Mechanism and method for managing credentials on IOS based operating system

摘要

A mechanism and method for managing credentials on an electronic device configured with an iOS based operating system. The iOS based device includes a “keychain” configured in device memory. According to an embodiment, the electronic device comprises an application configured to generate a public certificate object in the keychain and a password object in the keychain. The public certificate object is configured to store a public certificate, and the password object is configured to store a private key. The password object further includes a label or thumbprint for associating the private key with the corresponding public certificate. According to an embodiment, the application stores the private key in an encrypted container in the password object to provide an additional layer of security. The application is configured to unlock the encrypted container utilizing a password provided the user. According to a further aspect, the user password is not stored in memory on the device. According to an embodiment, the private key is generated and provided by a credential management system operatively coupled to the electronic device for digitally signing an email message.

主权项

1. A mechanism for managing a user credential in a communication device configured for iOS operating system including a keychain, said mechanism comprising:
a certificate object under the iOS keychain, said certificate object being configured to store a certificate; a password object under the iOS keychain, said password object being configured to store a private key, and comprising an encrypted container configured to store said private key and said encrypted container being secured by a user password; said password object being configured to store a thumbprint, said thumbprint being configured to associate said private key with a corresponding certificate and comprising a searchable object configured to be searchable under the iOS operating system for linking said encrypted container storing said private key with said associated certificate.