Patent · US Active

Data in transit protection with exclusive control of keys and certificates across heterogeneous distributed computing environments

US11689375B2 · kind B2 · utility

0Cited by

2References

22Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Nataraj Nagaratnam · Cary, US
Christopher S. Smith · Tamm, DE
David N. Nguyen · Wake Forest, US
Martin Schmatz · Thalwil, CH
Marco Pavone · Wolfsburg, DE
Navaneeth Rameshan · Zürich, CH

Key dates

Filing date	May 21, 2021
Grant date	Jun 27, 2023
Priority date	—
Expiry date	Dec 3, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2209/56
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Certificate and key management is provided. A signed certificate corresponding to an enterprise is deployed to a plurality of cryptographic communication protocol endpoint proxies located in a heterogeneous distributed computing environment where a private key corresponding to the enterprise is not placed in any of the plurality of cryptographic communication protocol endpoint proxies. Offload of cryptographic communications from the plurality of cryptographic communication protocol endpoint proxies to the hardware security module is received by the hardware security module where the hardware security module verifies connection authenticity for the plurality of cryptographic communication protocol endpoint proxies across the heterogeneous distributed computing environment using the private key corresponding to the enterprise that remains within a security boundary of the hardware security module.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.