APPARATUS AND METHOD FOR GROUP SESSION KEY AND ESTABLISHMENT USING A CERTIFIED MIGRATION KEY
First Claim
1. A method comprising:
- exporting a protected certified migration key (CMK) to a target platform if the platform is authorized to participate in a group and meets a group security policy;
encrypting a group master key with a public portion of the CMK to form a protected group master key; and
transmitting the protected group master key to the target platform.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for group session key and establishment using a certified migration key are described. In one embodiment, the method includes exporting of a protected certified migration key (CMK) to a target platform. In one embodiment, exporting of the protected CMK requires that the target platform is authorized for participation in a group and has a storage key, including attributes that comply with the group security policy. Once the protected CMK is exported, in one embodiment, a group master key is encrypted with a public portion of the CMK to form a protected group master key. Subsequently, the protected group master key is transmitted to the target platform. In one embodiment, possession of the group master key enables the target platform to participate in a secure group communication session. Other embodiments are described and claimed.
31 Citations
20 Claims
-
1. A method comprising:
-
exporting a protected certified migration key (CMK) to a target platform if the platform is authorized to participate in a group and meets a group security policy; encrypting a group master key with a public portion of the CMK to form a protected group master key; and transmitting the protected group master key to the target platform. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method comprising:
-
providing, according to a key certification request from a group manager, signed attributes of key selected by a target platform as a parent key of a certified migration key (CMK) held by the trusted group manager; receiving the CMK from the group manager if the signed attributes meet a group security policy; and participating in a group communications session with at least one group member platform by decrypting an encrypted data stream using a session key received with the encrypted stream and protected by the CMK. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system, comprising:
-
at least one group member platform; a target platform; and a group manager platform, the group manager platform to export a protected, certified migration key (CMK) to the target platform if the target platform is authorized for participation in a group with the group member platform and meets a group security policy, wherein the target platform is to receive a group master key form one of the group manager platform and the group member platform to enable participation in a secure group communication session with the group member platform. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification