公开(公告)号：AU2021235526A1

公开(公告)日：2022-08-25

申请号：AU2021235526

申请日：2021-02-10

Applicant: IBM

Inventor： BECK MICHAEL ,  SMOLNY MARTIN ,  DUERR THOMAS ,  OCHS GEORG ,  MCBREARTY GERALD ,  SOOHOO STEPHEN

IPC: H04L9/32

Abstract: A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.

公开(公告)号：CA3166663A1

公开(公告)日：2021-09-16

申请号：CA3166663

申请日：2021-02-10

Applicant: IBM

Inventor： BECK MICHAEL ,  SMOLNY MARTIN ,  DUERR THOMAS ,  OCHS GEORG ,  MCBREARTY GERALD ,  SOOHOO STEPHEN

IPC: H04L9/32

Abstract: A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.

公开(公告)号：AU2021235526B2

公开(公告)日：2023-07-13

申请号：AU2021235526

申请日：2021-02-10

Applicant: IBM

Inventor： BECK MICHAEL ,  SMOLNY MARTIN ,  DUERR THOMAS ,  OCHS GEORG ,  MCBREARTY GERALD ,  SOOHOO STEPHEN

IPC: H04L9/32

Abstract: A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.

公开(公告)号：DE112021000340T5

公开(公告)日：2022-10-20

申请号：DE112021000340

申请日：2021-02-10

Applicant: IBM

Inventor： BECK MICHAEL ,  SMOLNY MARTIN ,  DUERR THOMAS ,  OCHS GEORG ,  MCBREARTY GERALD ,  SOOHOO STEPHEN

IPC: H04L9/30

Abstract: Ein Verfahren, ein Computerprogrammprodukt und ein System zum Verteilen eines privaten Signaturschlüssels zwischen Autorisierungsinstanzen. Das Verfahren umfasst ein Registrieren einer Mehrzahl von Autorisierungsinstanzen in einer Konfigurationsdatei und ein Generieren von Host-Instanz-Schlüsselpaaren durch jede der Autorisierungsinstanzen. Das Verfahren umfasst auch ein Speichern der öffentlichen Host-Schlüssel in der gemeinsam genutzten Datenbank und ein Wählen von einer der Autorisierungsinstanzen als führende Signaturschlüssel-Instanz. Das Verfahren umfasst ein Generieren, durch die führende Signaturschlüssel-Instanz, eines Signaturschlüsselpaars. Das Signaturschlüsselpaar umfasst einen öffentlichen Signaturschlüssel und einen privaten Signaturschlüssel. Das Verfahren umfasst auch ein Speichern des öffentlichen Signaturschlüssels in der gemeinsam genutzten Datenbank und ein Übertragen eines verschlüsselten privaten Signaturschlüssels zu einer anfordernden Autorisierungsinstanz von den Autorisierungsinstanzen. Das Verfahren umfasst ferner ein Entschlüsseln des verschlüsselten privaten Signaturschlüssels durch Verwenden des privaten Host-Schlüssels, der durch die anfordernde Autorisierungsinstanz generiert wurde.