	US 12,250,325 B2
	Method and architecture for securing and managing networks of embedded systems with optimised public key infrastructure
Vishram Mishra, Singapore (SG); Magzhan Ikram, Singapore (SG); Steven Paul Kerrison, Singapore (SG); Shazina Binte Zaini, Singapore (SG); and Ahnaf Aff Siddiqi, Singapore (SG)
Assigned to Microsec Pte Ltd, Singapore (SG)
Appl. No. 17/293,928
Filed by Microsec Pte Ltd, Singapore (SG)
PCT Filed Jul. 31, 2019, PCT No. PCT/SG2019/050382 § 371(c)(1), (2) Date May 14, 2021, PCT Pub. No. WO2020/101567, PCT Pub. Date May 22, 2020.
Claims priority of application No. 10201810250P (SG), filed on Nov. 16, 2018.
Prior Publication US 2022/0006652 A1, Jan. 6, 2022
Int. Cl. H04L 29/06 (2006.01); H04L 9/32 (2006.01)

CPC H04L 9/3263 (2013.01)

18 Claims

1. A method of data communication, the method comprising:

authenticating a party of a data communication session using a micro certificate within a micro public key infrastructure that provides transport or application layer security, the micro public key infrastructure being a combination of communication protocol, micro certificates, and a management platform, at least one party of the data communication session being a resource and bandwidth constrained device;

establishing the data communication session using the micro certificate; and

performing secured data communication over the data communication session,

wherein the authenticating comprises:

receiving, at a server of the micro public key infrastructure, a micro certificate signing request from said party, the micro certificate signing request generated by said party;

transmitting, by the server of the micro public key infrastructure, the micro certificate signing request to a certificate authority;

receiving, at the server of the micro public key infrastructure, a response to the micro certificate signing request from the certificate authority; and

transmitting the response from the server of the micro public key infrastructure to said party, said party configured to reconstruct the micro certificate based on the response and installing the micro certificate or updating a previous micro certificate,

wherein the micro certificate uses a micro-table or lookup-table based scheme to reduce a size of the micro certificate, wherein the micro-table or lookup-table based scheme utilizes different fields in the micro certificate to provide information about a type of the micro certificate and various parameters the micro certificate holds,

wherein the micro certificate is not directly compatible with an X.509 standard,

wherein a plurality of identifiers in the micro certificate is numeric whose meaning is stored outside of the micro certificate, wherein each of the plurality of identifiers is sized to a purpose of the identifier.