CPC H04L 9/3268 (2013.01) [G06F 9/455 (2013.01); G06F 21/44 (2013.01); H04L 9/006 (2013.01); H04L 9/3236 (2013.01)] | 20 Claims |
1. A method, comprising:
receiving, by a network function and from a virtualization infrastructure manager (VIM), a certificate request token (CRT) for the network function, wherein the CRT is digitally signed by a management function and includes:
a network address of a trust anchor platform for the network function, and
a Certificate Attribute List (CAL) with customization parameters for the network function;
submitting, by the network function and to the trust anchor platform, a certificate signing request (CSR) and the CRT, wherein the CAL customization parameters supersede parameters in the CSR; and
receiving, by the network function and based on validation of the CSR and CRT, a digital certificate from the trust anchor platform, wherein the digital certificate includes limitations consistent with the CAL customization parameters.
|