IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 11762980 B1

PDFFull Text
Date of Patent:
Sep. 19, 2023

Filed:

Mar. 14, 2018

Autonomous secrets renewal and distribution

Applicant:

Microsoft Technology Licensing, Llc, Redmond, WA (US);

Inventors:

Brian S. Lounsberry, Kenmore, WA (US);

Ashok Chandrasekaran, Redmond, WA (US);

Chetan S. Shankar, Bothell, WA (US);

Chandan R. Reddy, Redmond, WA (US);

Chuang Wang, Issaquah, WA (US);

Kahren Tevosyan, Kirkland, WA (US);

Mark Eugene Russinovich, Hunts Point, WA (US);

Vyom P. Munshi, Bothell, WA (US);

Pavel Zakharov, Sammamish, WA (US);

Abhishek Pratap Singh Chauhan, London, GB;

Assignee:

MICROSOFT TECHNOLOGY LICENSING, LLC, Redmond, WA (US);

Attorney:

SHOOK, HARDY & BACON L.L.P.

Primary Examiner:

Richard A McCoy

Int. Cl.
CPC ...
G06F 21/46 (2013.01); H04L 9/40 (2022.01); G06F 21/10 (2013.01); H04L 9/00 (2022.01); H04L 9/08 (2006.01);
U.S. Cl.
CPC ...
G06F 21/46 (2013.01); G06F 21/10 (2013.01); H04L 9/006 (2013.01); H04L 9/083 (2013.01); H04L 9/0891 (2013.01); H04L 63/062 (2013.01); H04L 63/068 (2013.01); H04L 63/107 (2013.01);
Abstract

Various methods and systems are provided for autonomous orchestration of secrets renewal and distribution. A secrets management service ('SMS') can be utilized to store, renew and distribute secrets in a distributed computing environment. The secrets are initially deployed, after which, SMS can automatically renew the secrets according to a specified rollover policy, and polling agents can fetch updates from SMS. In various embodiments, SMS can autonomously rollover client certificates for authentication of users who access a security critical service, autonomously rollover storage account keys, track delivery of updated secrets to secrets recipients, deliver secrets using a secure blob, and/or facilitate autonomous rollover using secrets staging. In some embodiments, a service is pinned to the path where the service's secrets are stored. In this manner, secrets can be automatically renewed without any manual orchestration and/or the need to redeploy services.

Find Patent Forward Citations

Loading…