Techniques for managing heterogeneous key stores
First Claim
Patent Images
1. A method, comprising:
- receiving a key instruction in a first format, wherein the key instruction is directed to a first key store and a second key store, and wherein the first and second key stores use disparate interfaces from one another and use second and third formats, respectively to process instructions;
sending the key instruction in the first format to a first agent that is in communication with the first key store, wherein the first agent translates the key instruction from the first format to the second format and processes the key instruction against the first key store; and
forwarding the key instruction in the first format to a second agent that is in communication with the second key store, wherein the second agent translates the key instruction from the first format to the third format and processes the key instruction against the second key store.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for managing heterogeneous key stores are presented. A centralized key management service receives key instructions in a generic format. These key instructions are communicated to distributed key agents distributed over a network. The key agents translate the key instructions into native formats expected by distributed key stores. The key agents then process the key instructions in the native formats against the distributed key stores on behalf of the centralized key management service.
-
Citations
25 Claims
-
1. A method, comprising:
-
receiving a key instruction in a first format, wherein the key instruction is directed to a first key store and a second key store, and wherein the first and second key stores use disparate interfaces from one another and use second and third formats, respectively to process instructions; sending the key instruction in the first format to a first agent that is in communication with the first key store, wherein the first agent translates the key instruction from the first format to the second format and processes the key instruction against the first key store; and forwarding the key instruction in the first format to a second agent that is in communication with the second key store, wherein the second agent translates the key instruction from the first format to the third format and processes the key instruction against the second key store. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
receiving a key instruction from a master key management service, wherein the key instruction is in a first format; translating the key instruction from the first format to a native format associated with a first key store; processing the key instruction in the native format against the first key store; and reporting that the key instruction processed against the first key store to the master key management service. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system, comprising:
-
a centralized key management service; and distributed key agents, wherein the centralized key management service is to present a unified administrative interface to administrators to perform key instructions in a generic format, and wherein the centralized key management service is to securely communicate the key instructions to the distributed key agents in the generic format, and each distributed key agent is to translate the key instructions into native formats recognized by distributed key stores and to further process the key instructions in those native formats on the distributed key stores on behalf of the centralized key management service. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A centralized key store implemented in a machine-accessible medium to dispense and maintain access information for resources of a network, the centralized key store including a plurality of records and each record comprising:
-
a distributed key store identifier to identify a distributed key store; a category type that is to be associated with the distributed key store; a path, within an environment of the distributed key store, that is to be used to reach the distributed key store; an access secret that is to be used to access the distributed key store; and key store elements that is to define keys and other key information included within the distributed key store. - View Dependent Claims (22, 23, 24, 25)
-
Specification