- 专利标题: Key management in secure network enclaves
-
申请号: US12483095申请日: 2009-06-11
-
公开(公告)号: US09742560B2公开(公告)日: 2017-08-22
- 发明人: Daniel R. Simon , Brian D. Swander , Pascal Menezes , Gabriel E. Montenegro
- 申请人: Daniel R. Simon , Brian D. Swander , Pascal Menezes , Gabriel E. Montenegro
- 申请人地址: US WA Redmond
- 专利权人: Microsoft Technology Licensing, LLC
- 当前专利权人: Microsoft Technology Licensing, LLC
- 当前专利权人地址: US WA Redmond
- 代理机构: Chin IP, PLLC
- 代理商 Davin Chin
- 主分类号: H04L9/00
- IPC分类号: H04L9/00 ; H04L9/08 ; H04L29/06
摘要:
A hierarchical key generation and distribution mechanism for a computer system in which devices are organized into secure enclaves. The mechanism enables network access to be tailored to approximate minimum needed privileges for each device. At the lowest level of the hierarchy, keys are used to form security associations between devices. Keys at each level of the hierarchy are generated from keys at a higher level of the hierarchy and key derivation information. Key derivation information is readily ascertainable, either from identifiers for devices or from within messages, supporting hardware offload of cryptographic functions. Because keys may be generated based on the enclaves in which the hosts participating in a security association are located, the system includes a mechanism by which devices can discover the enclave in which they are located.
公开/授权文献
- US20100318800A1 KEY MANAGEMENT IN SECURE NETWORK ENCLAVES 公开/授权日:2010-12-16
信息查询