公开(公告)号：US20250088499A1

公开(公告)日：2025-03-13

申请号：US18466474

申请日：2023-09-13

Applicant: Oracle International Corporation

Inventor： Sneha Sudhakaran Nair ,  Tony Long ,  Mauruthi Geetha Mohan ,  Akshay Krishnath Dagade ,  Jakub Wojciak

IPC: H04L9/40

Abstract: Operations of a certificate bundle distribution service may include: detecting a trigger condition to distribute a certificate bundle that includes a set of one or more certificate authority certificates; partitioning each particular network entity of a plurality of network entities associated with a computer network into one of a plurality of certificate distribution groups based on a network address of the particular network entity, in which each particular certificate distribution group includes a particular subset of network entities from the plurality of network entities; selecting a particular certificate distribution group, of the plurality of certificate distribution groups, for distribution of the certificate bundle; and transmitting the certificate bundle to the particular subset of network entities in the particular certificate distribution group.

公开(公告)号：US20250055710A1

公开(公告)日：2025-02-13

申请号：US18447993

申请日：2023-08-10

Applicant: Oracle International Corporation

Inventor： Tony Long ,  Mauruthi Geetha Mohan ,  Karthik Venkatesh

IPC: H04L9/32

Abstract: Operations of a digital signature manager may include detecting, in a certificate repository on a first virtual cloud network, set of one or more new certificate authority (CA) certificates; transmitting, to a key management service hosted on a second virtual cloud network, a CA dataset that includes the set of one or more new CA certificates; receiving, from the key management service, a digital signature of the CA dataset generated based at least on a global private key stored on the second virtual cloud network in a private key repository associated with the key management service; and storing the digital signature in the certificate repository in a data structure that associates the digital signature with the CA dataset.

公开(公告)号：US20250088374A1

公开(公告)日：2025-03-13

申请号：US18466483

申请日：2023-09-13

Applicant: Oracle International Corporation

Inventor： Jodi Robertson ,  Tony Long ,  Mauruthi Geetha Mohan ,  Mina Anes

IPC: H04L9/32 ,  H04L67/568

Abstract: Operations may include receiving, from a first network entity, a first request for a first certificate revocation list (CRL) that identifies a first CRL distribution point (CDP) corresponding to the first CRL; mapping the first CDP to a first CRL identifier of a set of available CRL identifiers; locating, in a CRL repository, a first CRL based on the first CRL identifier; and transmitting the first CRL to the first network entity.

公开(公告)号：US20250088373A1

公开(公告)日：2025-03-13

申请号：US18466466

申请日：2023-09-13

Applicant: Oracle International Corporation

Inventor： Burak Uzun ,  Mauruthi Geetha Mohan ,  Tony Long ,  Owen Cliffe

IPC: H04L9/32 ,  H04L9/08

Abstract: Operations of a certificate bundle validation service may include receiving a first certificate bundle that includes a first set of one or more digital certificates, and a digital signature, associated with the first certificate bundle; determining, using a public key of an asymmetric key pair associated with a second set of one or more digital certificates, that the digital signature is generated using a private key of the asymmetric key pair; and responsive to determining that the digital signature is generated using the private key, storing the first certificate bundle in a certificate repository as a trusted certificate bundle.

公开(公告)号：US20250088514A1

公开(公告)日：2025-03-13

申请号：US18466447

申请日：2023-09-13

Applicant: Oracle International Corporation

Inventor： Haya Majeed ,  Tony Long ,  Mauruthi Geetha Mohan

IPC: H04L9/40

Abstract: Operations of a certificate authority (CA) service may include aggregating in a certificate repository, a plurality of sets of CA certificates, in which each set of CA certificates is issued by a particular CA that is associated with a particular trust zone and that is trusted by a particular set of network entities located in the particular trust zone. The operations may further include distributing for access by an additional set of network entities, an aggregate set of CA certificates that includes the plurality of sets of CA certificates. The additional set of network entities may utilize the plurality of sets of CA certificates to authenticate network entities located in different trust zones.

公开(公告)号：US20250030561A1

公开(公告)日：2025-01-23

申请号：US18354498

申请日：2023-07-18

Applicant: Oracle International Corporation

Inventor： Tony Long ,  Sneha Sudhakaran Nair ,  Burak Uzun

IPC: H04L9/32 ,  H04L9/30

Abstract: Techniques for updating certificate bundles may include receiving, at an entity associated with a virtual cloud network, a certificate bundle that includes an updated set of certificate authority (CA) certificates. The techniques may include applying a validation process to an entity certificate based on the certificate bundle, with the entity certificate having been issued to the entity prior to the entity receiving the certificate bundle. The validation process may include validating, by the entity, a certificate chain that includes the entity certificate and a CA certificate included in the updated set of CA certificates. The techniques may include, responsive to validating the certificate chain, installing the certificate bundle in a storage medium associated with the entity, and utilizing, by the entity, the certificate bundle to authenticate at least one additional entity associated with the virtual cloud network.