公开(公告)号：US09246889B2

公开(公告)日：2016-01-26

申请号：US12854925

申请日：2010-08-12

申请人： Chia Ling Tsai ,  Alexander Medvinsky ,  Xin Qiu ,  Kyle W. Stewart ,  Fan Wang

发明人： Chia Ling Tsai ,  Alexander Medvinsky ,  Xin Qiu ,  Kyle W. Stewart ,  Fan Wang

IPC分类号： H04L29/06 ,  H04L9/00 ,  H04L9/08 ,  H04L9/32 ,  G06F21/62 ,  G06F21/64

CPC分类号： H04L63/045 ,  G06F21/6218 ,  G06F21/64 ,  H04L9/006 ,  H04L9/0825 ,  H04L9/3234 ,  H04L9/3265 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/123 ,  H04L2463/062

摘要： A method is provided for securely delivering identity data units over a communications network to a client device. The method includes receiving a selection from a customer identifying a final zipped package to be unpacked. The final zipped package is unpacked to obtain a common package and a digital signature file signed by an entity generating identity data requested by the customer. The digital signature in the digital signature file is verified and the common package is unpacked to obtain a plurality of outer packages and an encrypted symmetric key. The symmetric key is decrypted with a private key associated with the customer and each of the outer packages is decrypted with the symmetric key to obtain a plurality of identity data units.

摘要翻译： 提供了一种用于通过通信网络将身份数据单元安全地传送到客户端设备的方法。 该方法包括从客户接收标识要解包的最终压缩包的选择。 最后的压缩包解包以获得由生成客户请求的身份数据的实体签名的公用包和数字签名文件。 验证数字签名文件中的数字签名，并解压缩公用包以获得多个外包和加密对称密钥。 对称密钥用与客户相关联的私钥解密，并且每个外部包被对称密钥解密以获得多个身份数据单元。

公开(公告)号：US20110213957A1

公开(公告)日：2011-09-01

申请号：US12854925

申请日：2010-08-12

申请人： Chia Ling Tsai ,  Alexander Medvinsky ,  Xin Qiu ,  Kyle W. Stewart ,  Fan Wang

发明人： Chia Ling Tsai ,  Alexander Medvinsky ,  Xin Qiu ,  Kyle W. Stewart ,  Fan Wang

IPC分类号： H04L9/14

CPC分类号： H04L63/045 ,  G06F21/6218 ,  G06F21/64 ,  H04L9/006 ,  H04L9/0825 ,  H04L9/3234 ,  H04L9/3265 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/123 ,  H04L2463/062

摘要： A method is provided for securely delivering identity data units over a communications network to a client device. The method includes receiving a selection from a customer identifying a final zipped package to be unpacked. The final zipped package is unpacked to obtain a common package and a digital signature file signed by an entity generating identity data requested by the customer. The digital signature in the digital signature file is verified and the common package is unpacked to obtain a plurality of outer packages and an encrypted symmetric key. The symmetric key is decrypted with a private key associated with the customer and each of the outer packages is decrypted with the symmetric key to obtain a plurality of identity data units.

摘要翻译： 提供了一种用于通过通信网络将身份数据单元安全地传送到客户端设备的方法。 该方法包括从客户接收标识要解包的最终压缩包的选择。 最后的压缩包解包以获得由生成客户请求的身份数据的实体签名的公用包和数字签名文件。 验证数字签名文件中的数字签名，并解压缩公用包以获得多个外包和加密对称密钥。 对称密钥用与客户相关联的私钥解密，并且每个外部包被对称密钥解密以获得多个身份数据单元。

公开(公告)号：US20110197061A1

公开(公告)日：2011-08-11

申请号：US12854920

申请日：2010-08-12

申请人： Wei Lin Chou ,  Thomas J. Barbour ,  Liqiang Chen ,  Ying Chen ,  Christopher P. Gardner ,  Jiajing Liu ,  Oscar Jiang ,  Xin Qiu ,  Kyle W. Stewart ,  Chia Ling Tsai ,  Fan Wang ,  Ting Yao

发明人： Wei Lin Chou ,  Thomas J. Barbour ,  Liqiang Chen ,  Ying Chen ,  Christopher P. Gardner ,  Jiajing Liu ,  Oscar Jiang ,  Xin Qiu ,  Kyle W. Stewart ,  Chia Ling Tsai ,  Fan Wang ,  Ting Yao

IPC分类号： H04L29/06

CPC分类号： H04L9/006 ,  H04L9/3265

摘要： A method and apparatus is provided for establishing a process for provisioning a digital certificate service delivered by a PKI system. The method includes receiving a request for a digital certificate service and receiving data specifying a project that includes at least one product to be provisioned with a digital certificate. Data specifying an identification of an owner organization of the project and at least one participant organization participating in the project is also received. Attributes with which PKI data to be included in the digital certificates is to comply is received from the owner organization. Based on the received data and attributes, an account is established for each of the organizations associated with the project through which users associated with each of the organizations can respectively request digital certificates for the at least one product in accordance with the attributes received from the owner organization.

摘要翻译： 提供了一种用于建立用于提供由PKI系统提供的数字证书服务的过程的方法和装置。 该方法包括接收对数字证书服务的请求，并且接收指定项目的数据，所述项目包括至少一个要被提供数字证书的产品。 还收到了指定项目所有者组织的标识和参与该项目的至少一个参与组织的数据。 从所有者组织收到要包含在数字证书中的PKI数据符合的属性。 根据接收到的数据和属性，为与项目相关联的每个组织建立一个帐户，通过该帐户，与每个组织相关联的用户可以根据从所有者接收的属性分别为至少一个产品请求数字证书 组织。