公开(公告)号：US20110047374A1

公开(公告)日：2011-02-24

申请号：US12854922

申请日：2010-08-12

申请人： Jiajing Liu ,  Thomas J. Barbour ,  Liqiang Chen ,  Ying Chen ,  Wei Lin Chou ,  Christopher P. Gardner ,  Stuart P. Moskovics ,  Xin Qiu ,  Chia Ling Tsai ,  Ting Yao

发明人： Jiajing Liu ,  Thomas J. Barbour ,  Liqiang Chen ,  Ying Chen ,  Wei Lin Chou ,  Christopher P. Gardner ,  Stuart P. Moskovics ,  Xin Qiu ,  Chia Ling Tsai ,  Ting Yao

IPC分类号： H04L9/00

CPC分类号： H04L9/3265 ,  H04L9/007

摘要： A method and apparatus are provided for generating identity data to be provisioned in product devices that are a part of a project. The method includes establishing a template associated with each CA in a hierarchical chain of CAs having a root CA at a highest level in the chain and a signing CA at a lowest level in the chain. The template associated with the signing CA inherits mandatory attribute fields specified in the root CA and any intermediate CA in the hierarchical chain. The mandatory attribute fields are user-specifiable fields to be populated with PKI data. A configuration file is generated upon receipt of an order for digital certificates using PKI data provided by a user to populate the mandatory attribute fields of the template associated with the signing CA. The digital certificates requested in the order are generated using the PKI data in the configuration file.

摘要翻译： 提供了一种用于生成作为项目的一部分的产品设备中提供的身份数据的方法和装置。 该方法包括在具有链中最高级别的根CA的CA的分级链中建立与每个CA相关联的模板以及链中最低级的签名CA。 与签名CA相关联的模板继承根CA中指定的强制属性字段和层级链中的任何中间CA。 强制属性字段是要填充PKI数据的用户指定字段。 使用由用户提供的PKI数据接收到数字证书的订单时，生成配置文件来填充与签名CA相关联的模板的强制属性字段。 使用配置文件中的PKI数据生成订单中请求的数字证书。

公开(公告)号：US08370626B2

公开(公告)日：2013-02-05

申请号：US12854922

申请日：2010-08-12

申请人： Jiajing Liu ,  Thomas J. Barbour ,  Liqiang Chen ,  Ying Chen ,  Wei Lin Chou ,  Christopher P. Gardner ,  Stuart P. Moskovics ,  Xin Qiu ,  Chia Ling Tsai ,  Ting Yao

发明人： Jiajing Liu ,  Thomas J. Barbour ,  Liqiang Chen ,  Ying Chen ,  Wei Lin Chou ,  Christopher P. Gardner ,  Stuart P. Moskovics ,  Xin Qiu ,  Chia Ling Tsai ,  Ting Yao

IPC分类号： H04L9/00

CPC分类号： H04L9/3265 ,  H04L9/007

摘要： A method and apparatus are provided for generating identity data to be provisioned in product devices that are a part of a project. The method includes establishing a template associated with each CA in a hierarchical chain of CAs having a root CA at a highest level in the chain and a signing CA at a lowest level in the chain. The template associated with the signing CA inherits mandatory attribute fields specified in the root CA and any intermediate CA in the hierarchical chain. The mandatory attribute fields are user-specifiable fields to be populated with PKI data. A configuration file is generated upon receipt of an order for digital certificates using PKI data provided by a user to populate the mandatory attribute fields of the template associated with the signing CA. The digital certificates requested in the order are generated using the PKI data in the configuration file.

摘要翻译： 提供了一种用于生成作为项目的一部分的产品设备中提供的身份数据的方法和装置。 该方法包括在具有链中最高级别的根CA的CA的分级链中建立与每个CA相关联的模板以及链中最低级的签名CA。 与签名CA相关联的模板继承根CA中指定的强制属性字段和层级链中的任何中间CA。 强制属性字段是要填充PKI数据的用户指定字段。 使用由用户提供的PKI数据接收到数字证书的订单时，生成配置文件来填充与签名CA相关联的模板的强制属性字段。 使用配置文件中的PKI数据生成订单中请求的数字证书。

公开(公告)号：US20110197061A1

公开(公告)日：2011-08-11

申请号：US12854920

申请日：2010-08-12

申请人： Wei Lin Chou ,  Thomas J. Barbour ,  Liqiang Chen ,  Ying Chen ,  Christopher P. Gardner ,  Jiajing Liu ,  Oscar Jiang ,  Xin Qiu ,  Kyle W. Stewart ,  Chia Ling Tsai ,  Fan Wang ,  Ting Yao

发明人： Wei Lin Chou ,  Thomas J. Barbour ,  Liqiang Chen ,  Ying Chen ,  Christopher P. Gardner ,  Jiajing Liu ,  Oscar Jiang ,  Xin Qiu ,  Kyle W. Stewart ,  Chia Ling Tsai ,  Fan Wang ,  Ting Yao

IPC分类号： H04L29/06

CPC分类号： H04L9/006 ,  H04L9/3265

摘要： A method and apparatus is provided for establishing a process for provisioning a digital certificate service delivered by a PKI system. The method includes receiving a request for a digital certificate service and receiving data specifying a project that includes at least one product to be provisioned with a digital certificate. Data specifying an identification of an owner organization of the project and at least one participant organization participating in the project is also received. Attributes with which PKI data to be included in the digital certificates is to comply is received from the owner organization. Based on the received data and attributes, an account is established for each of the organizations associated with the project through which users associated with each of the organizations can respectively request digital certificates for the at least one product in accordance with the attributes received from the owner organization.

摘要翻译： 提供了一种用于建立用于提供由PKI系统提供的数字证书服务的过程的方法和装置。 该方法包括接收对数字证书服务的请求，并且接收指定项目的数据，所述项目包括至少一个要被提供数字证书的产品。 还收到了指定项目所有者组织的标识和参与该项目的至少一个参与组织的数据。 从所有者组织收到要包含在数字证书中的PKI数据符合的属性。 根据接收到的数据和属性，为与项目相关联的每个组织建立一个帐户，通过该帐户，与每个组织相关联的用户可以根据从所有者接收的属性分别为至少一个产品请求数字证书 组织。