Abstract: A system for enhanced public key infrastructure is provided. The system includes a computer device. The computer device is programmed to receive a digital certificate including a composite signature field including a plurality of signatures. The plurality of signatures include at least a first signature and a second signature. The computer device is also programmed to retrieve, from the digital certificate, a first key associated with the first signature from the digital certificate. The computer device is further programmed to retrieve the first signature from the composite signature field. In addition, the at least one computer device is programmed to validate the first signature using the first key.

Abstract: A system for enhanced internet of things digital certificate security is provided. The system includes a computer device. The computer device is programmed to store, in a database, a plurality of statuses associated with a plurality of digital certificates. The computer device is also programmed to receive, from a first computer device, a status update for the first digital certificate. The computer device is further programmed to update the first status based on the status update. Subsequently to updating the first status, the computer device is programmed to receive a request for a connection from the first device. Subsequently to updating the first status, the computer device is also programmed to deny the request for a connection based on the first status.

Abstract: A certificate re-provisioning (CREP) protocol allows a client device to communicate with a provisioning server and be automatically provisioned, or re-provisioned, with needed credentials without the client device being aware of which credentials it needs. The CREP protocol uses a slot configuration template that defines which credentials are installed on the client device and the provisioning server responds with actions to provision the client device according to a client target configuration stored at the server.

Abstract: A method for registering and provisioning an electronic device is provided. The method includes a step of inserting a first keypair into a secure element of the electronic device. The first keypair includes a public key and a private key. The method further includes a step of requesting, from a remote server configured to register and provision connected devices, a provisioning of credentials of the electronic device. The method further includes a step of verifying, by the remote server, the electronic device credentials. The method further includes a step of registering, by the remote server, the electronic device. The method further includes a step of transmitting, from the remote server to the electronic device, a device certificate. The method further includes steps of installing the transmitted device certificate within the secure element of the electronic device, and provisioning the electronic device according to the installed device certificate.

Abstract: A method is provided for automating management of automatic renewal of a public key infrastructure (PKI) certificate issued by a certificate authority (CA) for a subscriber. The method includes steps of causing the subscriber to (i) transmit a first alert to a management entity for initiating renewal of the PKI certificate, and (ii) transmit a certificate signing request (CSR) to a registration authority (RA) for issuance of a renewal certificate. The method further includes steps of (iii) transmitting, from the RA to the CA, the CSR signed by the RA, (iv) receiving, at the RA from the CA, an issued renewal certificate signed by the CA, (v) sending, from the RA to the subscriber, the issued renewal certificate signed by the CA, and (vi) causing the subscriber to transmit a second alert to a management entity indicating renewal of the PKI certificate.

Abstract: A method for registering and provisioning an electronic device is provided. The method includes a step of inserting a first keypair into a secure element of the electronic device. The first keypair includes a public key and a private key. The method further includes a step of requesting, from a server configured to register and provision connected devices, a provisioning of credentials of the electronic device. The method further includes a step of verifying, by the server, the electronic device credentials. The method further includes a step of registering, by the server, the electronic device. The method further includes a step of transmitting, from the server to the electronic device, a device certificate. The method further includes steps of installing the transmitted device certificate within the secure element of the electronic device, and provisioning the electronic device according to the installed device certificate.

Abstract: A client access network includes a cluster of servers. The cluster of servers includes a boot node, an administrator node, a computing node, and a storage node. The client access network further includes a plurality of segregated subnetworks. The plurality of segregated subnetworks includes a boot subnetwork, an administration subnetwork, a public subnetwork, and a private subnetwork. The client access network further includes at least one hardware security module, a dedicated subnet in operable communication with the at least one hardware security module and each of the plurality of segregated subnetworks, and a router in operable communication with the at least one hardware security module and each of the cluster of servers. The router is further configured to route traffic among the plurality of segregated subnetworks and the dedicated subnet.

Abstract: A method for registering and provisioning an electronic device is provided. The method includes a step of inserting a first keypair into a secure element of the electronic device. The first keypair includes a public key and a private key. The method further includes a step of requesting, from a server configured to register and provision connected devices, a provisioning of credentials of the electronic device. The method further includes a step of verifying, by the server, the electronic device credentials. The method further includes a step of registering, by the server, the electronic device. The method further includes a step of transmitting, from the server to the electronic device, a device certificate. The method further includes steps of installing the transmitted device certificate within the secure element of the electronic device, and provisioning the electronic device according to the installed device certificate.

Abstract: A security event management system for an electronic connected network includes a public key infrastructure subsystem configured to generate a security ID for a connected device accessing the network, a digital ledger, a trigger list in operable communication with the digital ledger, and an event manager configured to (i) subscribe to the trigger list by defining at least one reportable event of which the trigger list is to advise the event manager, and (ii) receive a notification from the trigger list upon validation of the at least one reportable event behind the digital ledger.

Abstract: A method for registering and provisioning an electronic device is provided. The method includes a step of inserting a first keypair into a secure element of the electronic device. The first keypair includes a public key and a private key. The method further includes a step of requesting, from a remote server configured to register and provision connected devices, a provisioning of credentials of the electronic device. The method further includes a step of verifying, by the remote server, the electronic device credentials. The method further includes a step of registering, by the remote server, the electronic device. The method further includes a step of transmitting, from the remote server to the electronic device, a device certificate. The method further includes steps of installing the transmitted device certificate within the secure element of the electronic device, and provisioning the electronic device according to the installed device certificate.

Abstract: A network device for maintaining a communication network is provided. The network device includes a transceiver configured for operable communication with at least one device. The network device also includes a processor including a memory configured to store computer-executable instructions. When executed by the processor the instructions cause the network device to store a plurality of network capabilities associated with a plurality of connectivity categories and a plurality of network settings, receive, from a first device, a connectivity advertisement including at least one connectivity category for the first device, retrieve a subset of the plurality of network capabilities based on the at least one connectivity category, determine one or more network settings for the network device based on the at least one connectivity category for the first device and the subset of network capabilities, and implement the one or more network setting on the network device.

Abstract: A system for enhanced public key infrastructure is provided. The system includes a computer device. The computer device is programmed to receive a digital certificate including a composite signature field including a plurality of signatures. The plurality of signatures include at least a first signature and a second signature. The computer device is also programmed to retrieve, from the digital certificate, a first key associated with the first signature from the digital certificate. The computer device is further programmed to retrieve the first signature from the composite signature field. In addition, the at least one computer device is programmed to validate the first signature using the first key.

Abstract: A system for enhanced public key infrastructure is provided. The system includes a computer device. The computer device is programmed to receive a digital certificate including a composite signature field including a plurality of signatures. The plurality of signatures includes at least a first signature and a second signature. The computer device is also programmed to retrieve, from the digital certificate, a first key associated with the first signature from the digital certificate. The computer device is further programmed to retrieve the first signature from the composite signature field. In addition, the at least one computer device is programmed to validate the first signature using the first key.

Abstract: A system for monitoring the status of digital certificates is provided. The system includes a responder computer device. The responder computer device is programmed to store, in a database, a plurality of statuses associated with a plurality of digital certificates. The responder computer device is also programmed to receive, from a first computer device, a request message including an identifier of a target certificate. The responder computer device is further programmed to query the database to retrieve status information about the target certificate. In addition, the responder computer device is programmed to generate a response message based on the retrieved status information. Moreover, the responder computer device is programmed to transmit the response message to the first computer device.

Abstract: A method for registering and provisioning an electronic device is provided. The method includes a step of inserting a first keypair into a secure element of the electronic device. The first keypair includes a public key and a private key. The method further includes a step of requesting, from a server configured to register and provision connected devices, a provisioning of credentials of the electronic device. The method further includes a step of verifying, by the server, the electronic device credentials. The method further includes a step of registering, by the server, the electronic device. The method further includes a step of transmitting, from the server to the electronic device, a device certificate. The method further includes steps of installing the transmitted device certificate within the secure element of the electronic device, and provisioning the electronic device according to the installed device certificate.

Abstract: A server is provided for managing access of an electronic entity to a communications network. The server includes a contact point in operable communication with the electronic entity. The contact point is configured to receive a network access granting request message from the electronic entity. The server further includes a processing module, configured to process the received network access granting request message, validate trust indicators contained within the network access granting request message, authorize access of the electronic entity to the network upon validation of the trust indicators, and transmit a response message to the electronic entity indicating a level of access to the network that has been authorized.

Abstract: A system for enhanced internet of things digital certificate security is provided. The system includes a computer device. The computer device is programmed to store, in a database, a plurality of statuses associated with a plurality of digital certificates. The computer device is also programmed to receive, from a first computer device, a status update for the first digital certificate. The computer device is further programmed to update the first status based on the status update. Subsequently to updating the first status, the computer device is programmed to receive a request for a connection from the first device. Subsequently to updating the first status, the computer device is also programmed to deny the request for a connection based on the first status.

Abstract: A system for provisioning a device is provided. The system includes a computer device. The computer device is programmed to receive, from a user equipment, a connection request via a layer two connection. The computer device is also programmed to accept the connection request. The computer device is further programmed to receive, from the user equipment, a certificate request via the layer two connection. Additionally, the computer device is programmed to determine a destination for the certificate request, and to route the certificate request to the destination.

Abstract: A system for monitoring the status of digital certificates is provided. The system includes a responder computer device. The responder computer device is programmed to store, in a database, a plurality of statuses associated with a plurality of digital certificates. The responder computer device is further programmed to receive, from a first computer device, a request message including an identifier of a target certificate. The responder computer device is further programmed to query the database to retrieve status information about the target certificate, generate a response message based on the retrieved status information, and transmit the response message to the first computer device.

Abstract: A method is provided for automating management of automatic renewal of a public key infrastructure (PM) certificate issued by a certificate authority (CA) for a subscriber. The method includes steps of causing the subscriber to (i) transmit a first alert to a management entity for initiating renewal of the PKI certificate, and (ii) transmit a certificate signing request (CSR) to a registration authority (RA) for issuance of a renewal certificate. The method further includes steps of (iii) transmitting, from the RA to the CA, the CSR signed by the RA, (iv) receiving, at the RA from the CA, an issued renewal certificate signed by the CA, (v) sending, from the RA to the subscriber, the issued renewal certificate signed by the CA, and (vi) causing the subscriber to transmit a second alert to a management entity indicating renewal of the PM certificate.