摘要 |
A system and method for batch signing of a message is provided. An administrator initiates a management operation directed to a plurality of security appliances organized as a cluster. In response, the security appliance generates an operation context identifying the management operation to be performed. In addition, a secure encryption processor (SEP) of each security appliance generates a random nonce. The nonces are then assembled along with the operation context into a single message. The message is then cryptographically signed by an appropriate number of administrators using a cryptographic key associated with each administrator. The signed message is returned to the security appliances, where each security appliance examines the signed message and determines whether its nonce is present within the message. If so, the security appliance performs the desired management operation. However, if its nonce is not present in the signed message, the management operation is disallowed and not performed. |