SYSTEM AND METHOD FOR VALIDATING SCEP CERTIFICATE ENROLLMENT REQUESTS

A system and method for validating SCEP certificate enrollment that enforces the pairing of a SCEP challenge password and a set of expected certificate request content. A SCEP Validation Service or software residing in another system component whether a certificate request is legitimate by comparing...

Full description

Saved in:
Bibliographic Details
Main Authors SHORTER, EDWARD, R, HARRIS, WAYNE, A, GALEHOUSE, GARY, A, TAMBASCIO, KEVIN, M
Format Patent
LanguageEnglish
French
German
Published 26.10.2016
Subjects
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
WIRELESS COMMUNICATIONS NETWORKS
Online AccessGet full text

Cover

More Information
Summary:A system and method for validating SCEP certificate enrollment that enforces the pairing of a SCEP challenge password and a set of expected certificate request content. A SCEP Validation Service or software residing in another system component whether a certificate request is legitimate by comparing it to registered SCEP challenges and associated expected certificate request content. This system and method addresses a privilege-escalation vulnerability in prior SCEP-based systems that could lead to a practical attack.
Bibliography:Application Number: EP20130874296