The invention relates generally to computer security systems employing cryptographic techniques to secure information, and more particularly to computer network security systems using cryptographic techniques that employ certificates.
In typical public key cryptography systems, digital signature key pairs, such as a private key and public key, are used to authenticate a digital signature of a subscriber using a software application in order to confirm the identity of the sender of the message. A subscriber may generally be for example a network computer node, a software application or user in the security system. In addition to digital signature key pairs, encryption key pairs are also generally used to encrypt the data being sent from one subscriber to another subscriber within the computer network. Certificates are generated by a manager server or a trusted certification authority for the public keys of the private/public key pair to certify that the keys are genuinely owned by a named subscriber. Standards, such as ISO 9594-8 available from the International Organization for standardization define typical certificate content.
Generally, each subscriber stores a certification authority public key to verify that the manager server issued the certificate. A public key certificate typically includes a user public key which is bound by the signature of the certification authority to the subscriber name and public key and other data including expiry data indicating the expiration date or period for the public key certificate. Each sender (subscriber) has a copy of its own certificate. To send an encrypted message, a sender may access a directory, such as an onboard client cache memory or other certificate storage medium to get a copy of an encryption certificate for a specified receiver. For a certificate to be considered valid, the digital signature must be valid and there must be no existing revocation of the certificate by the certification authority.
The public keys and certificates are used primarily for two main purposes: verifying a digital signature and encrypting information. The receiver of a digitally signed E-mail or document for example, uses the public key in the sender's certificate to verify the digital signature of the sender. A receiver validates the digital signature by reference to the received certificate.
In conventional cryptography based computer systems, the certification authority, referred to herein as the certificate issuing unit, typically issues one style of certificates that is the same for every subscriber and software application on the node. In such systems, the certificate contains conventional information. For example, such systems may issue a single style certificate that includes the public key information such as an encryption public key or signing public key, a user name, a certification authority signature based on the certification authority private key, and expiry period data of the certificate. However a problem arises with such systems because the certificate content is inflexible. For example, if a particular software application requires different privileges or higher security, the certificate issuing unit can only generate a standard certificate, irrespective of the differing requirements of the applications or the subscriber.
Other certificate management systems are known which afford some coarse level of certificate flexibility by generating a fixed number of predefined types of certificates. For example, a subscriber may request one type of certificate (type A) and may request another type of certificate (type B) for a different application, however, such systems do not typically offer flexibility within the certificates. Therefore, every type A certificate has the same type of data and every type B certificate has the same type of data.
Other certificate management systems are known which require an out of band communication where a certification authority creates a database in advance of subscribers connecting to the system, so that when a subscriber requests a certificate, the certification authority pulls an a priori defined and stored certificate for a selected subscriber. As with other certificate management systems, such systems typically do not offer flexibility within the certificates to allow a subscriber or application to specify flexible certificate content on an as-needed basis. As a result, limited flexibility is utilized throughout the security system and more efficient use of application or client capabilities are prevented.
In addition, some cryptography based security systems may utilize multiple certification authorities so that the subscriber may get certificates from two different certification authorities. In such systems, one certification authority may have a lower security quality level then the other. A problem arises if the multiple certificates contain the same information and the client cannot determine whether or not one certificate has a different security quality than another. Therefore it would be desirable to have a certificate security system that could validate variable certificates to determine which certificate may be appropriate based on different security quality or other certificate issuance criteria.
Consequently there exists a need for a certificate management system and method to allow a requesting application or subscriber to customize a certificate to more closely meet its needs, but within constraints imposed by the certification authority to maintain adequate security within the system. Such a certificate management system and method should facilitate variable certificate content specification by a subscriber and also issue variable content based certificates to facilitate customization of certificates within the system. A need also exists for a certificate management system and method that employs suitable validation of customized certificates to distinguish among differing certificate data.