US 12,494,912 B2
One-time-use secret bootstrapping in container-orchestrated environments
Rafael da Fonte Lopes da Silva, Porto Alegre (BR); Natalia Machado dos Santos, Porto Alegre (BR); and Mauricio Coutinho Moraes, Porto Alegre (BR)
Assigned to Hewlett-Packard Development Company, L.P., Spring, TX (US)
Appl. No. 17/797,458
Filed by Hewlett-Packard Development Company, L.P., Spring, TX (US)
PCT Filed Mar. 4, 2020, PCT No. PCT/US2020/020922
§ 371(c)(1), (2) Date Aug. 4, 2022,
PCT Pub. No. WO2021/177954, PCT Pub. Date Sep. 10, 2021.
Prior Publication US 2023/0078967 A1, Mar. 16, 2023
Int. Cl. H04L 9/32 (2006.01); H04L 67/104 (2022.01)
CPC H04L 9/3228 (2013.01) [H04L 9/3213 (2013.01); H04L 67/1044 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system comprising:
a one-time-use secret (OTUS) deployer engine to: provide an OTUS within a container-orchestrated environment (COE);
a non-OTUS provider engine to: provide a non-OTUS in exchange for the OTUS; and, invalidate the OTUS when the non-OTUS is provided;
a first container engine to: in response to bootstrapping, receive the OTUS from the OTUS deployer engine; and receive the non-OTUS from the non-OTUS provider engine in exchange for the OTUS; and
a second container engine, that is a replica of the first container engine, to: in response to bootstrapping, after the first container engine, receive the OTUS from the OTUS deployer engine; attempt to receive the non-OTUS from the non-OTUS provider engine in exchange for the OTUS; receive an indication from the non-OTUS provider engine that the OTUS is invalid; and receive the non-OTUS from the first container engine via a peer-to-peer network of the COE,
wherein at least one of the first container engine or the second container engine is further to broadcast the non-OTUS to other replicas of the first container engine of the peer-to-peer network.