Secure server using public key registration and methods of operation

Assignee

• International Business Machines Corporation · US

Inventors

• Larry An · Great Falls, US
• Hamid Bacha · Great Falls, US
• Robert Briggs · Burke, US
• Robert Burns · Santa Clara, US
• Robert B. Carroll · Mount Kisco, US
• Mark Fisk · North Potomac, US
• Hatem Ghafir · Redland, US
• Raymond Good · Ashburn, US
• Srinivasa Kasturi · Waynesboro, US
• Ku-Yun Lee · Germantown, US
• Drew Kittel · Washington, US
• Lolo Lasida · Alexandria, US
• Hiroshi Maruyama · Tokyo, JP
• Amit Pamecha · Fairfax, US
• Paresh K. Patel · Santa Clara, US
• Dieter Poetzschke · North Potomac, US
• Roger Reider · Silver Spring, US
• Khalid A. Asad · Frederick, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/10
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A secure-end-to-end communication system for electronic business system and method of operation, e.g., the Internet, includes a web server—vault controller having personal storage vaults in the controller for users, registration and certification authorities. Each personal vault runs programs on the controller under a unique UNIX user ID. Data storage is provided by the controller wherein the storage is owned by the same user ID assigned to the vault. A registration authority running as a software application in the controller processes requests to issue, renew and revoke digital certificates issued by a certification authority using two pairs of public-private keys. The registration authority interacts with the vault controller to decide whether an applicant qualifies to receive a digital certificate. The certification authority running as software application in the controller includes a certificate management system that provides services such as issuing, revoking, suspending, resuming, and renewing a user's right to digital certificates.