Tenant based signature validation

摘要

Methods and systems are provided for validating a signature in a multi-tenant environment. A server or other computing device that is part of a distributed network may request a certificate collection from an identified tenant store. The requested certificate collection may be loaded in a virtual store that is accessible by the server or other computing device. The sever or other computing device may then access one or more certificates from the virtual store to validate a signature.

主权项

1. A method for validating a custom signature, the method comprising:
receiving, at a first server in a distributed network, a first request from a first client to validate a first signing certificate of a first user of a first message received by the first client wherein the first user sent the first message, and wherein the first signing certificate is from the first user of a first tenant; identifying, by the first server, the first tenant that relates to the first signing certificate from a plurality of tenants in response to the first request; accessing over the network, by the first server, a first tenant certificate collection from a first private tenant store on the distributed network after identifying the first tenant, wherein the first private tenant store is separate from the first tenant and the first server; loading, on the first server, the first tenant certificate collection from the first private tenant store as a first tenant virtual store upon receiving access to the first private tenant store; and performing validation of the first signing certificate using the first tenant virtual store by:
identifying the first user of the first tenant;identifying certificate requirements for the identified first user listed within the first tenant certificate collection on the first tenant virtual store; anddetermining if the first signing certificate meets the certificate requirements of the first user.