Secure key management protocol for distributed network encryption
US10798073B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 31, 2017 |
| Grant date | Oct 6, 2020 |
| Priority date | — |
| Expiry date | Oct 27, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0807
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
For an encryption management module of a host that executes one or more data compute nodes (DCNs), some embodiments of the invention provide a method of providing key management and encryption services. The method initially receives an encryption key ticket at an encryption management module to be used to retrieve an encryption key identified by the ticket from a key manager. When the encryption key has been retrieved, the method uses the encryption key to encrypt a message sent by a data compute node executing on the host requiring encryption according to an encryption rule. The encryption key ticket, in some embodiments, is generated for an encryption management module to implement the principle of least privilege. The ticket acts as a security token in retrieving encryption keys from a key manager. Ticket distribution and encryption rule distribution are independent of each other in some embodiments.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.