Certified Security Solutions, Inc. (CSS) on Tuesday announced the approval of US patent number 8,745,378, for its Validated SCEP™ (VSCEP) service used to protect SCEP (Simple Certificate Enrollment Protocol) certificate enrollment requests.
VSCEP was created in response to the SCEP vulnerability uncovered by Certified Security Solutions, Inc., published by US-CERT in 2012, Vulnerability Note VU#971035. In certain situations, organizations that use the Simple Certificate Enrollment Protocol (SCEP) for mobile devices are open to increased security risks that include fraudulent credentials and privilege escalation attacks.
Validated SCEP™ is a system and method for validating SCEP certificate enrollment. Validated SCEP™ verifies whether a certificate request is legitimate by comparing it to registered SCEP challenges and associated expected certificate request content. The addition of VSCEP to CSS’ Certificate Management System (CMS) makes it one of the most secure platforms to deliver certificates in the world of BYOD and IoT devices.
“We are thrilled to receive this official recognition of the uniqueness of our solution,” commented Ted Shorter, CSS CTO. “To put it simply, the VSCEP service helps ensure that certificate requestors really are who they say they are. This patent is a testament to the work of the tremendous team we have in place at CSS.”
For more information about the Validated SCEP (VSCEP™) service, please contact us.
About CSS – CSS is an information security company, specializing in identity and access management solutions. The company, headquartered in Cleveland, Ohio, has operations throughout North America. CSS provides enterprise ready software, managed security services, Security as a Service, and consulting services. CSS’ security solutions allow clients to secure and operate in cloud computing platforms, “Bring Your Own Device” initiatives, and the emerging market of the “Internet of Things.” For more information and for a complete list of branch offices, click here to Request Information.