US 12,368,759 B2
System and method for selective refresh of security data responsive to compromise event
Ofir Ezrielev, Be'er Sheva (IL); Yehiel Zohar, Sderot (IL); and Lee Serfaty, Be'er Sheva (IL)
Assigned to Dell Products L.P., Round Rock, TX (US)
Filed by Dell Products L.P., Round Rock, TX (US)
Filed on Apr. 27, 2023, as Appl. No. 18/308,240.
Prior Publication US 2024/0364752 A1, Oct. 31, 2024
Int. Cl. H04L 9/40 (2022.01); H04L 9/32 (2006.01); H04L 67/1087 (2022.01)
CPC H04L 63/205 (2013.01) [H04L 9/3263 (2013.01); H04L 67/1089 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for managing security of a distributed system, the method comprising:
identifying that a data processing system of the distributed system is compromised;
removing the data processing system from a hierarchy of data processing systems of the distributed system to obtain a revised hierarchy, the hierarchy being based on security postures of the data processing systems;
identifying a portion of the data processing systems potentially compromised based on a location of the data processing system in the hierarchy;
initiating a local refresh of security data based on the portion of the data processing systems and the revised hierarchy to obtain refreshed security data for the portion of the data processing systems, the local refresh revoking certificates maintained by the portion of the data processing systems and through which authority of the data processing system may be validated;
using the refreshed security data of the portion of the data processing systems to validate authority of other data processing systems of the data processing systems and invalidate authority of the data processing system; and
providing computer implemented services based on the validated authority of the other data processing systems and invalidated authority of the data processing system.