In many systems such as in network systems there may be a need for secure identification of devices. Such an identification may be effected by means of digital certificates. These may for example be type-specific certificates, where all devices of a particular type or series own the same certificate generated by the device manufacturer (and the same private key to it), which they can use to identify themselves as a device of this series.
Another possibility is to provide each device with an individual private key and its own digital certificate. This allows the device to be identified as a specific device with a unique serial number. Besides, an attacker who succeeds in gaining knowledge of the private key of a device can misuse only the certificate of this one device. This certificate can then be easily revoked. Other devices of the series are not affected either by the misuse or by the revocation of the certificate. Such device certificates, which are normally incorporated in the device as early as during production, may have a relatively long period of validity (equaling e.g. the service life of the device itself) and may be used as a trust anchor for rolling out (bootstrapping) further, mostly short-term certificates for everyday use.
Alternatively or additionally to such a manufacturer's device certificate the end user may also have an interest in incorporating in the device a permanent device certificate (customer's device certificate) from his own Certification Authority (CA), for example in order to securely store additional information therein and/or in order to have a trust anchor in the device which is independent of the manufacturer. Since it may be the case that the customer is not yet known at the time the device is being produced, and order and sale processes do not take place until production of the device has been completed and the device is waiting in the warehouse ready for delivery, the manufacturer may have to take suitable precautions as early as during manufacture in order to make it possible for his customer to incorporate a customer-specific device certificate. At the same time the manufacturer might like to have an overview of certificates incorporated in the device by the rightful owner of a device. In particular his customer-specific certificates may be incorporated, for example. Furthermore, on the part of the customer it may be desirable to have a self-incorporated certificate verified and/or protected by an external source.
Against this background it is a requirement of the present invention to allow secure customer device certificates to be used on devices.