CA2408639A1 - Method and apparatus for self-authenticating digital records - Google Patents

Method and apparatus for self-authenticating digital records Download PDF

Info

Publication number
CA2408639A1
CA2408639A1 CA002408639A CA2408639A CA2408639A1 CA 2408639 A1 CA2408639 A1 CA 2408639A1 CA 002408639 A CA002408639 A CA 002408639A CA 2408639 A CA2408639 A CA 2408639A CA 2408639 A1 CA2408639 A1 CA 2408639A1
Authority
CA
Canada
Prior art keywords
digital
document
certificate
certification authority
certificate revocation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002408639A
Other languages
French (fr)
Other versions
CA2408639C (en
Inventor
Wes Doonan
Albert J. Wettlaufer
Rone H. Lewis
Stuart A. Haber
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Surety LLC
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CA2408639A1 publication Critical patent/CA2408639A1/en
Application granted granted Critical
Publication of CA2408639C publication Critical patent/CA2408639C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Abstract

A method for proving the validity of a record digitally signed by a user having a digital certificate issued by a certification authority within a hierarchy of certification authorities. The user signs the record (502), and obtains the digital certificates and certificate revocation information for all the certification authorities in the chain of the hierarchy extending from the user to the root certification authority. A timestamp is applied to the record (506), the digital certificates and the certificate revocation information to establish a point in time in which all items were created, current and valid. If, at some later point, one or more of the digital certificates either expire or are revoked, the timestamp serves as evidence of the integrity of the signed record.

Claims (29)

1. A method of authenticating a first document, the method comprising:
a step of digitally signing the first document using a first digital certificate provided by a first certification authority to produce a first digital signature;
a step of obtaining a second digital certificate issued by a second certification authority to the first certification authority, wherein the second digital certificate was used to issue the first digital certificate;
a step of obtaining first and second certificate revocation information identifying digital certificates which have been revoked by said first and second certification authorities, respectively; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document, the first and second digital certificates, and the first and second certificate revocation information, to thereby establish a point in a time when the first digital signature was valid.
2. The method of claim 1, comprising a step of creating a second document comprising the digitally signed first document, the first and second digital certificates, and the first and second certificate revocation information; and a step of requesting that a secure digital timestamp be applied to the second document.
3. The method of claim1, comprising a step of requesting that a first secure digital timestamp be applied to the digitally signed first document; and a step of creating a second document comprising the first and second digital certificates, and the first and second certificate revocation information; and a step of requesting that a second secure digital timestamp be applied to the second document.
4. The method of claim 2 or claim 3 wherein the second document is formatted as one in a group consisting of a compressed archive, a portable document format file, and a Multipart MIME encoded file.
5. The method of claim 1, wherein the second certification authority is a root certification authority within a hierarchy of certification authorities.
6. The method of claim 1, wherein the certificate revocation information comprises a first certificate revocation list identifying digital certificates revoked by the first certification authority and a second certificate revocation list identifying digital certificates revoked by the second certification authority.
7. The method of claim 6, wherein the first and second certificate revocation lists each comprise a CRLDP.
8. The method of claim 1, wherein the certificate revocation information comprises at least one OCSP response per digital certificate.
9. The method of claim 1, wherein the second digital certificate and the second certification information are obtained pursuant to at least one of an X.500 directory query, an LDAP query, a CMP query, and an electronic mail transfer.
10. The method of claim 9, wherein the second digital certificate and the second certification information are obtained pursuant to a transfer of information over the internet.
11. The method of claim1, further comprising:
a step of obtaining a third digital certificate issued by a third certification authority to the second certification authority; and a step of obtaining third certificate revocation information identifying digital certificates which have been revoked by the third certification authority; and wherein the step of requesting, requests that said at least one secure digital timestamp be applied to the digitally signed first document, the first, second and third digital certificates, and the first, second and third certificate revocation information.
12. The method of claim 11, wherein the third certification authority is a root certification authority in a hierarchy of certification authorities.
13. The method of claim 11, wherein the certificate revocation information comprises a first certificate revocation list identifying digital certificates revoked by the first certification authority, a second certificate revocation list identifying digital certificates revoked by the second certification authority, and a third certificate revocation list identifying digital certificates revoked by the third certification authority.
14. The method of claim 11, comprising obtaining the certificate revocation information after digitally signing the first document so that the certificate revocation information can be validated as of the time the first digital signature was created.
15. The method of claim 14, wherein the certificate revocation information comprises a first certificate revocation list identifying digital certificates revoked by the first certification authority, a second certificate revocation list identifying digital certificates revoked by the second certification authority, and a third certificate revocation list identifying digital certificates revoked by the third certification authority.
16. The method of claim 15, wherein the third certification authority is a root certification authority in a hierarchy of certification authorities.
17. The method of claim 11, further comprising:

obtaining a fourth digital certificate issued by a fourth certification authority to the third certification authority; and obtaining fourth certificate revocation information identifying digital certificates which have been revoked by the fourth certification authority;
and wherein the step of requesting, requests that said at least one secure digital timestamp be applied to the digitally signed first document, the first, second, third and fourth digital certificates, and the first, second, third and fourth certificate revocation information.
18. A method according to claim 17, wherein the fourth certification authority is a root certification authority in a hierarchy of certification authorities.
19. A method for a user to authenticate a first document in a hierarchy of certification authorities including a chain of certification authorities having at least an integer number N levels, N >=2, the chain including a first level certification authority having an associated self signed root certificate and an N-th level certification authority, wherein the k th level certification authority is issued a k th-level digital certificate by the certification authority in the k-1th level, for k: 2 <= k <= N, and wherein an m th level certification authority, for some m: 2 <= m <= N, issues a user's digital certificate to the user, the method comprising:
a step of digitally signing the first document using the user's digital certificate to produce a first digital signature;
a step of obtaining a certificate chain corresponding to the user's digital certificate, the certificate chain comprising a total of m digital certificates, one from each of the m certification authorities in the certificate chain;
a step of obtaining certificate revocation information corresponding to the m certification authorities, the certificate revocation information identifying digital certificates which have been revoked by the m certification authorities; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document, the user's digital certificate, the certificate chain and the certificate revocation information.
20 20. The method of claim 19, comprising:
a step of creating a second document comprising the digitally signed first document, the user's digital certificate, the certificate chain and the certificate revocation information; and a step of requesting that a secure digital timestamp be applied to the second document.
21. The method of claim 19, comprising:
a step of requesting that a first secure digital timestamp be applied to the digitally signed first document;
a step of creating a second document comprising the user's digital certificate, the certificate chain and the certificate revocation information; and a step of requesting that a secure digital timestamp be applied to the second document.
22. A method of authenticating a first document, the method comprising:
a step of digitally signing the first document to thereby create a digital signature; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document and also to validation information which attests to the validity of the digital signature.
23. The method of claim 22, further comprising:
a step of creating a second document comprising the digitally signed first document and the validation information, and a step of requesting that the secure digital timestamp be applied to the second document.
24. The method of claim 22, comprising:
a step of requesting that a first secure digital timestamp be applied to the digitally signed first document; and a step of requesting that a second secure digital timestamp be applied to the validation information.
25. The method of claim 22, wherein the validation information includes a self-signed digital certificate issued by a root certification authority.
26. The method of claim 25, wherein the validation information includes all digital certificates and corresponding certificate revocation information in a certification chain within a hierarchy of certification authorities.
27. A computer readable medium having executable software code thereon, the executable software code comprising:
code to digitally sign a first document to thereby create a first digital signature;
code to request that at least one secure digital timestamp be applied to the digitally signed first document and also to validation information which attests to the validity of the digital signature.
28. The computer readable medium according to claim 27, wherein the code comprises:
code to create a second document comprising the digitally signed first document and the validation information; and code to request that a secure digital timestamp be applied to the second document.
29. The computer readable medium according to claim 27, wherein the code comprises:
code to request that a first secure digital timestamp be applied to the digitally signed first document; and code to request that a second secure digital timestamp be applied to the validation information.
CA2408639A 2000-05-16 2001-05-16 Method and apparatus for self-authenticating digital records Expired - Lifetime CA2408639C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US09/571,859 US7047404B1 (en) 2000-05-16 2000-05-16 Method and apparatus for self-authenticating digital records
US09/571,859 2000-05-16
PCT/US2001/015779 WO2001089133A2 (en) 2000-05-16 2001-05-16 Method and apparatus for self-authenticating digital records

Publications (2)

Publication Number Publication Date
CA2408639A1 true CA2408639A1 (en) 2001-11-22
CA2408639C CA2408639C (en) 2011-07-19

Family

ID=24285357

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2408639A Expired - Lifetime CA2408639C (en) 2000-05-16 2001-05-16 Method and apparatus for self-authenticating digital records

Country Status (8)

Country Link
US (2) US7047404B1 (en)
EP (1) EP1287637B1 (en)
JP (1) JP5060009B2 (en)
AT (1) ATE339817T1 (en)
AU (1) AU2001263173A1 (en)
CA (1) CA2408639C (en)
DE (1) DE60123048T2 (en)
WO (1) WO2001089133A2 (en)

Families Citing this family (94)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1143658A1 (en) * 2000-04-03 2001-10-10 Canal+ Technologies Société Anonyme Authentication of data transmitted in a digital transmission system
GB2376389A (en) 2001-06-04 2002-12-11 Hewlett Packard Co Packaging evidence for long term validation
JP2003069559A (en) * 2001-08-23 2003-03-07 Sony Corp Content protection system
JP3901484B2 (en) * 2001-10-05 2007-04-04 株式会社ジェイテクト Electric power steering device
DE50112767D1 (en) * 2001-10-05 2007-09-06 Stefan Krempl Method and system for authorized decryption of encrypted data with at least two certificates
GB2382006A (en) * 2001-11-06 2003-05-14 Ibm Digital certificate containing the identity of an entity which will rely on the certificate
US7921288B1 (en) 2001-12-12 2011-04-05 Hildebrand Hal S System and method for providing different levels of key security for controlling access to secured items
US7260555B2 (en) 2001-12-12 2007-08-21 Guardian Data Storage, Llc Method and architecture for providing pervasive security to digital assets
US7380120B1 (en) 2001-12-12 2008-05-27 Guardian Data Storage, Llc Secured data format for access control
US7565683B1 (en) 2001-12-12 2009-07-21 Weiqing Huang Method and system for implementing changes to security policies in a distributed security system
US10360545B2 (en) 2001-12-12 2019-07-23 Guardian Data Storage, Llc Method and apparatus for accessing secured electronic data off-line
US7930756B1 (en) 2001-12-12 2011-04-19 Crocker Steven Toye Multi-level cryptographic transformations for securing digital assets
US7921284B1 (en) 2001-12-12 2011-04-05 Gary Mark Kinghorn Method and system for protecting electronic data in enterprise environment
US8065713B1 (en) 2001-12-12 2011-11-22 Klimenty Vainstein System and method for providing multi-location access management to secured items
US7178033B1 (en) 2001-12-12 2007-02-13 Pss Systems, Inc. Method and apparatus for securing digital assets
US7921450B1 (en) 2001-12-12 2011-04-05 Klimenty Vainstein Security system using indirect key generation from access rules and methods therefor
US10033700B2 (en) 2001-12-12 2018-07-24 Intellectual Ventures I Llc Dynamic evaluation of access rights
US8006280B1 (en) 2001-12-12 2011-08-23 Hildebrand Hal S Security system for generating keys from access rules in a decentralized manner and methods therefor
US7475250B2 (en) * 2001-12-19 2009-01-06 Northrop Grumman Corporation Assignment of user certificates/private keys in token enabled public key infrastructure system
US7950066B1 (en) 2001-12-21 2011-05-24 Guardian Data Storage, Llc Method and system for restricting use of a clipboard application
US8176334B2 (en) 2002-09-30 2012-05-08 Guardian Data Storage, Llc Document security system that permits external users to gain access to secured files
US7181615B2 (en) 2002-06-28 2007-02-20 Motorola, Inc. Method and system for vehicle authentication of a remote access device
US7228420B2 (en) 2002-06-28 2007-06-05 Temic Automotive Of North America, Inc. Method and system for technician authentication of a vehicle
US7549046B2 (en) 2002-06-28 2009-06-16 Temic Automotive Of North America, Inc. Method and system for vehicle authorization of a service technician
US7325135B2 (en) 2002-06-28 2008-01-29 Temic Automotive Of North America, Inc. Method and system for authorizing reconfiguration of a vehicle
US7137001B2 (en) 2002-06-28 2006-11-14 Motorola, Inc. Authentication of vehicle components
US7131005B2 (en) 2002-06-28 2006-10-31 Motorola, Inc. Method and system for component authentication of a vehicle
US7127611B2 (en) * 2002-06-28 2006-10-24 Motorola, Inc. Method and system for vehicle authentication of a component class
US7600114B2 (en) 2002-06-28 2009-10-06 Temic Automotive Of North America, Inc. Method and system for vehicle authentication of another vehicle
US8171567B1 (en) 2002-09-04 2012-05-01 Tracer Detection Technology Corp. Authentication method and system
US7707406B2 (en) 2002-11-08 2010-04-27 General Instrument Corporation Certificate renewal in a certificate authority infrastructure
US7318155B2 (en) * 2002-12-06 2008-01-08 International Business Machines Corporation Method and system for configuring highly available online certificate status protocol responders
US7370212B2 (en) 2003-02-25 2008-05-06 Microsoft Corporation Issuing a publisher use license off-line in a digital rights management (DRM) system
US7308573B2 (en) * 2003-02-25 2007-12-11 Microsoft Corporation Enrolling / sub-enrolling a digital rights management (DRM) server into a DRM architecture
US7543140B2 (en) * 2003-02-26 2009-06-02 Microsoft Corporation Revocation of a certificate and exclusion of other principals in a digital rights management (DRM) system based on a revocation list from a delegated revocation authority
US8707034B1 (en) 2003-05-30 2014-04-22 Intellectual Ventures I Llc Method and system for using remote headers to secure electronic files
JP3928589B2 (en) * 2003-06-12 2007-06-13 コニカミノルタビジネステクノロジーズ株式会社 Communication system and method
US8127366B2 (en) 2003-09-30 2012-02-28 Guardian Data Storage, Llc Method and apparatus for transitioning between states of security policies used to secure electronic documents
US7703140B2 (en) 2003-09-30 2010-04-20 Guardian Data Storage, Llc Method and system for securing digital assets using process-driven security policies
US20050122345A1 (en) * 2003-12-05 2005-06-09 Kirn Kevin N. System and method for media-enabled messaging having publish-and-send feature
US7702909B2 (en) * 2003-12-22 2010-04-20 Klimenty Vainstein Method and system for validating timestamps
JP2005286443A (en) * 2004-03-29 2005-10-13 Ntt Data Corp Certificate verification device and computer program thereof
US7444509B2 (en) * 2004-05-27 2008-10-28 International Business Machines Corporation Method and system for certification path processing
EP1635529A1 (en) * 2004-09-09 2006-03-15 Daniel Akenine Method and computer product for proving time and content of data records in a monitored system
CN100346249C (en) * 2004-12-31 2007-10-31 联想(北京)有限公司 Method for generating digital certificate and applying the generated digital certificate
US8438645B2 (en) 2005-04-27 2013-05-07 Microsoft Corporation Secure clock with grace periods
US8725646B2 (en) 2005-04-15 2014-05-13 Microsoft Corporation Output protection levels
US20060265758A1 (en) 2005-05-20 2006-11-23 Microsoft Corporation Extensible media rights
EP1927060B1 (en) 2005-08-09 2019-10-09 Nexsan Technologies Canada Inc. Data archiving method and system
JP4455474B2 (en) * 2005-11-04 2010-04-21 株式会社東芝 Time stamp update device and time stamp update program
US8989390B2 (en) * 2005-12-12 2015-03-24 Qualcomm Incorporated Certify and split system and method for replacing cryptographic keys
WO2007072468A1 (en) 2005-12-22 2007-06-28 Digiprove Limited Establishing proof of existence and possession of digital content
US7757280B2 (en) * 2006-01-17 2010-07-13 International Business Machines Corporation Method and system for memory protection and security using credentials
DE102006019466B4 (en) * 2006-04-26 2009-07-30 Siemens Ag Method and system for the tamper-proof establishment of a cryptographic key
JP4783236B2 (en) * 2006-08-09 2011-09-28 株式会社リコー Image reading apparatus, image information verification apparatus, image reading method, image information verification method, and image reading program
US20080100874A1 (en) * 2006-10-25 2008-05-01 Darcy Mayer Notary document processing and storage system and methods
US8583917B2 (en) * 2006-11-30 2013-11-12 Red Hat, Inc. Distribution of certification statements into repository
US8135950B2 (en) * 2007-02-27 2012-03-13 Red Hat, Inc. Method and apparatus for managing digital certificates
JP5060222B2 (en) * 2007-09-11 2012-10-31 株式会社東芝 Account management system, base account management device, derivative account management device, and program
EP2053531B1 (en) * 2007-10-25 2014-07-30 BlackBerry Limited Authentication certificate management for access to a wireless communication device
US20090132813A1 (en) * 2007-11-08 2009-05-21 Suridx, Inc. Apparatus and Methods for Providing Scalable, Dynamic, Individualized Credential Services Using Mobile Telephones
US9117219B2 (en) * 2007-12-31 2015-08-25 Peer 39 Inc. Method and a system for selecting advertising spots
JP5018494B2 (en) * 2008-01-16 2012-09-05 ソニー株式会社 Information processing apparatus, disk, information processing method, and program
US20100125523A1 (en) * 2008-11-18 2010-05-20 Peer 39 Inc. Method and a system for certifying a document for advertisement appropriateness
US10943030B2 (en) 2008-12-15 2021-03-09 Ibailbonding.Com Securable independent electronic document
US8635442B2 (en) * 2009-04-28 2014-01-21 Adobe Systems Incorporated System and method for long-term digital signature verification utilizing light weight digital signatures
US20100318788A1 (en) * 2009-06-12 2010-12-16 Alexandro Salvarani Method of managing secure communications
US9608826B2 (en) * 2009-06-29 2017-03-28 Jpmorgan Chase Bank, N.A. System and method for partner key management
DE102009031143B3 (en) * 2009-06-30 2010-12-09 Siemens Aktiengesellschaft Apparatus and method for creating and validating a digital certificate
JP5105291B2 (en) 2009-11-13 2012-12-26 セイコーインスツル株式会社 Long-term signature server, long-term signature terminal, long-term signature terminal program
US8621204B2 (en) 2009-12-23 2013-12-31 Citrix Systems, Inc. Systems and methods for evaluating and prioritizing responses from multiple OCSP responders
US20110154026A1 (en) * 2009-12-23 2011-06-23 Christofer Edstrom Systems and methods for parallel processing of ocsp requests during ssl handshake
US8627063B2 (en) * 2009-12-23 2014-01-07 Citrix Systems, Inc. Systems and methods for flash crowd control and batching OCSP requests via online certificate status protocol
US20110179119A1 (en) * 2010-01-08 2011-07-21 William Bryan Penn International data memorial.com ("IDM")
US8499150B1 (en) * 2010-11-11 2013-07-30 Symantec Corporation Selectively trusting signed files
US20120173874A1 (en) * 2011-01-04 2012-07-05 Qualcomm Incorporated Method And Apparatus For Protecting Against A Rogue Certificate
JP2012175552A (en) * 2011-02-23 2012-09-10 Seiko Instruments Inc Information processing device and information processing program
JP5700423B2 (en) 2011-02-23 2015-04-15 セイコーインスツル株式会社 Long-term signature terminal, long-term signature server, long-term signature terminal program, and long-term signature server program
JP5822489B2 (en) * 2011-03-07 2015-11-24 キヤノン株式会社 Information processing apparatus and computer program
JP5786670B2 (en) * 2011-11-17 2015-09-30 ソニー株式会社 Information processing apparatus, information storage apparatus, information processing system, information processing method, and program
US8954732B1 (en) * 2012-06-27 2015-02-10 Juniper Networks, Inc. Authenticating third-party programs for platforms
WO2014001890A1 (en) 2012-06-28 2014-01-03 Ologn Technologies Ag Secure key storage systems, methods and apparatuses
US20140019762A1 (en) * 2012-07-10 2014-01-16 Digicert, Inc. Method, Process and System for Digitally Signing an Object
JP2014053797A (en) * 2012-09-07 2014-03-20 Toshiba Corp Device and program for electronic document management
US9270667B2 (en) * 2012-11-01 2016-02-23 Microsoft Technology Licensing, Llc Utilizing X.509 authentication for single sign-on between disparate servers
EP3082057B1 (en) * 2013-12-09 2020-11-18 Panasonic Intellectual Property Corporation of America Authentication method and authentication system
DE102014102168A1 (en) * 2014-02-20 2015-09-03 Phoenix Contact Gmbh & Co. Kg Method and system for creating and validating device certificates
EP2958265B1 (en) * 2014-06-16 2017-01-11 Vodafone GmbH Revocation of a root certificate stored in a device
GB2531247B (en) * 2014-10-07 2021-10-06 Arm Ip Ltd Method, hardware and digital certificate for authentication of connected devices
US9479338B2 (en) * 2015-03-17 2016-10-25 Digicert, Inc. Method and system for certificate discovery and ranking certificate authorities
US9882727B1 (en) * 2015-10-02 2018-01-30 Digicert, Inc. Partitioning certificate revocation lists
US10038723B2 (en) * 2015-11-10 2018-07-31 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for reliable token revocation
US10447467B2 (en) 2016-05-04 2019-10-15 International Business Machines Corporation Revocable PKI signatures
US11683188B2 (en) * 2020-10-13 2023-06-20 Google Llc Representing certificate expiration with time-based intermediate certificate authorities

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5136646A (en) * 1991-03-08 1992-08-04 Bell Communications Research, Inc. Digital document time-stamping with catenate certificate
US5373561A (en) 1992-12-21 1994-12-13 Bell Communications Research, Inc. Method of extending the validity of a cryptographic certificate
CZ11597A3 (en) * 1994-07-19 1997-09-17 Bankers Trust Co Method of safe use of digital designation in a commercial coding system
US5687235A (en) 1995-10-26 1997-11-11 Novell, Inc. Certificate revocation performance optimization
US5745574A (en) 1995-12-15 1998-04-28 Entegrity Solutions Corporation Security infrastructure for electronic transactions
US5903651A (en) * 1996-05-14 1999-05-11 Valicert, Inc. Apparatus and method for demonstrating and confirming the status of a digital certificates and other data
US5903882A (en) * 1996-12-13 1999-05-11 Certco, Llc Reliance server for electronic transaction system
US6584565B1 (en) * 1997-07-15 2003-06-24 Hewlett-Packard Development Company, L.P. Method and apparatus for long term verification of digital signatures
US6226743B1 (en) * 1998-01-22 2001-05-01 Yeda Research And Development Co., Ltd. Method for authentication item
US6301658B1 (en) * 1998-09-09 2001-10-09 Secure Computing Corporation Method and system for authenticating digital certificates issued by an authentication hierarchy
AU6097000A (en) * 1999-07-15 2001-02-05 Frank W Sudia Certificate revocation notification systems
US6978364B1 (en) * 2000-04-12 2005-12-20 Microsoft Corporation VPN enrollment protocol gateway
GB0111063D0 (en) * 2001-05-04 2001-06-27 Abathorn Ltd Method and apparatus for the creation of a self authenticating

Also Published As

Publication number Publication date
US20060200661A1 (en) 2006-09-07
US7047404B1 (en) 2006-05-16
WO2001089133A2 (en) 2001-11-22
ATE339817T1 (en) 2006-10-15
JP2003533940A (en) 2003-11-11
JP5060009B2 (en) 2012-10-31
WO2001089133A3 (en) 2002-03-28
EP1287637A2 (en) 2003-03-05
DE60123048D1 (en) 2006-10-26
EP1287637B1 (en) 2006-09-13
CA2408639C (en) 2011-07-19
AU2001263173A1 (en) 2001-11-26
US8032744B2 (en) 2011-10-04
DE60123048T2 (en) 2007-05-03
EP1287637A4 (en) 2004-05-26

Similar Documents

Publication Publication Date Title
CA2408639A1 (en) Method and apparatus for self-authenticating digital records
US5604804A (en) Method for certifying public keys in a digital signature scheme
US5717757A (en) Certificate issue lists
US6301659B1 (en) Tree-based certificate revocation system
US7519824B1 (en) Time stamping method employing multiple receipts linked by a nonce
US5420927A (en) Method for certifying public keys in a digital signature scheme
US7178029B2 (en) Method and apparatus for validating a digital signature
Micali Enhanced certificate revocation system
US7107456B2 (en) Packaging evidence for long term validation
WO2004010271A3 (en) System and method for the transmission, storage and retrieval of authenticated documents
MXPA02005311A (en) System and method for electronic storage and retrieval of authenticated original documents.
ATE329426T1 (en) METHOD AND DATA CARRIER FOR REGISTERING USERS OF A PUBLIC KEY INFRASTRUCTURE AND REGISTRATION SYSTEM
JP2001142398A (en) Folder type time certifying system and distributed time certifying system
Lu et al. A new proxy signature scheme with revocation
US20030115461A1 (en) System and method for the signing and authentication of configuration settings using electronic signatures
JP4631132B2 (en) Digital signature validity period extension system, digital signature validity period extension device, and digital signature validity period extension method
Massias et al. Timestamps: Main issues on their use and implementation
EP4014428A1 (en) System and method for electronic signature creation and management for long-term archived documents
US7490241B1 (en) Time stamping method employing user specified time
NL2028778B1 (en) Blockchain electronic contract management system
US6965998B1 (en) Time stamping method using time-based signature key
CN105681035A (en) Security authorization method which solves problem that certificate private key is reused by multiple users
JP4647918B2 (en) Time stamp method
JP2007027938A (en) Signature extension device, system, method and program
TW202042527A (en) Verification and management system for a digital certificate and method thereof

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20210517

MKEX Expiry

Effective date: 20210517