主权项 |
1. A method, comprising:
sending, from an end entity to a service node, a certificate including a cryptographically-obscured identifier associated with the end entity, wherein the certificate is received by the end entity from a device management server that is separate from the end entity and the service node, wherein the service node uses both the certificate and the cryptographically-obscured identifier to authenticate the end entity at least in part by comparing the cryptographically-obscured identifier to a reference identifier and in response to the cryptographically-obscured identifier matching the reference identifier, the service node is configured to validate the certificate at least in part by communicating with a certificate authority, wherein the certificate authority reviews the validity of the certificate itself, wherein the service node is configured to deny the end entity with access to a service associated with the service node in the event the cryptographically-obscured identifier is validated and the certificate is not validated; and accessing, based at least in part on the authentication and the validation, the service associated with the service node. |