Systems, methods, and devices for multi-stage provisioning and multi-tenant operation for a security credential management system

Assignee

• INTEGRITY SECURITY SERVICES LLC · US

Inventors

• Daniel R. Fynaardt · Capistrano Beach, US
• William L. Lattin · Los Altos, US
• Gregory A. Powell · Ladera Ranch, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W4/44
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An example system for securely provisioning computerized devices of a plurality of tenants includes a Security Credential Management System (SCMS) host that is communicatively connected to the devices and is operable to receive provisioning requests from computerized devices needing certificates. Each provisioning request indicates a tenant identifier (ID) uniquely identifying a tenant of the plurality of tenants. The system also includes a registration authority communicatively connected to the SCMS host and operable to transmit requests to SCMS backend components. The backend components include a set of independent enrollment certificate authorities operable to generate enrollment certificates in response to receiving requests for enrollment certificates from the devices, each provisioning request being transmitted to one of the enrollment certificate authorities based on the tenant identifier of each provisioning request; and a pseudonym certificate authority operable to generate pseudonym certificates responsive to receiving requests for pseudonym certificates from the virtual registration authority.