Security information acquisition
US6513116B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Sep 29, 1998 |
| Grant date | Jan 28, 2003 |
| Priority date | — |
| Expiry date | Sep 29, 2018 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The invention provides an improved method and system for security information acquisition. A relatively small amount of nonvolatile storage at the client consumer electronic device is used to obtain a chain of trusted root certificates, thus providing each client consumer electronic device with a trustable technique for access to secure communication. The trusted root certificates are provided by one or more TSIPs (trusted security information providers), and are chained together so that a current root certificate can be obtained by the client consumer electronic device, even using an expired root certificate. The client consumer electronic device uses a current root certificate to obtain a SIO (security information object) from the TSIP. The SIO includes information regarding at least one trusted entity, such as a one or more trusted entity certificates, and other trust information. The SIO is digitally signed by the TSIP and can be verified by the client consumer electronic device using the current root certificate.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.