Distribution of encryption keys or other small parcels of sensitive data in a secure fashion has traditionally proved difficult. One of the difficulties arises from the problem of identifying valid devices which are allowed to receive the sensitive data. Without proper identification, sensitive data may be provided to an unauthorized or otherwise undesired device. Typically, this identification has either been insecure with minimal overhead, or secure but incurring significant operational overhead setting up the trust relationship a priori. This overhead increases where a data center incorporates multiple teams or groups each with their own requirements. In constantly changing and expanding server environments such as data centers, insecurity may lead to compromise of a server while more secure identification methods may prohibitively increase operational overhead.
Thus, there is a need to distribute keys or other small parcels of sensitive data in a dynamic server environment while minimizing operational overhead.