Supporting the use of a secret key

摘要

A first installation stores key identifications with allocation to a respective user and a second installation stores secret keys which each can be found by means of a key identification. The first installation authenticates a user who logs onto the first installation via a user device, creates a temporary identifier, allocates the identifier to the user and transmits the identifier to the user device. The second installation receives a request for a secret key from the user device together with the identifier and requests a key identification from the first installation, wherein the received identifier is transmitted. The first installation determines a user allocated to the received identifier, identifies a key identification stored for the determined user and transmits the key identification to the second installation. This second installation determines a secret key based on the received key identification and transmits the secret key to the user device.

主权项

1. A method performed by an apparatus of a first installation, which stores key identifications with allocation to a respective user, wherein a second installation stores secret keys which each can be found by means of a key identification, the method comprising:
authenticating a user who logs onto the first installation via a user device, creating a temporary identifier as a basis for retrieving a secret key held ready for the user in the second installation and allocating the identifier to the user, transmitting the identifier to the user device, receiving a request for a key identification from the second installation, wherein the request contains an identifier which was transmitted to the second installation from a user device, determining a user allocated to the received identifier and determining a key identification stored for the determined user, and transmitting the key identification to the second installation.