Patent · US Active

Key management in secure network enclaves

US9742560B2 · kind B2 · utility

4Cited by

8References

20Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Daniel R. Simon · Redmond, US
Brian D. Swander · Bellevue, US
Pascal Menezes · Bellevue, US
Gabriel E. Montenegro · Redmond, US

Key dates

Filing date	Jun 11, 2009
Grant date	Aug 22, 2017
Priority date	—
Expiry date	May 8, 2030

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/164
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A hierarchical key generation and distribution mechanism for a computer system in which devices are organized into secure enclaves. The mechanism enables network access to be tailored to approximate minimum needed privileges for each device. At the lowest level of the hierarchy, keys are used to form security associations between devices. Keys at each level of the hierarchy are generated from keys at a higher level of the hierarchy and key derivation information. Key derivation information is readily ascertainable, either from identifiers for devices or from within messages, supporting hardware offload of cryptographic functions. Because keys may be generated based on the enclaves in which the hosts participating in a security association are located, the system includes a mechanism by which devices can discover the enclave in which they are located.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.