Managing authenticators in a computer system
First Claim
Patent Images
1. A method of managing keys by a management apparatus comprising at least one processor and memory in a computer system, comprising:
- collecting from the computer system, by the management apparatus, information of existing public key infrastructure keys existing in the computer system,determining, by the management apparatus, further information associated with the collected information of the existing public key infrastructure keys,defining, by the management apparatus, an equivalence group comprising members based on the collected information of the existing public key infrastructure keys and associated with the members and the determined further information,associating, by the management apparatus, at least one policy action to the equivalence group, andcausing, by the management apparatus, performing of the at least one policy action on the existing public key infrastructure keys of all of the members of the equivalence group.
1 Assignment
0 Petitions
Accused Products
Abstract
Certain embodiments provide means for managing automated access to computers, e.g., using SSH user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, Kerberos credentials, and cryptographic keys. Certain embodiments provide for remediating legacy SSH key problems and for automating configuration of SSH keys, as well as for continuous monitoring.
-
Citations
20 Claims
-
1. A method of managing keys by a management apparatus comprising at least one processor and memory in a computer system, comprising:
-
collecting from the computer system, by the management apparatus, information of existing public key infrastructure keys existing in the computer system, determining, by the management apparatus, further information associated with the collected information of the existing public key infrastructure keys, defining, by the management apparatus, an equivalence group comprising members based on the collected information of the existing public key infrastructure keys and associated with the members and the determined further information, associating, by the management apparatus, at least one policy action to the equivalence group, and causing, by the management apparatus, performing of the at least one policy action on the existing public key infrastructure keys of all of the members of the equivalence group. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus for managing keys in a computer system, the apparatus comprising at least one processor, and at least one memory for storing instructions that, when executed, cause the apparatus to:
-
collect, from the computer system, information of existing public key infrastructure keys existing in the computer system, determine further information associated with the collected information of the existing public key infrastructure keys, determine an equivalence group comprising members based on the collected information of the existing public key infrastructure keys and associated with the members and the determined further information, associate at least one policy action to the equivalence group, and cause performing of the at least one policy action on the existing public key infrastructure keys of all of the members of the equivalence group. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification