| 发明名称 | Host identity bootstrapping | ||
| 摘要 | Automated provisioning of hosts on a network with reasonable levels of security is described in this application. A certificate management service (CMS) on a host, one or more trusted agents, and a public key infrastructure are utilized in a secure framework to establish host identity. Once host identity is established, signed encryption certificates may be exchanged and secure communication may take place. | ||
| 申请公布号 | US9432356(B1) | 申请公布日期 | 2016.08.30 |
| 申请号 | US200912435995 | 申请日期 | 2009.05.05 |
| 申请人 | Amazon Technologies, Inc. | 发明人 | Johansson Jesper M.;Corddry Matthew T.;Hansen Tom F.;Kearney Luke F. |
| 分类号 | H04L29/06;G06F21/33 | 主分类号 | H04L29/06 |
| 代理机构 | Davis Wright Tremaine LLP | 代理人 | Davis Wright Tremaine LLP |
| 主权项 | 1. One or more non-transitory computer-readable storage media storing instructions that when executed instruct a processor of an infrastructure coordination server to perform acts comprising: receiving an enrollment request from a host; mapping the host to a certificate profile; determining a validity of a host identity associated with the host; obtaining, without human intervention, a personal identification number (PIN) from a public key infrastructure (PKI); mapping multiple certificate authorities (CAs) to the host to accommodate for a failure of at least one of the multiple CAs; providing, without human intervention, the PIN and CA connection information to the host; signing an encryption certificate using a private key; issuing the signed encryption certificate to the host; sending, to the host, a new certificate; revoking the signed encryption certificate; and renewing the new certificate. | ||
| 地址 | Seattle WA US | ||