최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0367198 (2012-02-06) |
등록번호 | US-9336359 (2016-05-10) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 471 |
A method of generating a device certificate. A method of generating a device certificate comprising, constructing a device certificate challenge at a device, sending information to a device certificate individualization server in response to the device certificate challenge, validating the device ce
A method of generating a device certificate. A method of generating a device certificate comprising, constructing a device certificate challenge at a device, sending information to a device certificate individualization server in response to the device certificate challenge, validating the device certificate challenge by the device certificate individualization server, and validating the device certificate response by the device.
1. One or more computer-readable memory devices or storage devices storing instructions which, when executed by one or more processing units, cause the one or more processing units to: access an instance of a device certificate template, wherein the device certificate template is shared by a plurali
1. One or more computer-readable memory devices or storage devices storing instructions which, when executed by one or more processing units, cause the one or more processing units to: access an instance of a device certificate template, wherein the device certificate template is shared by a plurality of devices of a product line and the device certificate template includes product line characteristics of the plurality of devices of the product line; anduse the instance of the device certificate template and information specific to an individual device of the plurality of devices to obtain a device certificate for the individual device, wherein the information specific to the individual device distinguishes the individual device from other devices of the product line,wherein the device certificate that is obtained using the instance of the device certificate template and the information specific to the individual device enables the individual device to access protected content, andwherein the device certificate template provides a chain of trust structure linking a first certificate associated with a manufacturer of the individual device to a second certificate associated with a certificate authority. 2. The one or more computer-readable memory devices or storage devices of claim 1, the stored instructions further causing the processor to: access another instance of the device certificate template; anduse the another instance of the device certificate template and other information specific to another individual device of the plurality of devices to obtain another device certificate for the another individual device,wherein the instance of the device certificate template and the another instance of the device certificate template are identical, the information and the other information are different, and the device certificate and the another device certificate are different. 3. The one or more computer-readable memory devices or storage devices of claim 1, wherein the instance of the device certificate template is stored on the individual device when accessed and the using comprises: sending the instance of the device certificate template and the information specific to the individual device to another device that creates the device certificate for the individual device; andreceiving the device certificate from the another device. 4. The one or more computer-readable memory devices or storage devices of claim 3, wherein the product line characteristics included in the device certificate template comprise device features of the plurality of devices of the product line that distinguish the plurality of devices of the product line from another product line having different device features. 5. The one or more computer-readable memory devices or storage devices of claim 4, wherein the first certificate is a device authorization certificate and the second certificate is an authorization root certificate. 6. The one or more computer-readable memory devices or storage devices of claim 4, the stored instructions further causing the processor to: create a challenge comprising the instance of the device certificate template, the information specific to the individual device, and a public key;send the challenge to the another device; andstore a private key corresponding to the public key on the individual device. 7. The one or more computer-readable memory devices or storage devices of claim 6, the stored instructions further causing the processor to: receive the device certificate from the another device in an encrypted form; anddecrypt the device certificate using the private key. 8. A computing device comprising: one or more processing units; andone or more memory devices or storage devices storing instructions which, when executed by the one or more processing units, cause the one or more processing units to: access a device certificate template for a product line, wherein the computing device is one of a plurality of devices of the product line and the device certificate template identifies one or more device features that are common to the plurality of devices of the product line; anduse the device certificate template and information specific to the computing device to obtain a device certificate for the computing device,wherein: the device certificate enables the computing device to access protected content,the device certificate template comprises another certificate associated with a manufacturer of the plurality of computing devices of the product line, andthe one or more device features included in the device certificate template distinguish the product line from at least some other product lines. 9. The computing device of claim 8, wherein the device certificate template comprises an authorization root certificate associated with a certificate authority. 10. A system comprising the computing device of claim 8 and a server configured to create the device certificate based on the device certificate template and the information specific to the computing device and send the device certificate to the computing device. 11. The system of claim 10, wherein the server is further configured to: create the device certificate by filling in sections of the device certificate template with the information specific to the computing device;create another device certificate for another computing device of the product line by filling in the sections of the device certificate template with other information specific to the another computing device; andsend the another device certificate to the another computing device. 12. The computing device of claim 8, wherein the one or more device features identified by the device certificate template include a model identifier shared by each of the plurality of devices of the product line. 13. The computing device of claim 12, wherein the information specific to the computing device comprises a serial number of the computing device. 14. The computing device of claim 13, wherein the another certificate is a device authorization certificate. 15. The computing device of claim 8, wherein the device certificate template comprises a partial chain of trust that is completed by the device certificate. 16. The computing device of claim 8, wherein the instructions further cause the one or more processing units to: generate a key pair comprising a public key and a private key;store the private key on the computing device;send the public key, the device certificate template, and the information specific to the computing device to another computing device that creates the device certificate and encrypts the device certificate using the public key;receive the device certificate from the another computing device in encrypted form; anddecrypt the device certificate using the private key. 17. A method performed by at least one computer processing unit, the method comprising: populating a device certificate template to obtain a populated device certificate template comprising: information common to a plurality of computing devices of a product line,an authorization certificate associated with a manufacturer of the plurality of computing devices of the product line, andan authorization root certificate associated with a certificate authority, wherein the plurality of computing devices have stored thereon different identifiers;receiving, from the plurality of computing devices, the different identifiers; andusing the populated device certificate template and the different identifiers to create a plurality of individualized device certificates for the plurality of computing devices responsive to receiving the different identifiers. 18. The method of claim 17, further comprising: populating the device certificate template with a group certificate associated with the product line to obtain the populated device certificate template. 19. The method of claim 17, further comprising: receiving a public key from a first computing device of the product line;encrypting a first individualized device certificate with the public key; andsending the encrypted first individualized device certificate to the first computing device. 20. The method of claim 17, further comprising: receiving different template instances of the populated device template from the plurality of computing devices, the different template instances having corresponding template signatures; andverifying the template signatures prior to creating the plurality of individualized device certificates. 21. The method of claim 20, further comprising: receiving the different template instances in device certificate challenges having the different identifiers and challenge signatures; andverifying the challenge signatures prior to creating the plurality of individualized device certificates. 22. The method of claim 17, wherein the plurality of computing devices are provided to users with the populated device template stored thereon. 23. The method of claim 17, wherein the authorization certificate contains authorization from the certificate authority to the manufacturer to produce the plurality of individualized device certificates.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.