Abstract: A method includes requesting, by a first computing device having a first application and a first Transport Layer Security (TLS) library, a sequence of cryptographic keys obtained by a first agent, the sequence of cryptographic keys based on an agent key and provided from the first agent to the first TLS library, requesting, by a second computing device having a second application and a second TLS library, the sequence of cryptographic keys obtained by a second agent, the sequence of cryptographic keys based on the agent key and provided from the second agent to the second TLS library, and communicating between the first application of the first computing device to the second application of the second computing device using the sequence of cryptographic keys based on the agent key.

Abstract: A method includes linking a first application with a first Transport Layer Security (TLS) library, linking a second application with a second TLS library, obtaining a sequence of cryptographic keys by a first agent, the sequence of cryptographic keys based on an agent key and provided from the first agent to the first TLS library, obtaining the sequence of cryptographic keys by a second agent, the sequence of cryptographic keys based on the agent key and provided from the second agent to the second TLS library, establishing communication between the first TLS library and the first agent to create a first trusted relationship, establishing communication between the second TLS library and the second agent to create a second trusted relationship, and establishing a third trusted relationship between the first agent and the second agent.

Abstract: A method includes requesting, by a first computing device having a first application and a first transport layer security (TLS) library, a sequence of cryptographic keys from a first mutual key management service (MKMS), the sequence of cryptographic keys based on an MKMS key, requesting, by a second computing device having a second application and a second TLS library, the sequence of cryptographic keys from a second MKMS, performing, by the first MKMS having a first certificate and the second MKMS having a second certificate, an authorization, comparing, by one of the first MKMS and the second MKMS, a second MGroup identifier with a first MGroup rule, and the first MKMS and the second MKMS creating the sequence of cryptographic keys based on the MKMS key.

Abstract: A method includes requesting, by a first computing device having a first application and a first Transport Layer Security (TLS) library, a sequence of cryptographic keys obtained by a first agent, the sequence of cryptographic keys based on an agent key and provided from the first agent to the first TLS library, requesting, by a second computing device having a second application and a second TLS library, the sequence of cryptographic keys obtained by a second agent, the sequence of cryptographic keys based on the agent key and provided from the second agent to the second TLS library, and communicating between the first application of the first computing device to the second application of the second computing device using the sequence of cryptographic keys based on the agent key.

Abstract: A method includes linking a first application with a first Transport Layer Security (TLS) library, linking a second application with a second TLS library, obtaining a sequence of cryptographic keys by a first agent, the sequence of cryptographic keys based on an agent key and provided from the first agent to the first TLS library, obtaining the sequence of cryptographic keys by a second agent, the sequence of cryptographic keys based on the agent key and provided from the second agent to the second TLS library, establishing communication between the first TLS library and the first agent to create a first trusted relationship, establishing communication between the second TLS library and the second agent to create a second trusted relationship, and establishing a third trusted relationship between the first agent and the second agent.

Abstract: A middlebox includes at least one processor and a memory storing one or more executable instructions that, when executed by the least one processor, cause the at least one processor to receive, from a server, a middlebox key that includes an indication of a lifetime of the middlebox key, receive, from a client device, one or more data packets including encrypted header data and a client device identifier, and determine whether to permit a transmission of the one or more data packets to the server or prevent a transmission of the one or more data packets to the server based on the middlebox key, the encrypted header data, and the client device identifier.

Abstract: A middlebox includes at least one processor and a memory storing one or more executable instructions that, when executed by the least one processor, cause the at least one processor to receive, from a server, a middlebox key that includes an indication of a lifetime of the middlebox key, receive, from a client device, one or more data packets including encrypted header data and a client device identifier, and determine whether to permit a transmission of the one or more data packets to the server or prevent a transmission of the one or more data packets to the server based on the middlebox key, the encrypted header data, and the client device identifier.

Abstract: A method for leveraging a first secure channel of communication between a first agent and a second agent to create a second secure channel of communication between the first agent and a third agent. The method includes creating the first secure channel of communication between the first agent and the second agent using a configurable data-driven initial process on a first computing device. Responsive to the first agent receiving a request from the third agent to establish the second secure channel of communication, the method further includes retrieving identifying information from the third agent. The method further includes ending the identifying information from the third agent to the second agent over the first secure channel of communication. Responsive to receiving approval of the third agent's request from the second agent, the method further includes establishing the second secure channel of communication.

Abstract: A method for leveraging a first secure channel of communication between a first agent and a second agent to create a second secure channel of communication between the first agent and a third agent. The method includes creating the first secure channel of communication between the first agent and the second agent using a configurable data-driven initial process on a first computing device. Responsive to the first agent receiving a request from the third agent to establish the second secure channel of communication, the method further includes retrieving identifying information from the third agent. The method further includes ending the identifying information from the third agent to the second agent over the first secure channel of communication. Responsive to receiving approval of the third agent's request from the second agent, the method further includes establishing the second secure channel of communication.

Abstract: An apparatus includes a computing system that is configured to receive, from an electronic device, a verification message indicating that the electronic device is not corrupt. The computing system is also configured to receive, from the electronic device, a unique universal identifier (UUID) that is associated with an application stored in a memory of the electronic device. The computing system is further configured to receive, from a management server of the one or more management servers, a server key stored in a credential store and that is associated with the UUID received from the electronic device. In addition, the computing system is configured to establish one or more secure channels for electronic data communication with the electronic device based on the received UUID and the server key.

Abstract: A method for leveraging a secure communication channel between a first agent and a second agent to authenticate an activity outside of the secure communication channel. The method includes receiving with the first agent a communication request through an insecure channel from the second agent. The method further includes receiving with the first agent an indicator of a relative identity relationship from the second agent. The method further includes sending with the first agent a request to authenticate the activity outside of the secure communication channel to the second agent. The method further includes authenticating the activity outside of the secure communication channel using the secure communication channel.

Abstract: A method for leveraging a first secure channel of communication between a first agent and a second agent to create a second secure channel of communication between the first agent and a third agent. The method includes creating the first secure channel of communication between the first agent and the second agent using a configurable data-driven initial process on a first computing device. Responsive to the first agent receiving a request from the third agent to establish the second secure channel of communication, the method further includes retrieving identifying information from the third agent. The method further includes ending the identifying information from the third agent to the second agent over the first secure channel of communication. Responsive to receiving approval of the third agent's request from the second agent, the method further includes establishing the second secure channel of communication.

Abstract: A method for leveraging a first secure channel of communication between a first agent and a second agent to create a second secure channel of communication between the first agent and a third agent. The method includes creating the first secure channel of communication between the first agent and the second agent using a configurable data-driven initial process on a first computing device. Responsive to the first agent receiving a request from the third agent to establish the second secure channel of communication, the method further includes retrieving identifying information from the third agent. The method further includes ending the identifying information from the third agent to the second agent over the first secure channel of communication. Responsive to receiving approval of the third agent's request from the second agent, the method further includes establishing the second secure channel of communication.

Abstract: An apparatus includes a computing system that is configured to receive, from an electronic device, a verification message indicating that the electronic device is not corrupt. The computing system is also configured to receive, from the electronic device, a unique universal identifier (UUID) that is associated with an application stored in a memory of the electronic device. The computing system is further configured to receive, from a management server of the one or more management servers, a server key stored in a credential store and that is associated with the UUID received from the electronic device. In addition, the computing system is configured to establish one or more secure channels for electronic data communication with the electronic device based on the received UUID and the server key.

Abstract: A method for leveraging a first secure channel of communication between a first agent and a second agent to create a second secure channel of communication between the first agent and a third agent. The method includes creating the first secure channel of communication between the first agent and the second agent using a configurable data-driven initial process on a first computing device. Responsive to the first agent receiving a request from the third agent to establish the second secure channel of communication, the method further includes retrieving identifying information from the third agent. The method further includes ending the identifying information from the third agent to the second agent over the first secure channel of communication. Responsive to receiving approval of the third agent's request from the second agent, the method further includes establishing the second secure channel of communication.

Abstract: A middlebox includes at least one processor and a memory storing one or more executable instructions that, when executed by the least one processor, cause the at least one processor to receive, from a server, a middlebox key that includes an indication of a lifetime of the middlebox key, receive, from a client device, one or more data packets including encrypted header data and a client device identifier, and determine whether to permit a transmission of the one or more data packets to the server or prevent a transmission of the one or more data packets to the server based on the middlebox key, the encrypted header data, and the client device identifier.

Abstract: A method for leveraging a secure communication channel between a first agent and a second agent to authenticate an activity outside of the secure communication channel. The method includes receiving with the first agent a communication request through an insecure channel from the second agent. The method further includes receiving with the first agent an indicator of a relative identity relationship from the second agent. The method further includes sending with the first agent a request to authenticate the activity outside of the secure communication channel to the second agent. The method further includes authenticating the activity outside of the secure communication channel using the secure communication channel.

Abstract: A method for leveraging a first secure channel of communication between a first agent and a second agent to create a second secure channel of communication between the first agent and a third agent. The method includes creating the first secure channel of communication between the first agent and the second agent using a configurable data-driven initial process on a first computing device. Responsive to the first agent receiving a request from the third agent to establish the second secure channel of communication, the method further includes retrieving identifying information from the third agent. The method further includes ending the identifying information from the third agent to the second agent over the first secure channel of communication. Responsive to receiving approval of the third agent's request from the second agent, the method further includes establishing the second secure channel of communication.