公开(公告)号：US20240113866A1

公开(公告)日：2024-04-04

申请号：US18321694

申请日：2023-05-22

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Michael Pak ,  Ignat Korchagin ,  Chase Robinson

IPC: H04L9/08

CPC classification number: H04L9/083

Abstract: A distributed key management system (KMS) includes a central KMS server and multiple intermediate KMS servers. The central KMS server replicates managed keys to the intermediate KMS servers. An intermediate KMS server receives a KMS service request from a KMS client, where any of the intermediate KMS servers are capable of servicing the request. The intermediate KMS server performs the action requested if it has access to the necessary managed key and returns the response to the KMS client. If it does not have access to the necessary managed key, the intermediate KMS server transmits a request for the managed key to the central KMS server. The intermediate KMS server receives the managed key, performs the action requested, and returns the response to the KMS client.

公开(公告)号：US11658812B1

公开(公告)日：2023-05-23

申请号：US17956689

申请日：2022-09-29

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Michael Pak ,  Ignat Korchagin ,  Chase Robinson

IPC: H04L9/08

CPC classification number: H04L9/083

Abstract: A distributed key management system (KMS) includes a central KMS server and multiple intermediate KMS servers. The central KMS server replicates managed keys to the intermediate KMS servers. An intermediate KMS server receives a KMS service request from a KMS client, where any of the intermediate KMS servers are capable of servicing the request. The intermediate KMS server performs the action requested if it has access to the necessary managed key and returns the response to the KMS client. If it does not have access to the necessary managed key, the intermediate KMS server transmits a request for the managed key to the central KMS server. The intermediate KMS server receives the managed key, performs the action requested, and returns the response to the KMS client.

公开(公告)号：US20240396713A1

公开(公告)日：2024-11-28

申请号：US18433124

申请日：2024-02-05

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Michael Pak

IPC: H04L9/08

Abstract: A first intermediate key management system (KMS) server of a distributed KMS receives a key lookup service (KLS) query from a KMS client for determining an identity of KMS server(s) that are capable of performing a first operation with a first managed key. The first intermediate KMS server is one of the intermediate KMS servers of the distributed KMS. The first KMS server determines the identity of one or more of the KMS servers that are capable of performing the first operation with the first managed key. The first KMS server transmits a KLS response to the KMS client that includes the identity of the KMS server(s) that are capable of performing the first operation with the first managed key.

公开(公告)号：US11895227B1

公开(公告)日：2024-02-06

申请号：US18322265

申请日：2023-05-23

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Michael Pak

IPC: H04L9/08

CPC classification number: H04L9/0825 ,  H04L9/0827

Abstract: A first intermediate key management system (KMS) server of a distributed KMS receives a key lookup service (KLS) query from a KMS client for determining an identity of KMS server(s) that are capable of performing a first operation with a first managed key. The first intermediate KMS server is one of the intermediate KMS servers of the distributed KMS. The first KMS server determines the identity of one or more of the KMS servers that are capable of performing the first operation with the first managed key. The first KMS server transmits a KLS response to the KMS client that includes the identity of the KMS server(s) that are capable of performing the first operation with the first managed key.