| 发明名称 | Dynamic key management | ||
| 摘要 | Apparatus, systems, and methods may operate to receive a public key associated with a public/private key pair at a key distribution handler, after a new workload and an associated key agent are created within a network of nodes. The associated key agent may be used to generate the key pair. Additional activity may include distributing, by the key distribution handler, the public key to other key agents associated with permitted workloads operating in the network. The public key may be used to overwrite or delete prior public keys for an authenticated workload identity associated with the new workload. Additional apparatus, systems, and methods are disclosed. | ||
| 申请公布号 | US8948399(B2) | 申请公布日期 | 2015.02.03 |
| 申请号 | US201113118082 | 申请日期 | 2011.05.27 |
| 申请人 | Novell, Inc. | 发明人 | Sabin Jason Allen;Jorgensen Michael John |
| 分类号 | H04L9/08;H04L29/06 | 主分类号 | H04L9/08 |
| 代理机构 | Schwegman Lundberg & Woessner, P.A. | 代理人 | Schwegman Lundberg & Woessner, P.A. |
| 主权项 | 1. An apparatus that is a key distribution handler, the apparatus comprising: a network interface to communicatively couple to a network, the network including a plurality of nodes respectively including workloads, each of the workloads including respective key agents, the respective key agents having generated respective key pairs for the respective workloads, the respective key agents having lifetimes substantially the same as the respective workloads; a processor implemented reception module arranged to: receive a notification from a new respective key agent on a new workload that key generation and application configuration to make use of a generated public/private key pair is complete, the new respective key agent having generated the public/private key pair, the generated key pair including a public key, the newly created workload being created by and assigned to a user in accordance with a policy:receive the public key in response to the notification from the new respective key agent; andassign the public key to the user, and a processor implemented distribution module arranged to distribute the public key, via the network interface, to a plurality of the respective key agents associated with a plurality of permitted workloads from the workloads operating on nodes in the network, wherein the public key is used to overwrite or delete prior public keys for an authenticated workload identity associated with the new workload, wherein the permitted workloads are assigned to the user and governed by the policy, and wherein the apparatus is a separate and distinct node from a node with the new respective key agent and nodes with the respective key agents. | ||
| 地址 | Provo UT US | ||