You’re using a public version of DrugPatentWatch with 5 free searches available | Register to unlock more free searches. CREATE FREE ACCOUNT

Last Updated: April 18, 2024

Details for Patent: 9,729,321


✉ Email this page to a colleague

« Back to Dashboard


Title:Autonomous private key recovery
Abstract: Approaches described herein allow a stateless device to recover at least one private key. In particular, a stateless device can provide service-account credentials to a directory service to establish a first session and acquire a certificate and private key using information associated with the stateless device. The stateless device can store its private key before the first session ends. A stateless device can then provide user-account credentials to the directory service to establish a second session. After the second session begins, a private key can be acquired by the stateless device.
Inventor(s): Mayers; Christopher Morgan (Histon, GB)
Assignee: CITRIX SYSTEMS, INC. (Fort Lauderdale, FL)
Filing Date:Apr 29, 2015
Application Number:14/699,712
Claims:1. A device having one or more processors, the device comprising: a memory configured to store account credentials; and a stateless machine comprising one or more certificate-using services and a certificate distributor that is configured to: provide a directory service with the account credentials associated with the one or more certificate-using services for establishing a first session; acquire a certificate and a private key using the account credentials and information associated with the stateless machine; store the private key in the directory service before the first session ends; provide the directory service with user-account credentials for establishing a second session, wherein the user-account credentials are associated with a device hosting the stateless machine; and acquire the private key, using credential roaming, after the second session begins.

2. The device of claim 1, wherein the account credentials are provided to log on to a domain that includes the directory service.

3. The device of claim 1, wherein the user-account credentials are provided to log on to a domain that includes the directory service.

4. The device of claim 1, wherein the private key is stored in the directory service using a credential roaming mechanism, and wherein the private key is acquired after the second session begins using the credential roaming mechanism.

5. The device of claim 1, wherein the certificate distributor is included in the stateless machine.

6. The device of claim 1, wherein the memory configured to store account credentials is persistent.

7. The device of claim 1, wherein the certificate distributor is further configured to receive the private key before an autoenrollment mechanism is executed on the certificate distributor.

8. A method for recovering a private key, the method being performed by one or more processors associated with a stateless machine and comprising: providing a directory service with account credentials associated with one or more certificate-using services of the stateless machine for establishing a first session; acquiring a certificate and a private key using the account credentials and information associated with the stateless machine; storing the private key in the directory service before the first session ends; providing the directory service with user-account credentials for establishing a second session, wherein the user-account credentials are associated with a device hosting the stateless machine; and acquiring the private key, using credential roaming, after the second session begins.

9. The method of claim 8, wherein the account credentials are provided to log on to a domain that includes the directory service.

10. The method of claim 8, wherein the user-account credentials are provided to log on to a domain that includes the directory service.

11. The method of claim 8, wherein the private key is stored in the directory service using a credential roaming mechanism, and wherein the private key is acquired after the second session begins using the credential roaming mechanism.

12. The method of claim 8, wherein providing the directory service with account credentials is performed by a certificate distributor included in the stateless machine.

13. The method of claim 8, wherein memory is configured to store account credentials and is persistent.

14. The method of claim 8, wherein a certificate distributor is configured to receive the private key before an autoenrollment mechanism is executed on the certificate distributor.

15. A nontransitory computer readable storage medium storing a set of instructions that are executable by at least one processor associated with a stateless machine, to cause the stateless machine to perform a method for recovering a private key, the method comprising: providing a directory service with account credentials associated with the one or more certificate-using services of the stateless machine for establishing a first session; acquiring a certificate and a private key using the account credentials and information associated with the stateless machine; storing the private key in the directory service before the first session ends; providing the directory service with user-account credentials for establishing a second session, wherein the user-account credentials are associated with a device hosting the stateless machine; and acquiring the private key, using credential roaming, after the second session begins.

16. The nontransitory computer readable storage medium of claim 15, wherein the account credentials are provided to log on to a domain that includes the directory service.

17. The nontransitory computer readable storage medium of claim 15, wherein the user-account credentials are provided to log on to a domain that includes the directory service.

18. The nontransitory computer readable storage medium of claim 15, wherein the private key is stored in the directory service using a credential roaming mechanism, and wherein the private key is acquired after the second session begins using the credential roaming mechanism.

19. The nontransitory computer readable storage medium of claim 15, wherein memory configured to store account credentials is persistent.

20. The nontransitory computer readable storage medium of claim 15, wherein a certificate distributor of the stateless machine is configured to receive the private key before an autoenrollment mechanism is executed on the certificate distributor.

Make Better Decisions: Try a trial or see plans & pricing

Drugs may be covered by multiple patents or regulatory protections. All trademarks and applicant names are the property of their respective owners or licensors. Although great care is taken in the proper and correct provision of this service, thinkBiotech LLC does not accept any responsibility for possible consequences of errors or omissions in the provided data. The data presented herein is for information purposes only. There is no warranty that the data contained herein is error free. thinkBiotech performs no independent verification of facts as provided by public sources nor are attempts made to provide legal or investing advice. Any reliance on data provided herein is done solely at the discretion of the user. Users of this service are advised to seek professional advice and independent confirmation before considering acting on any of the provided information. thinkBiotech LLC reserves the right to amend, extend or withdraw any part or all of the offered service without notice.

 
© Copyright 2002-2024 thinkBiotech LLC
ISSN: 2162-2639
Secure SSL Encrypted
Privacy and Cookies
Terms & Conditions
Site Map
DrugPatentWatch Alternatives
LOE / Major Patent Expirations 2024 - 2025
 NCE-1 Patent Challenge Dates 2024 - 2025
 Trigger-based marketing for the life sciences
 Get DrugPatentWatch Business Intelligence Reports at Amazon.com
 DrugChatter - AI-based answers to questions about drugs
 RxJam - HIPAA-ready chat for life sciences
Preferred Citation:

Friedman, Yali. "DrugPatentWatch" DrugPatentWatch, thinkBiotech, 2024, www.DrugPatentWatch.com.
   See Primary Research Papers Citing DrugPatentWatch

Links

Follow DrugPatentWatch:

  DrugPatentWatch Linkedin Group