| 摘要 |
<p><P>PROBLEM TO BE SOLVED: To provide an apparatus and a method for protecting network resources from unauthorized access to enable access to a new client device. <P>SOLUTION: A global server is constituted of global and organization root certificates, issues a global server/client certificate to an access point (AP), and then issues a global client certificate to a client device enabler (CDE). A plurality of APs and/or CDEs are selected for an organization, the identification of the AP and the CDE of the global server is stored and succeeded, and the AP is deployed and constituted of an organization certificate. The CDE is downloaded or coupled for "providing" a new client device, and a global public key infrastructure (PKI) is used to auto-self authenticate the AP and the CDE. A certification request to a new client is issued to the AP, and the AP issues a client certificate to a client within an organization PKI, adds the new client to a client white list of the organization, and rolls over an organization intermediate CA certificate of the AP and the global client certificate of the CDE. <P>COPYRIGHT: (C)2011,JPO&INPIT</p> |
