摘要 |
<p>A method and computer program product for accessing a secure resource using a certificate bound with authentication information. In one implementation, the method includes receiving a certificate request (306) from a user, the certificate request including identification information and authentication information (302) associated with the user; verifying (308) the identification information; issuing a certificate (312) to the user when the identification information is verified (308); and sending the authentication information and a certificate identifier (306) for the certificate to an authentication server (216). According to one aspect, the sending step includes signing a combination of the authentication information and the certificate identifier to form a unique user identifier (312); signing the authentication information; and sending the unique user identifier (312) to the authentication server (216).</p> |