Method for secure management of secrets in a hierarchical multi-tenant environment
US11463251B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 14, 2017 |
| Grant date | Oct 4, 2022 |
| Priority date | — |
| Expiry date | Sep 17, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/0897
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The present invention relates to a method of securely using a first tenant secret key stored under an encrypted form in a first token (TKA) of a first tenant (A) identified by a first tenant identifier (UIDA) and having said first tenant secret key, wherein: each tenant identifier (UIDT) for a tenant (T) comprises a first value and, when said tenant (T) is allowed to use a secret key of a parent tenant (Tp) identified by a parent tenant identifier (UIDTP), said parent tenant identifier, appended before said first value, and said first token (TKA) has been generated from said first tenant identifier (UIDA) and a first tenant secret key encrypted with said first tenant identifier (UIDA) and with a first tenant customer master key (CMKA), said first tenant customer master key (CMKA) having been derived from said first tenant identifier (UIDA) and a secure domain master key (SDMK), said method comprising the following steps performed by a secure device storing said secure domain master key (SDMK), on request of a second tenant (B) identified by a second tenant identifier (UIDB): —getting a first tenant identifier (UIDA) of said first tenant (A) from said first token (TKA), —checking if…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.