| CPC H04L 41/28 (2013.01) [H04L 41/046 (2013.01); H04L 41/082 (2013.01); H04L 41/0893 (2013.01)] | 18 Claims |
|
1. A method in a centralized orchestration and provisioning system of a networked communication system, the method comprising:
storing a plurality of cryptographic information in a database of the centralized orchestration and provisioning system, wherein the plurality of cryptographic information is used by a plurality of peer groups in the networked communication system, wherein each peer group comprises a subset of devices in the networked communication system that employ a common security protocol for secured communications, and wherein different peer groups employ different security protocols;
receiving a rotation policy that includes, for each peer group in the plurality of peer groups:
information identifying members of said each peer group;
a security protocol used by said each peer group;
one or more parameters of the security protocol;
a schedule defining a periodicity for generating one or more pieces of cryptographic information associated with said each peer group; and
a keying source to be used for generating the one or more pieces of cryptographic information;
automatically and repeatedly updating, absent user intervention, the plurality of cryptographic information stored in the database in accordance with the rotation policy; and
with each update to cryptographic information currently used by a peer group in the plurality of peer groups, automatically replacing, absent user intervention, the cryptographic information with the updated cryptographic information, wherein communications among the subset of devices of the peer group is secured using the updated cryptographic information.
|