	US 12,468,822 B2
	Zero trust accessory management
Siavash James Joorabchian Hawkins, Canterbury (GB); and Krishna Shanbhag B, Bangalore (IN)
Assigned to Omnissa, LLC, Mountain View, CA (US)
Filed by Omnissa, LLC, Mountain View, CA (US)
Filed on Apr. 3, 2023, as Appl. No. 18/129,918.
Claims priority of application No. 202341004012 (IN), filed on Jan. 20, 2023.
Prior Publication US 2024/0248998 A1, Jul. 25, 2024
Int. Cl. G06F 21/60 (2013.01); G06F 21/31 (2013.01); G06F 21/72 (2013.01)

CPC G06F 21/602 (2013.01) [G06F 21/31 (2013.01); G06F 21/72 (2013.01)]

17 Claims

1. A system comprising:

a client device comprising a processor and a memory; and

a cryptographic interface application stored in the memory that, when executed by the processor, causes the client device to at least:

detect a hardware security module associated with the client device;

receive, from a management service over a network, a policy containing a set of rules for operating the hardware security module;

set a provisioning passcode for the hardware security module that complies with the set of rules of the policy received from the management service;

set a usage passcode for the hardware security module;

remove an unblock passcode for the hardware security module;

install at least one credential on the hardware security module using the provisioning passcode;

receive, from a client application installed on the client device, a request for the at least one credential installed on the hardware security module;

determine that the client application is permitted to access the at least one credential installed on the hardware security module based on the set of rules of the policy received from the management service; and

provide the client application access to the at least one credential.