公开(公告)号：US20240388510A1

公开(公告)日：2024-11-21

申请号：US18363266

申请日：2023-08-01

Applicant: Oracle International Corporation

Inventor： Jivan Joseph Madtha ,  Bill Chau ,  Suryanarayanan Balasubramanian

IPC: H04L41/342 ,  H04L9/40

Abstract: Network entities associated with a virtual cloud network are transitioned through a certificate bundle distribution process for distributing new certificate authority certificates to the network entities. Operations may include executing, in relation to each of the network entities, a first operation associated with a first phase of the process; obtaining, for each particular network entity, individual entity information associated with a progress of a particular network entity in relation to the first phase; computing, based on the individual entity information, an aggregate metric indicative of an aggregate progress of the network entities in relation to the first phase; determining, based on the aggregate metric, that one or more transition criteria are satisfied for transitioning the network entities from the first phase to a second phase of the process; and executing, in relation to each of the network entities, a second operation associated with the second phase of the process.

公开(公告)号：US20240340272A1

公开(公告)日：2024-10-10

申请号：US18131479

申请日：2023-04-06

Applicant: Oracle International Corporation

Inventor： Anthony Long ,  Brady Turner ,  Mina Anes ,  Mauruthi Geetha Mohan ,  Adam Franklin Wilford ,  Bill Chau ,  Timothy Kraus ,  David Dale Becker

IPC: H04L9/40

CPC classification number: H04L63/0442 ,  H04L63/0823

Abstract: A method may include transmitting a request for metadata associated with a compute instance and receiving, by a computing system, metadata associated with the compute instance signed with a private key. The private key may be associated with a public key. The method may include receiving a request to access a cloud resource and transmitting the request for the metadata. The method may also include receiving the metadata. The metadata may indicate that the compute instance is hosted on the computing system. The method may also include transmitting, to an instance principal service, a request for an instance principal certificate. The request may include the metadata signed with the private key and be cryptographically verified by the instance principal service using the public key. The method may also include receiving the instance principal certificate and providing access to the could resource based on the instance principal certificate.