发明名称 |
Role-based distributed key management |
摘要 |
Implementations for providing role-based distributed key management (DKM) replication are described. A server node receives a request from a requester node to perform a DKM create or update function. The server node determines the role of the requester node based on a public key of the requester node. The server node determines whether the role of the requester node indicates that the requester node is authorized to request the DKM create or update function. If the requester node's role is authorized to request the DKM create or update function, then the server node performs the requested function. The DKM create or update function may involve a replication function. Public key and trust chains may be derived from physical cryptographic processors, such as TPMs. |
申请公布号 |
US9634831(B2) |
申请公布日期 |
2017.04.25 |
申请号 |
US201514678424 |
申请日期 |
2015.04.03 |
申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Acar Tolga;Jerez Henry N.;Nguyen Lan Duy;Roeder Thomas Michael |
分类号 |
H04L29/06;H04L9/08;H04L9/32;H04L9/30 |
主分类号 |
H04L29/06 |
代理机构 |
Lee & Hayes, PLLC |
代理人 |
Lee & Hayes, PLLC |
主权项 |
1. A method comprising:
receiving, by a server node, a request from a requester node to update cryptographic information to be used to perform cryptographic services on behalf of a client node; receiving, by the server node, a commitment from one or more other server nodes that the one or more other server nodes will accept updates to the cryptographic information; and providing, by the server node upon receiving the commitment, updated cryptographic information to the requester node in reply to the request. |
地址 |
Redmond WA US |