Distributed certificate verification method

A verification method and distributed technology, applied in the field of IT information security, can solve problems such as the absence of certificate serial numbers, reduced system performance, and difficulty in deploying PKI systems, to ensure integrity and authority, and reduce data traffic.

Active Publication Date: 2004-12-29
上海市财政税务信息中心 +1
View PDF0 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] 3. Confirm that the certificate serial number of the user certificate is not in the CRL (certificate revocation list) issued by the CA center (digital certificate certification center);
[0009] In the PKI system, the application of certificates is extremely extensive, and each end entity that uses a certificate has the need to verify the validity of the certificate. For end entities in the same local area network, the network between the public knowledge base of the CA The traffic is undoubtedly relativel

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed certificate verification method
  • Distributed certificate verification method
  • Distributed certificate verification method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Such as figure 1 Shown, combined with the content of the method of the present invention, specific embodiments are provided. The distributed certificate verification server 1 used in the embodiment of the present invention can be deployed in a local area network composed of external application systems such as application servers 3 , workstations 4 , and personal computers 5 , and is bidirectionally connected with the CA server 2 . The distributed certificate verification server 1 can be connected to the Internet, while the above-mentioned application server 3, workstation 4, and personal computer 5 are not directly connected to the Internet.

[0036] Such as figure 2 As shown, the distributed certificate verification server of the method embodiment of the present invention includes the following functional modules:

[0037] The first layer is the service module connected with the external system: system data regular update service, WEB user service, customer applica...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A distributed certificate verification method realized through the following steps, establishing a distributed checking server, configuring CA certificate, CRL address needed to be downloaded and downloading time, configuring system network, the distributed checking server automatically downloading from CA knowledge library and refreshing CRL in predetermined time or based on the time range stipulated in the CRL, in the terminal real application, revising connections for obtaining CRL redirecting them to the distributed checking server, the distributed checking server obtaining the corresponding CRL, the application unit proceeding certificate checking by using the CRL obtained from the distributed checking server.

Description

technical field [0001] The invention relates to a digital certificate authentication method, in particular to a distributed certificate authentication method. It belongs to the field of IT information security. Background technique [0002] With the rapid development of information technology today, network digital security has become an increasingly important and unavoidable network technology topic; PKI technology (public key infrastructure) is the core component of basic network security. In the PKI system, verifying digital The identity of the certificate holder is a very frequently used application in the PKI system, which can identify the user's identity in the network. [0003] The process of the application system verifying the identity of the digital certificate holder is actually verifying the digital certificate and the digital signature of the certificate. The principle and process of verifying the digital signature are described in detail in the PKCS1 and PKCS7...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/30H04L9/32
Inventor 何国锋吴云飞张伟鹏马正文陈荦祺俞桂平冯晔郑枫
Owner 上海市财政税务信息中心
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap