Remote authorization for operations
First Claim
Patent Images
1. A machine-implemented method to execute on a machine, comprising:
- detecting, by the machine, a request for initiating a secure operation;
evaluating, by the machine, a policy associated with authorizing the secure operation for initiation, the policy drives a processing flow and procedures that must be used to acquire one or more access keys and content for the one or more access keys that are expected before the request is authenticated and initiated, the processing flow and procedures randomly generated via the policy evaluation;
making, by the machine, a request to an authorization acquisition service to acquire the one or more access keys pursuant to the policy from one or more remote authorization principals; and
receiving and verifying, by the machine, the one more access keys, which are received from the authorization acquisition service in response to one or more secrets obtained from the one or more remote authorization principals.
15 Assignments
0 Petitions
Accused Products
Abstract
Techniques for the remote authorization of secure operations are provided. A secure security system restricts access to a secure operation via an access key. An authorization acquisition service obtains the access key on request from the secure security system when an attempt is made to initiate the secure operation. The authorization acquisition service gains access the access key from a secure store via a secret. That is, the secret store is accessible via the secret. The secret is obtained directly or indirectly from a remote authorization principal over a network.
-
Citations
12 Claims
-
1. A machine-implemented method to execute on a machine, comprising:
-
detecting, by the machine, a request for initiating a secure operation; evaluating, by the machine, a policy associated with authorizing the secure operation for initiation, the policy drives a processing flow and procedures that must be used to acquire one or more access keys and content for the one or more access keys that are expected before the request is authenticated and initiated, the processing flow and procedures randomly generated via the policy evaluation; making, by the machine, a request to an authorization acquisition service to acquire the one or more access keys pursuant to the policy from one or more remote authorization principals; and receiving and verifying, by the machine, the one more access keys, which are received from the authorization acquisition service in response to one or more secrets obtained from the one or more remote authorization principals. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A machine-implemented method to execute on a machine, comprising:
-
receiving, by the machine, a request to initiate a secure operation within a secure system; acquiring, by the machine, multiple keys from multiple different certified crypto officers, each crypto officer having one of the multiple keys and each crypto officer remotely communicating his/her key from a remote geographic location from that geographical location associated with the secure system and each crypto officer given different instructions on how each of his/her keys are to be communicated and the instructions change with every subsequent request to initiate the secure operation and the instructions are randomly generated, wherein acquiring further includes identifying each of the certified crypto officers via a policy associated with the secure operation of the secure system; using, by the machine, the multiple keys to acquire a secret from a secret store to initiate the secure operation; and initiating, by the machine, the secure operation via the secret. - View Dependent Claims (9, 10, 11, 12)
-
Specification