METHOD FOR OBTAINING VETTED CERTIFICATES BY MICROSERVICES IN ELASTIC CLOUD ENVIRONMENTS

US 20180048638A1
Filed: 08/11/2016
Published: 02/15/2018
Est. Priority Date: 08/11/2016
Status: Active Grant

First Claim

Patent Images

1. A method for obtaining a vetted certificate for a microservice in an elastic cloud environment, the method comprising:

receiving a one-time authentication credential at the microservice;

utilizing the one-time authentication credential to obtain a client secret;

obtaining an access token and CSR (Certificate Signing Request) attributes at the microservice using the client secret;

constructing a CSR at the microservice utilizing the CSR attributes;

requesting a vetted certificate from a Certificate Authority (CA), the request including the access token and the CSR; and

if the access token and the CSR pass vetting, receiving a vetted certificate from the CA at the microservice.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and is provided for obtaining a vetted certificate for a microservice in an elastic cloud environment. The microservice receives a one-time authentication credential. The microservice utilizes the one-time authentication credential to obtain a client secret. The microservice obtains an access token and CSR (Certificate Signing Request) attributes using the client secret and constructs a CSR utilizing the CSR attributes. The microservice requests a vetted certificate from a Certificate Authority (CA) and includes the access token and the CSR in the request. If the access token and the CSR pass vetting at the CA, the CA sends a vetted certificate to the microservice.

Citations

19 Claims

1. A method for obtaining a vetted certificate for a microservice in an elastic cloud environment, the method comprising:
- receiving a one-time authentication credential at the microservice;
  
  utilizing the one-time authentication credential to obtain a client secret;
  
  obtaining an access token and CSR (Certificate Signing Request) attributes at the microservice using the client secret;
  
  constructing a CSR at the microservice utilizing the CSR attributes;
  
  requesting a vetted certificate from a Certificate Authority (CA), the request including the access token and the CSR; and
  
  if the access token and the CSR pass vetting, receiving a vetted certificate from the CA at the microservice.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the one-time authentication credential comprises a type of microservice.
  - 3. The method of claim 1, wherein the one-time authentication credential comprises a first piece of data and a second piece of data, wherein the first piece of data comprises a service type and the second piece of data comprises a service instance.
  - 4. The method of claim 1, wherein the client secret associates a type of service with a secret management service.
  - 5. The method of claim 1, wherein the step of if the access token and the CSR pass vetting, receiving a vetted certificate from the CA at the microservice comprises receiving a vetted certificate from the CA at the microservice if the access token matches a stored access token at the CA.
  - 6. The method of claim 1, wherein the step of if the access token and the CSR pass vetting, receiving a vetted certificate from the CA at the microservice comprises receiving a vetted certificate from the CA at the microservice if the access token maps to a stored access token at the CA.
  - 7. The method of claim 1, wherein the step of if the access token and the CSR pass vetting, receiving a vetted certificate from the CA at the microservice comprises receiving a vetted certificate from the CA at the microservice if the access token is equivalent to a stored access token at the CA.
  - 8. The method of claim 1, wherein the step of if the access token and the CSR pass vetting, receiving a vetted certificate from the CA at the microservice comprises receiving a vetted certificate from the CA at the microservice if the access token is associated with a stored access token at the CA.
  - 9. The method of claim 1, wherein the step of if the access token and the CSR pass vetting, receiving a vetted certificate from the CA at the microservice comprises receiving a vetted certificate from the CA at the microservice if the CSR matches a stored CSR at the CA.

10. A method for obtaining a vetted certificate for a microservice in an elastic cloud environment, the method comprising:
- obtaining an access token at the microservice;
  
  requesting a vetted certificate from a Certificate Authority (CA), the request including the access token; and
  
  receiving a vetted certificate from the CA at the microservice if the access token matches a stored access token at the CA.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10, wherein the step of receiving a vetted certificate from the CA at the microservice if the access token matches a stored access token at the CA comprises receiving a vetted certificate from the CA at the microservice if the access token maps to a stored access token at the CA.
  - 12. The method of claim 10, wherein the step of receiving a vetted certificate from the CA at the microservice if the access token matches a stored access token at the CA comprises receiving a vetted certificate from the CA at the microservice if the access token is equivalent to a stored access token at the CA.
  - 13. The method of claim 10, wherein the step of receiving a vetted certificate from the CA at the microservice if the access token matches a stored access token at the CA comprises receiving a vetted certificate from the CA at the microservice if the access token is associated with a stored access token at the CA.

14. A microservice comprising:
- a transceiver; and
  
  a processor configured to;
  
  receive a one-time authentication credential via the transceiver;
  
  utilize the one-time authentication credential to obtain a client secret via the transceiver;
  
  obtain an access token and CSR (Certificate Signing Request) attributes using the client secret via the transceiver;
  
  construct a CSR utilizing the CSR attributes;
  
  request a vetted certificate from a Certificate Authority (CA) via the transceiver, the request including the access token and the CSR; and
  
  receive a vetted certificate from the CA via the transceiver if the access token and the CSR pass vetting.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The microservice of claim 14, wherein the onetime authentication credential comprises a type of microservice.
  - 16. The microservice of claim 14, wherein the one-time authentication credential comprises a first piece of data and a second piece of data, wherein the first piece of data comprises a service type and the second piece of data comprises a service instance.
  - 17. The microservice of claim 14, wherein the client secret associates a type of service with a secret management service.
  - 18. The microservice of claim 14, wherein the processor is configured to receive a vetted certificate from the CA via the transceiver if the access token matches a stored access token at the CA.
  - 19. The microservice of claim 14, wherein the processor is configured to receive a vetted certificate from the CA via the transceiver if the CSR matches a stored CSR at the CA.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Motorola Solutions, Inc.
Original Assignee
Motorola Solutions, Inc.
Inventors
LEWIS, ADAM C., METKE, ANTHONY R., THOMAS, SHANTHI E.

Granted Patent

US 10,404,680 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 2009/45587   Isolation or security of vi...

G06F 21/53   by executing in a restricte...

G06F 9/45533   Hypervisors; Virtual machin...

G06F 9/45558   Hypervisor-specific managem...

G06F 9/46   Multiprogramming arrangements

G06F 9/5077   Logical partitioning of res...

H04L 63/06   for supporting key manageme...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 9/3228   One-time or temporary data,...

H04L 9/3268   using certificate validatio...

METHOD FOR OBTAINING VETTED CERTIFICATES BY MICROSERVICES IN ELASTIC CLOUD ENVIRONMENTS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR OBTAINING VETTED CERTIFICATES BY MICROSERVICES IN ELASTIC CLOUD ENVIRONMENTS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links