CPC H04L 63/0876 (2013.01) [H04L 9/3247 (2013.01); H04L 63/0435 (2013.01); H04L 63/061 (2013.01); H04L 63/0807 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
1. A computer-implemented method, comprising:
obtaining, by a second service in a second region, a first request from a computing device to access a computing resource located at the second region, the first request including a first session token encrypted using a first secret key associated with a first region;
sending, by the second service, a second request including the first session token to a first service in the first region for an encrypted second session token;
receiving, by the second service, an encrypted second session token from the first service in response to the second request, the first service having produced the encrypted second session token by re-encrypting the first session token from using the first secret key to using a second secret key, wherein the second secret key is based at least in part on first secret information of the computing device and second secret information of the second region; and
fulfilling, by the second service, the first request by providing the computing device access to the computing resource based at least in part on the encrypted second session token.
|