| 主权项 |
1. A method of managing a certificate grant list, the method being performed by a network device and comprising:
providing, by the network device to a client device, a client-device certificate allowing the client device access to a secure service provided by the network device; signing the client-device certificate using a base media access control (MAC) address of the network device; storing, in a certificate grant list in a memory of the network device, a hash value associated with (i) the client-device certificate, and (ii) the base MAC address of the network device; receiving a request, from the client device, for access to the secure service, the request including at least one of an application specific universal unique identifier (UUID), an application name, a certificate serial number, or a certificate grant date associated with the client device; generating a hash value utilizing the received request and the base MAC address of the network device; comparing the generated hash value with the hash value stored in the certificate grant list; if the generated hash value matches the stored hash value, permitting access to the secure service; and if the generated hash value does not match the stored hash value, denying access to the secure service. |
