CN-113874876-B - Security model for distributed computing systems

Abstract

A method for a computing node to provide cryptographic keys in response to a service request includes establishing a key list, wherein the key list includes key identifiers of a plurality of keys, receiving the service request and identifying a need for a key in response to the service request, and assigning one of the key identifiers, and thus a key associated with the one of the key identifiers, to the service request using a deterministic process according to data associated with the service request. Appropriately configured computing nodes are also described.

Inventors

• M. Klingji
• O. Razimani

Assignees

• 万事达卡国际公司

Dates

Publication Date

20260508

Application Date

20200422

Priority Date

20190605

Claims (13)

1. 1. A method for a computing node to provide a cryptographic key in response to a service request, the method comprising: establishing a key list, wherein the key list includes key identifiers of a plurality of keys; receiving a service request associated with a transaction and identifying a service need key to execute in response to the service request, and Assigning one of the key identifiers based on operating the deterministic process on the transaction identifier identifying the transaction using the deterministic process for key selection and thereby using a key associated with the one of the key identifiers in performing the service in response to the service request, and Upon receiving another service request related to another transaction, assigning one of the key identifiers from a same key list using a same deterministic procedure and thus using the key associated with the one of the key identifiers in executing the other service in response to the other service request; Wherein a transaction identifier identifying the transaction is based on a local transaction counter, and Wherein the computing node is one of a plurality of nodes of the distributed computing system, wherein the service request is received from a client within the distributed computing system, and wherein the client is one of a subset of clients of the distributed computing system associated with the computing node.
2. 2. The method of claim 1, wherein the service request is associated with generation or verification of credentials.
3. 3. The method of claim 2, wherein the credential is associated with a transaction performed by a client providing the service request.
4. 4. A method as claimed in any one of claims 1 to 3, wherein the key list comprises a unique identifier.
5. 5. A method as claimed in any one of claims 1 to 3, wherein deterministic procedures for key and cryptographic operation selection are identified in a key list.
6. 6. A method as claimed in any one of claims 1 to 3, wherein the key list is cryptographically sealed with a key list seal lock.
7. 7. The method of claim 2, wherein the key list has a validity period.
8. 8. The method of claim 7, further comprising replacing the key list with another key list when a validity period expires.
9. 9. The method of claim 8, wherein the other key list is provided by a central service remote from the computing node, provided by the peer node, or generated locally.
10. 10. A method as claimed in claim 8 or 9, wherein the validity period is associated with the generation of a credential but is independent of the verification of the generated credential.
11. 11. A method as claimed in any one of claims 1 to 3, wherein a cryptographic method for using a key is identified in the key list.
12. 12. The method of claim 11, wherein the cryptographic process delivers cryptographic credentials on the computing node, information from the service request, transaction identification, and information from the key list.
13. 13. A computing node adapted to provide a cryptographic key in response to a service request in accordance with the method of any one of claims 1 to 12.

Description

Security model for distributed computing systems Cross Reference to Related Applications The present application is based on and claims the rights and priority of the european patent application filed on 5-6-2019 with serial number 19178579.9 and the european patent application filed on 5-6-2019 with serial number 19178583.1, the contents of which are incorporated herein in their entireties for all purposes. Technical Field The present disclosure relates to the management of credentials and security models for use in distributed computing systems. The present disclosure relates specifically to distributed systems having a very large number of clients that require credentials associated with the use of the system. Background There are many technical challenges to having a centralized (centralized) system to serve a very large number of clients, especially when these clients are widely geographically distributed. It is logical to consider a distribution system that enables related services to be provided by a set of geographically distributed servers, rather than by a central server or data center. In practice, such decentralization may use a cloud architecture that will typically use multiple geographically distributed servers, or data centers, to deliver services to clients. A cloud architecture may be considered to include multiple nodes-when using a cloud architecture, a node may be an aggregation of multiple computers, and more than one data center may be covered with "real-time" connections and data sharing within a given node. Decentralization itself can be problematic, particularly in cases where it is necessary to provide services in this manner, the provision of services can have consequences beyond the server providing the service and the client receiving the service. For example, if other clients (or other system nodes) need to trace back to the service providing node to check whether or how the service has been provided, or if the central system has to know how the service has been provided or the performance of the distributed server node, new bottlenecks may appear on the central server in place of previous bottlenecks, the total amount of messaging in the system may increase, and network latency may become a serious problem. This is especially serious when the service is related to security (and therefore it must be sure that it has been performed securely in the whole system) and when it involves provisioning the service for a short period of time. Both of these problems apply to transaction systems-transactions must be authorized in a short period of time and it must be ensured that they have been legally executed-but are also applicable to other technical contexts. Disclosure of Invention In a first aspect, the present disclosure provides a method for a computing node to provide cryptographic keys in response to a service request, the method comprising establishing a key list, wherein the key list comprises key identifiers of a plurality of keys, receiving the service request and identifying that a key is required in response to the service request, and assigning one of the key identifiers, and thus a key associated with said one of the key identifiers, to the service request using a deterministic process according to data associated with the service request. This approach provides a very efficient and scalable method for distributing keys to cryptographic processes. Using deterministic procedures in this way makes it possible to easily determine which key was used in a particular situation. The computing node may be one of a plurality of nodes of a distributed computing system, and the service request may be received from a client within the distributed computing system. The client may be one of a subset of clients of the distributed computing system associated with the computing node. The service request may be related to the management of the credential-it may be related to the generation or verification of the credential. The credentials may be related to a transaction performed by a client providing the service request. The data associated with the service request may include a transaction identifier, which may be based on a local transaction counter. The key list includes a unique identifier. Deterministic processes may be identified in a key list. The key list may be cryptographically sealed with a key list seal lock. The key list may have a validity period. When the validity period expires, the key list may be replaced with another key list. The further key list may be provided by a central service remote from the computing node, or may be generated locally or provided by the peer node. In the case of a credential, the validity period may be related to the generation of the credential, but not to the verification of the generated credential. The cryptographic method for using the key can be identified in the key list-one possibility would be HMAC. Information from the key list is us