Device coordination
First Claim
Patent Images
1. A system, comprising:
- a plurality of security modules, each security module of the plurality of security modules includes at least one hardware processor and is configured to;
operate in accordance with a state that corresponds to a cryptographic key;
perform cryptographic operations with the cryptographic key; and
require a valid electronic signature from a security module coordinator before updating the state of the plurality of security modules; and
the security module coordinator, the security module coordinator not having access to the cryptographic key and being configured to;
receive a token generated by a security module of the plurality of security modules, the token encoding, using the cryptographic key, a proposed state for the plurality of security modules and a proposed version identifier for the proposed state;
determine, based at least in part on the proposed version identifier and a current version identifier of a current state of the plurality of security modules, whether to synchronize the plurality of security modules to the proposed state; and
generate, based at least in part on the received token, an electronic signature for the token; and
when said determining results in a determination to synchronize the plurality of security modules to the proposed state, provide the token and the generated electronic signature to each of at least a subset of the plurality of security modules with instructions to synchronize to the proposed state.
1 Assignment
0 Petitions
Accused Products
Abstract
A distributed computing environment utilizes a cryptography service. The cryptography service manages keys securely on behalf of one or more entities. The service may utilize multiple security modules. A coordinator may coordinate the security modules to ensure that the security modules operate with consistent operational parameters. A security module may propose a set of parameters for acceptance by the coordinator. If accepted, the coordinator may update the security modules in accordance with the proposal.
-
Citations
26 Claims
-
1. A system, comprising:
-
a plurality of security modules, each security module of the plurality of security modules includes at least one hardware processor and is configured to; operate in accordance with a state that corresponds to a cryptographic key; perform cryptographic operations with the cryptographic key; and require a valid electronic signature from a security module coordinator before updating the state of the plurality of security modules; and the security module coordinator, the security module coordinator not having access to the cryptographic key and being configured to; receive a token generated by a security module of the plurality of security modules, the token encoding, using the cryptographic key, a proposed state for the plurality of security modules and a proposed version identifier for the proposed state; determine, based at least in part on the proposed version identifier and a current version identifier of a current state of the plurality of security modules, whether to synchronize the plurality of security modules to the proposed state; and generate, based at least in part on the received token, an electronic signature for the token; and when said determining results in a determination to synchronize the plurality of security modules to the proposed state, provide the token and the generated electronic signature to each of at least a subset of the plurality of security modules with instructions to synchronize to the proposed state. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method for device coordination, comprising:
under the control of one or more computer systems configured with executable instructions, receiving a proposal generated by a device of a plurality of devices, each of the plurality of devices having a first set of operational parameters including a cryptographic key, the proposal encoding, using the cryptographic key, a second set of operational parameters for the plurality of devices, the device configured to require a valid instruction from an authorized external source before updating to operate in accordance with the proposal; determining whether the proposal conflicts with one or more previously received proposals; and when said determining results in a determination that the proposal is unconflicting with one or more previously received proposals, causing each device of the plurality of devices to replace the first set of operational parameters with the second set of operational parameters. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
14. A device, comprising:
-
one or more processors; and memory including instructions that, when executed by the one or more processors, cause the device to; generate a proposal encoding, using a cryptographic key, a proposed set of operational parameters for a plurality of devices that includes the device, the proposed set of operational parameters differing from a current set of operational parameters in accordance with which the device operates, the current set of operational parameters including the cryptographic key; provide the generated proposal; and operate in accordance with the proposed set of operational parameters as a result of receiving an instruction to operate in accordance with the proposed set of operational parameters from a coordinator device authorized to transmit the instruction, the coordinator device not having access to the cryptographic key. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A non-transitory computer-readable storage medium having stored thereon instructions that, when executed by one or more processors of a computer system, cause the computer system to participate in synchronization a plurality of devices that includes the computer system by at least:
-
receiving a request to change a current set of operational parameters including a current cryptographic key installed to the plurality of devices; providing, to a coordinator system not having access to the current cryptographic key, a response to the request that includes a proposed set of operational parameters for the plurality of devices; receiving the proposed set of operational parameters from the coordinator system; and as a result of receiving the proposed set of operational parameters from the coordinator system, updating the current set of operational parameters to the proposed set of operational parameters. - View Dependent Claims (22, 23, 24, 25, 26)
-
Specification