212B2 (en) * 2003-02-25 2008-05-06 Microsoft Corporation Issuing a publisher use license off-line in a digital rights management (DRM) system
CN1781067A (en) * 2003-04-28 2006-05-31 皇家飞利浦电子股份有限公司 Method of storing revocation list
US7483532B2 (en) * 2003-07-03 2009-01-27 Microsoft Corporation RTP payload format
US7805344B2 (en) * 2004-03-12 2010-09-28 Sybase, Inc. System providing methodology for consolidation of financial information
US7437551B2 (en) * 2004-04-02 2008-10-14 Microsoft Corporation Public key infrastructure scalability certificate revocation status validation
US8838794B2 (en) * 2004-06-30 2014-09-16 International Business Machines Corporation Method, system and program product for simulating activity in a server environment
US7631183B2 (en) 2004-09-01 2009-12-08 Research In Motion Limited System and method for retrieving related certificates
US20060218393A1 (en) * 2005-03-23 2006-09-28 Hernandez Hendrich M Systems and methods for adaptive authentication
US8438645B2 (en) 2005-04-27 2013-05-07 Microsoft Corporation Secure clock with grace periods
US8725646B2 (en) * 2005-04-15 2014-05-13 Microsoft Corporation Output protection levels
US20060265758A1 (en) * 2005-05-20 2006-11-23 Microsoft Corporation Extensible media rights
US7684566B2 (en) * 2005-05-27 2010-03-23 Microsoft Corporation Encryption scheme for streamed multimedia content protected by rights management system
US7818575B2 (en) * 2005-06-24 2010-10-19 Microsoft Corporation Efficient retrieval of cryptographic evidence
US7769880B2 (en) 2005-07-07 2010-08-03 Microsoft Corporation Carrying protected content using a control protocol for streaming and a transport protocol
US7561696B2 (en) * 2005-07-12 2009-07-14 Microsoft Corporation Delivering policy updates for protected content
US8321690B2 (en) * 2005-08-11 2012-11-27 Microsoft Corporation Protecting digital media of various content types
US7634816B2 (en) * 2005-08-11 2009-12-15 Microsoft Corporation Revocation information management
US9054879B2 (en) * 2005-10-04 2015-06-09 Google Technology Holdings LLC Method and apparatus for delivering certificate revocation lists
US7720096B2 (en) * 2005-10-13 2010-05-18 Microsoft Corporation RTP payload format for VC-1
KR100749803B1 (en) * 2005-11-03 2007-08-17 한국전자통신연구원 Digital Broadcasting Conditional Access System and Method using Authorization Revocation List
US8316230B2 (en) * 2005-11-14 2012-11-20 Microsoft Corporation Service for determining whether digital certificate has been revoked
CN1832400B (en) * 2005-11-14 2011-08-17 四川长虹电器股份有限公司 Contents protection system and method
US20080052510A1 (en) * 2006-05-12 2008-02-28 Samsung Electronics Co., Ltd. Multi certificate revocation list support method and apparatus for digital rights management
US7958349B2 (en) * 2007-08-30 2011-06-07 Red Hat, Inc. Method for revoking a digital signature
EP2259205B1 (en) * 2008-03-28 2018-04-25 Panasonic Corporation Software updating apparatus, software updating system, alteration verification method and alteration verification program
EP2259204A1 (en) * 2008-03-28 2010-12-08 Panasonic Corporation Software updating apparatus, software updating system, invalidation method, and invalidation program
US8438388B2 (en) * 2008-03-31 2013-05-07 Motorola Solutions, Inc. Method and apparatus for distributing certificate revocation lists (CRLs) to nodes in an ad hoc network
US10270602B2 (en) * 2008-10-01 2019-04-23 International Business Machines Corporation Verifying and enforcing certificate use
US9083534B2 (en) 2011-01-07 2015-07-14 Mastercard International Incorporated Method and system for propagating a client identity
US8707276B2 (en) 2011-01-07 2014-04-22 Mastercard International Incorporated Method and system for managing programmed applications in an open API environment
US8671385B2 (en) 2011-01-07 2014-03-11 Mastercard International Incorporated Methods and systems for throttling calls to a service application through an open API
US8677308B2 (en) 2011-01-07 2014-03-18 Mastercard International Incorporated Method and system for generating an API request message
US9032204B2 (en) 2011-01-07 2015-05-12 Mastercard International Incorporated Methods and systems for providing a signed digital certificate in real time
TWI433558B (en) 2011-12-05 2014-04-01 Ind Tech Res Inst System and method for dynamically adjusting the frequency of updating certificate revocation list
US9641343B1 (en) * 2011-12-20 2017-05-02 Google Inc. Efficient unified certificate revocation lists
US8581633B2 (en) 2012-01-17 2013-11-12 Hamilton Sundstrand Corporation Analog peak hold circuits
US8656155B2 (en) * 2012-02-10 2014-02-18 International Business Machines Corporation Dynamic generation and processing of certificate public information directories
US9424405B2 (en) * 2012-11-28 2016-08-23 Apple Inc. Using receipts to control assignments of items of content to users
US8719908B1 (en) * 2012-12-21 2014-05-06 Disney Enterprises, Inc. Digital certificate management
US10142108B2 (en) * 2013-06-17 2018-11-27 Qube Cinema, Inc. Copy protection scheme for digital audio and video content authenticated HDCP receivers
JP6410189B2 (en) * 2013-12-16 2018-10-24 パナソニックIpマネジメント株式会社 Authentication system and authentication method
CN104778165A (en) * 2014-01-09 2015-07-15 山西太钢不锈钢股份有限公司 Design method of Domino platform system and relational database system integration
CN104980438B (en) * 2015-06-15 2018-07-24 中国科学院信息工程研究所 The method and system of digital certificate revocation status checkout in a kind of virtualized environment
US9906374B2 (en) 2016-02-29 2018-02-27 Red Hat, Inc. Efficient certificate revocation list processing
TWI600334B (en) 2016-03-23 2017-09-21 財團法人工業技術研究院 Security certificate management method for a vehicular network node and vehicular network node applying the same
EP3851923B1 (en) * 2020-01-14 2023-07-12 Siemens Aktiengesellschaft Control system for technical installations with certificate management
WO2021245600A1 (en) * 2020-06-03 2021-12-09 IOT.nxt BV System and method for maintaining a list of cryptographic certificates
EP3993339B1 (en) * 2020-10-29 2023-05-31 Siemens Aktiengesellschaft Certificate management in a technical system
CN114157432A (en) * 2021-11-25 2022-03-08 上海派拉软件股份有限公司 Digital certificate acquisition method, device, electronic equipment, system and storage medium
CN117314476B (en) * 2023-11-28 2024-02-27 四川隧唐科技股份有限公司 Certificate data integration method and device

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6658568B1 (en) * 1995-02-13 2003-12-02 Intertrust Technologies Corporation Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management
US6134551A (en) * 1995-09-15 2000-10-17 Intel Corporation Method of caching digital certificate revocation lists
US5745574A (en) * 1995-12-15 1998-04-28 Entegrity Solutions Corporation Security infrastructure for electronic transactions
US6028938A (en) * 1996-04-30 2000-02-22 Shana Corporation Secure electronic forms permitting layout revision
US5903651A (en) * 1996-05-14 1999-05-11 Valicert, Inc. Apparatus and method for demonstrating and confirming the status of a digital certificates and other data
US5903882A (en) * 1996-12-13 1999-05-11 Certco, Llc Reliance server for electronic transaction system
US6035402A (en) * 1996-12-20 2000-03-07 Gte Cybertrust Solutions Incorporated Virtual certificate authority
US6044462A (en) * 1997-04-02 2000-03-28 Arcanvs Method and apparatus for managing key revocation
US6092201A (en) * 1997-10-24 2000-07-18 Entrust Technologies Method and apparatus for extending secure communication operations via a shared list
US6128740A (en) * 1997-12-08 2000-10-03 Entrust Technologies Limited Computer security system and method with on demand publishing of certificate revocation lists
US6304882B1 (en) * 1998-05-05 2001-10-16 Informix Software, Inc. Data replication system and method
US6564219B1 (en) * 1998-11-19 2003-05-13 Emc Corporation Method and apparatus for obtaining an identifier for a logical unit of data in a database
US6411956B1 (en) * 1999-06-14 2002-06-25 Sun Microsystems, Inc. Method for distributed transaction support using JDBC 1.0 drivers
AU2001266739A1 (en) * 2000-06-06 2001-12-17 Bex.Com Pte. Ltd. Method and apparatus for establishing global trust bridge for multiple trust authorities

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7225164B1 (en) * 2000-02-15 2007-05-29 Sony Corporation Method and apparatus for implementing revocation in broadcast networks

Also Published As

Publication number Publication date
US20020004773A1 (en) 2002-01-10
US7761467B2 (en) 2010-07-20
SG92778A1 (en) 2002-11-19
CN1182479C (en) 2004-12-29
CA2328645C (en) 2009-04-21
CN1304109A (en) 2001-07-18

Similar Documents

Publication Publication Date Title
CA2328645A1 (en) A method and a system for certificate revocation list consolidation and access
CN100417064C (en) Information processing system and its method, information recording medium and ,program providing medium
JP4674933B2 (en) Method and apparatus for preventing unauthorized use of multimedia content
WO2002005061A3 (en) Information record infrastructure, system and method
CN1901446B (en) System and method for processing information using encryption key block
CN104252605B (en) A kind of file transparent encrypting and deciphering system of Android platform and method
US7003675B2 (en) Encrypted content data structure package and generation thereof
CN100490369C (en) System and mehtod for processing information using encryption key block
DE60130430T2 (en) METHOD AND DEVICE FOR INFORMATION PROCESSING
US7272229B2 (en) Digital work protection system, key management apparatus, and user apparatus
US7536016B2 (en) Encrypted content data structure package and generation thereof
CN101504668B (en) Cryptograph index supported database transparent encryption method
WO2004010271A3 (en) System and method for the transmission, storage and retrieval of authenticated documents
KR20030007075A (en) Digital work protection system, recording medium apparatus, transmission apparatus, and playback apparatus
KR20050028244A (en) Method for drm license supporting plural devices
CA2241745A1 (en) Method and apparatus for controlling access to encrypted data files in a computer system
US20060288210A1 (en) System of personal data spaces and a method of governing access to personal data spaces
MXPA02011091A (en) Receiving device for securely storing a content item, and playback device.
CN102867524A (en) Information processing apparatus, information processing method, and information recording program
EP1614047A1 (en) Method and apparatus for limiting number of times contents can be accessed using hashing chain
RU2006146811A (en) APPLICATION AUTHENTICATION
WO2000021239A8 (en) Certificate handling for digital rights management system
WO2001046782A3 (en) Method of pre-releasing encrypted digital data
EP1620776A1 (en) Method of storing revocation list
JP2003158514A (en) Digital work protection system, recording medium apparatus, transmission apparatus, and playback apparatus

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed

Effective date: 20121217

MKLA Lapsed

Effective date: 20121217