| CPC H04L 63/0876 (2013.01) | 19 Claims |
|
1. A system comprising:
one or more processors; and
one or more non-transitory computer-readable media storing computer-executable instructions that, when executed by the one or more processors, cause the one or more processors to perform acts comprising:
storing, by a first authenticator component, an indication that a component having a cryptographic identity is currently associated with a component group in an authentication hierarchy of component groups, the component group comprising the component and a second authenticator component capable of authenticating the component;
receiving, by the first authenticator component, a first group identity from the second authenticator component, the first group identity including: (i) an identity of the second authenticator component and the component, (ii) an authentication status of the component, the authentication status indicating whether the component is valid, invalid, or unsupported, and (iii) a digital certificate of the second authenticator component;
verifying, by the first authenticator component, the first group identity, wherein verifying the first group identity comprises determining the digital certificate of the second authenticator component is valid;
storing, by the first authenticator component, information associated with the second authenticator component and the component in an extensible list of volatile, runtime data;
signing, by the first authenticator component, the extensible list with a private key to create a second group identity; and
sending the second group identity to a next higher authenticator component in the authentication hierarchy.
|