Patent attributes
A method and system for local key management setup and recovery includes receiving a lock request to secure one or more drives, then querying, for one or more key identifiers associated with a requesting device. The method includes: in response to receiving at least one key identifier, dynamically generating a first public-private key and a first public certificate associated with the at least one key identifier; and assigning the first public-private key and the first public certificate to the drives. The method further includes: concealing contents of the first public-private key and first public certificate; automatically transmitting the first public certificate to the first requesting device; and invoking the first public-private key to secure the drives. Finally, the method includes creating a recovery key, generating a recovery certificate associated with the recovery key, then, archiving the recovery key and the recovery certificate in a recovery database and a recovery server.