Dynamically binding network endpoints via key distribution

The invention claimed is: 1 . An Information Handling System (IHS), comprising that comprises: a processor; and a memory coupled to the processor, wherein the memory comprises program instructions stored thereon that, upon execution by the processor, cause the IHS to: obtain a network binding map that indicates a flat or hierarchical structure of a plurality of endpoints of a network; obtain a respective plurality of cryptographic keys for the plurality of endpoints; cryptographically sign or encrypt one or more keys of the plurality of cryptographic keys; and distribute the one or more cryptographically signed or encrypted keys of the plurality of cryptographic keys to individual endpoints of the plurality of endpoints based, at least in part, on the network binding map, wherein the plurality of endpoints store a public key of the IHS, and wherein the individual endpoints are configured to use the stored public key of the IHS to cryptographically decrypt or verify a signature of the one or more cryptographically signed or encrypted keys. 2 . The IHS of claim 1 , wherein to distribute the one or more keys of the plurality of cryptographic keys to the individual endpoints, the program instructions further cause the IHS to: distribute, to a first endpoint of the plurality of endpoints, only the one or more keys associated with a respective one or more other endpoints, of the plurality of endpoints, to which the first endpoint is bound, according to the network binding map. 3 . The IHS of claim 2 , wherein the first endpoint is configured to use the distributed one or more keys to authenticate the respective one or more other endpoints. 4 . The IHS of claim 1 , wherein to distribute the one or more keys of the plurality of cryptographic keys to the individual endpoints, the program instructions further cause the IHS to: distribute, to each endpoint of the plurality of endpoints, only the one or more keys associated with one or more other endpoints, of the plurality of endpoints, to which the respective endpoint is bound, according to the network binding map. 5 . The IHS of claim 1 , wherein the IHS obtains the respective plurality of cryptographic keys from a public key database. 6 . The IHS of claim 5 , wherein each of the plurality of endpoints create an individual key pair, that comprises an individual public key, and wherein each of the plurality of endpoints provide their individual public key to the public key database. 7 . The IHS of claim 1 , wherein the hierarchical structure of the plurality of endpoints of a network is a logical hierarchical structure. 8 . The IHS of claim 1 , wherein the hierarchical structure of the plurality of endpoints of a network is a physical hierarchical structure. 9 . The IHS of claim 1 , wherein the plurality of endpoints comprise Radio Units (RUs) and Distributed Units (DUs) of a radio access network (RAN). 10 . The IHS of claim 9 , wherein the network binding map comprises an RU-DU binding map that at least describes binding among at least some of the RUs and the DUs of the RAN, and wherein to distribute the one or more keys of the plurality of cryptographic keys to the individual endpoints, the program instructions further cause the IHS to: determine, based at least in part on the RU-DU binding map, one or more RUs to which a first DU is connected; distribute one or more respective keys associated with the one or more RUs to the first DU; and distribute a first DU key associated with the first DU to the one or more RUs. 11 . The IHS of claim 10 , wherein the first DU is configured to use the one or more respective keys associated with the one or more RUs to authenticate the one or more RUs, and wherein each of the one or more RUs is configured to use the first DU key to authenticate the first DU. 12 . One or more non-transitory computer-readable storage media which comprise stored program instructions that when executed on or across one or more processors of an Information Handling System (IHS), cause the one or more processors to: obtain a network binding map that indicates a hierarchical structure of a plurality of Radio Units (RUs) and Distributed Units (DUs) of a radio access network (RAN); obtain a plurality of cryptographic keys for the respective plurality of RUs and DUs; distribute one or more RU keys, of the plurality of cryptographic keys, that correspond to one or more of the RUs, to a first DU based, at least in part, on the network binding map; and distribute a first DU key that corresponds to the first DU to the one or more RUs based, at least in part, on the network binding map. 13 . The one or more non-transitory computer-readable storage media of claim 12 , wherein the one or more RU keys are used by the first DU to authenticate the one or more RUs, and wherein the first DU key is used by each of the one or more RUs to authenticate the first DU. 14 . A method, comprising: obtaining, by a controller of a network, a network binding map indicating a flat or hierarchical structure of a plurality of endpoints of the network, wherein the plurality of endpoints comprise Radio Units (RUs) and Distributed Units (DUs) of a radio access network (RAN); obtaining, by the controller, a plurality of cryptographic keys for the respective plurality of endpoints; and distributing, by the controller, one or more keys of the plurality of cryptographic keys to individual endpoints of the plurality of endpoints based, at least in part, on the network binding map. 15 . The method of claim 14 , wherein distributing the one or more keys to the individual endpoints further comprises: distributing, to a first endpoint of the plurality of endpoints, only the one or more keys associated with a respective one or more other endpoints, of the plurality of endpoints, to which the first endpoint is bound, according to the network binding map. 16 . The method of claim 15 , wherein the first endpoint is configured to use the distributed one or more keys to authenticate the respective one or more other endpoints. 17 . The method of claim 14 , wherein the network binding map comprises an RU-DU binding map that at least describes binding among at least some of the RUs and the DUs of the RAN, and wherein distributing the one or more keys to the individual endpoints further comprises: determining, by the controller and based at least in part on the RU-DU binding map, one or more RUs to which a first DU is connected; distributing, by the controller, one or more respective keys associated with the one or more RUs to the first DU; and distributing, by the controller, a first DU key associated with the first DU to the one or more RUs.