公开(公告)号：US09571472B2

公开(公告)日：2017-02-14

申请号：US14535191

申请日：2014-11-06

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Denis Alexandrovich Pochuev ,  Yogesh Swami ,  Daniel O'Loughlin

IPC: H04L29/06 ,  H04L9/14 ,  G06F21/57 ,  H04W12/04 ,  H04L12/24

CPC classification number: H04L63/0442 ,  G06F21/57 ,  H04L9/14 ,  H04L41/0806 ,  H04L2209/24 ,  H04W12/04

Abstract: The embodiments described herein describe technologies for a device definition process to establish a unique identity and a root of trust of a cryptographic manager (CM) device, the CM device to be deployed in a CM system. The device definition process can take place in a device definition phase of a manufacturing lifecycle of the CM device. One implementation includes a non-transitory storage medium to store an initialization application that, when executed by a CM device, causes the CM device to perform a device definition process to generate a device definition request to establish the unique identity and the root of trust. In response to the device definition request, the initialization application obtains device identity and device credentials of the CM device and stores the device definition request in storage space of a removable storage device. The initialization application imports a device definition response containing provisioning information generated by a provisioning device of a cryptographic manager system in response to the device definition request.

Abstract translation: 本文描述的实施例描述了用于建立密码管理器（CM）设备的唯一身份和信任根的设备定义过程的技术，CM部署在CM系统中的CM设备。 设备定义过程可以在CM设备的制造生命周期的设备定义阶段中进行。 一种实现方式包括存储初始化应用程序的非暂时性存储介质，所述初始化应用程序在由CM设备执行时使CM设备执行设备定义过程以生成设备定义请求以建立唯一身份和信任根。 响应于设备定义请求，初始化应用获得CM设备的设备身份和设备凭证，并将设备定义请求存储在可移动存储设备的存储空间中。 初始化应用程序响应于设备定义请求导入包含由加密管理器系统的供应设备生成的供应信息的设备定义响应。

公开(公告)号：US20150326543A1

公开(公告)日：2015-11-12

申请号：US14535191

申请日：2014-11-06

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Denis Alexandrovich Pochuev ,  Yogesh Swami ,  Daniel O'Loughlin

IPC: H04L29/06 ,  H04L9/14

CPC classification number: H04L63/0442 ,  G06F21/57 ,  H04L9/14 ,  H04L41/0806 ,  H04L2209/24 ,  H04W12/04

Abstract: The embodiments described herein describe technologies for a device definition process to establish a unique identity and a root of trust of a cryptographic manager (CM) device, the CM device to be deployed in a CM system. The device definition process can take place in a device definition phase of a manufacturing lifecycle of the CM device. One implementation includes a non-transitory storage medium to store an initialization application that, when executed by a CM device, causes the CM device to perform a device definition process to generate a device definition request to establish the unique identity and the root of trust. In response to the device definition request, the initialization application obtains device identity and device credentials of the CM device and stores the device definition request in storage space of a removable storage device. The initialization application imports a device definition response containing provisioning information generated by a provisioning device of a cryptographic manager system in response to the device definition request.

Abstract translation: 本文描述的实施例描述了用于建立密码管理器（CM）设备的唯一身份和信任根的设备定义过程的技术，CM部署在CM系统中的CM设备。 设备定义过程可以在CM设备的制造生命周期的设备定义阶段中进行。 一种实现方式包括存储初始化应用程序的非暂时性存储介质，所述初始化应用程序在由CM设备执行时使CM设备执行设备定义过程以生成设备定义请求以建立唯一身份和信任根。 响应于设备定义请求，初始化应用获得CM设备的设备身份和设备凭证，并将设备定义请求存储在可移动存储设备的存储空间中。 初始化应用程序响应于设备定义请求导入包含由加密管理器系统的供应设备生成的供应信息的设备定义响应。