Described below is a method for certificate-based authentication in which a first subscriber authenticates itself to a second subscriber with the aid of a digital certificate assigned to the first subscriber.
Digital certificates are well known. They contain the identity of an entity in the form of a person or institution or machine for which the certificate has been issued. Here and in the following, the concept of a subscriber to which a certificate can be assigned is used. In this context, a subscriber can be a computer or a machine for which the certificate has been issued. A subscriber can also refer to a computer or a machine which manages the certificate for a person or institution. The certificate is assigned to the computer or the machine by the responsibility for the certificate management.
A certificate contains a public key for the corresponding entity and the owner of the certificate can be confirmed by a digital signature in the certificate. In this context, the digital signature is calculated by a certificate authority. A root certificate from this authority or a certificate chain to the root certificate can be used to verify the signature as valid. A digital certificate can contain additional encrypted information in the form of so-called attributes which can be used to define authorizations for the user of the certificate or restrictions on the use of the certificate. For example, it is known, how to use an attribute to restrict the certificate or the cryptographic key confirmed by the certificate to certain types of communications or communication protocols only. It is also known how to restrict the geographic validity of a certificate so that, in the course of an authentication, the certificate can only be used by subscribers in a predetermined geographical area.
Also known is how to encrypt WLAN network names in a certificate as certificate extensions in order in this way to select a suitable certificate from a plurality of certificates held by the subscriber which is authenticating itself.
In addition, the encryption of authorization information is described in certificates. This authorization information is used to define the accesses that may be effected by the subscriber authenticated by the certificate. It is also known how to encrypt role information in certificates in order to simplify the administration of authorized accesses to a plurality of subscribers. In this context, a subscriber is granted or refused access to another subscriber in dependence on the role stored in the certificate.
Although known certificate extensions permit a restriction of the use of the certificate, they do not permit the definition of dedicated communication connections between two communication partners which are to have exclusive use of the certificate.