-
公开(公告)号:US20240205198A1
公开(公告)日:2024-06-20
申请号:US18288955
申请日:2022-03-25
申请人: Intel Corporation
发明人: Kapil Sood , Srinivasa Addepalli , Dong Guo , Sakari Poussa , Kailun Qin , Ismo Puustinen , Veronika Karperko
IPC分类号: H04L9/40
CPC分类号: H04L63/0428 , H04L63/0823
摘要: Various methods, systems, and use cases for securely managing, generating, and controlling access to keys in a service mesh are discussed herein. In various examples, key protection operations include service mesh signing key protection and service mesh communication key protection, for a secure transport session between services such as conducted with mutual transport layer security (mTLS). For instance, such key protection operations may be used to establish communications between the service host and another entity within the service mesh, in a secure transport session, based on use of a private key (secured using a confidential computing technology) in a secure enclave or other secure compute environment to sign one or more keys for the secure transport session.
-
公开(公告)号:US20240022405A1
公开(公告)日:2024-01-18
申请号:US18477370
申请日:2023-09-28
申请人: Intel Corporation
发明人: Kapil Sood , Shaojun Ding , Dong Guo , Huailong Zhang , Ruijing Guo , Hejie Xu , Qiming Liu
CPC分类号: H04L9/3073 , H04L9/0894 , H04L63/0281
摘要: Systems, apparatus, articles of manufacture, and methods are disclosed to provide hardware enforced security for a service mesh. An example first server of a service mesh disclosed herein to provide hardware enforced security for a service mesh includes programmable circuitry to at least one of instantiate or execute the machine-readable instructions to detect a second server of the service mesh, cause a public key of the second server to be stored in the first enclave, and after an attestation for a second enclave is obtained, cause addition of the second server to the service mesh.
-
搜索结果
2 条记录 (耗时 0.014 秒)
