Patent · US Active

IP security certificate exchange based on certificate attributes

US9912654B2 · kind B2 · utility

0Cited by

7References

18Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Anatoliy Panasyuk · Bellevue, US
Dharshan Rangegowda · Seattle, US
Abhishek Shukla · Redmond, US

Key dates

Filing date	Nov 12, 2009
Grant date	Mar 6, 2018
Priority date	—
Expiry date	May 22, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2209/80
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Architecture that provides Internet Protocol security (IPsec) certificate exchange based on certificate attributes. An IPsec endpoint can validate the security context of another IPsec endpoint certificate by referencing certificate attributes. By facilitating IPsec certificate exchange using certificate attributes rather than solely certificate roots, it is now possible to build multiple isolated network zones using a single certificate authority rather than requiring one certificate authority per zone. Moreover, the ability to use certificate attributes during the IPsec certificate exchange can be leveraged for more focused communications such as QoS (quality of service). Certificate attributes can be utilized to identify the security context of the endpoint. The IPsec certificate use can be locked down to a single IP or group of IPs.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.