公开(公告)号：US12107970B2

公开(公告)日：2024-10-01

申请号：US17197886

申请日：2021-03-10

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Madhusudan Pai ,  Bharatram Setti

IPC: H04L9/32 ,  H04L9/08 ,  H04L67/01

CPC classification number: H04L9/3263 ,  H04L9/0825 ,  H04L9/3247 ,  H04L67/01

Abstract: A process for establishing a future 2-way authentication between a client application and an application server. In operation, an OIDC server receives a request from the client application to establish a secure connection from the client application. The request includes a certificate generated using a public-private key pair associated with the client application or a user, and authentication credentials associated with the client application or the user. The OIDC server establishes that the authentication credentials are valid, and provisions a cryptographic identifier of the certificate associated with the request to a list of trusted certificates. The OIDC server then provides one or more application servers with access to the list of trusted certificates to enable the application servers to authenticate the client application based on verifying that cryptographic identifier of the certificate presented by the client application is provisioned into the list of trusted certificates.

公开(公告)号：US11824972B2

公开(公告)日：2023-11-21

申请号：US17450891

申请日：2021-10-14

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Madhusudan Pai ,  Rajendra Anthony ,  Bharatram Setti ,  Ramu Kandula

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30 ,  G06F21/57 ,  H04L9/32

CPC classification number: H04L9/0825 ,  G06F21/575 ,  H04L9/3073 ,  H04L9/3213 ,  H04L9/3268 ,  G06F2221/034

Abstract: A system and process for onboarding client devices to a key management server. In operation, a device generates an asymmetric key pair including a public key and a private key. The device obtains an access token from an identity management server after successfully authenticating with the identity management server. The device transmits a request including the access token and the public key to the key management server to onboard the client device. The device receives a response including encrypted bootstrap information from the key management server. The bootstrap information included in the response is encrypted using the public key of the asymmetric key pair. The device decrypts the encrypted bootstrap information using the private key of the asymmetric key pair to obtain the bootstrap information and then uses the bootstrap information for encrypting communications transmitted to the key management server or for decrypting communications received from the key management server.