Patent
Method and system for automatically migrating encryption keys between key managers in a network storage system
Robert Przykucki,Gaurav Agarwal,Leo Janze,Logan Rand Jennings,Robert Bartozynski +4 more
- 30 Apr 2009
33
TL;DR: In this paper, the authors propose a method and system for a remote key manager performing cryptographic operations upon a failure of a protected key manager, using a hardware encryption key (key) automatically migrated from the protected key managers.
read more
Abstract: Embodiments of the present invention provide a method and system, in a network storage system, for a remote key manager performing cryptographic operations upon a failure of a protected key manager, using a hardware encryption key (key) automatically migrated from the protected key manager. During initialization, the protected and remote key managers authenticate the communication channel (e.g. trustee link) between each other. A new key generated by dedicated hardware of the protected key manager is used by the protected key manager to perform cryptographic operations on data of a storage server. The remote key manager then requests and obtains the new key from the protected key manager across the trustee link. Upon a failure of the protected key manager, the remote key manager performs cryptographic operations on data of the storage server using the migrated key, ensuring accessibility and security of such data.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Patent
Redundant key management
Sandeep Kumar,Gregory Branchek Roth,Gregory Alan Rubin,Mark C. Seigle,Kamran Tirdad +4 more
- 22 Jan 2016
TL;DR: In this paper, a data storage service redundantly stores data and keys used to encrypt the data, such as the first cryptographic keys and the second cryptographic keys, in the event access to a second cryptographic key is lost.
75
Patent
Secure escrow service
Dallas De Atley,Jerrold Von Hauck,Mitchell D. Adler +2 more
- 14 Feb 2013
TL;DR: In this paper, the authors proposed a method of restoring confidential information items of a first device to a second device by using a set of servers, where a public and private key pair are generated and the private key is linked to the hash of executable code of the servers at the time of generating the public and public keys.
34
Patent
Multi-tenancy architecture
Richard J. Takahashi
- 13 Mar 2014
TL;DR: In this article, a system includes a security device, configured for cryptographic processing, coupled to receive incoming data from a plurality of data sources (e.g., data from different customers).
23
Patent
Volume Encryption Lifecycle Management
Sachin Goel,Stein E. Dolan,William B. Lees +2 more
- 19 Dec 2011
TL;DR: In this paper, an orchestrating agent is installed on a device upon which encryption management is desired and facilitates performing actions to protect the data of the device during the encryption lifecycle.
17
Patent
Multi-level independent security architecture
Richard J. Takahashi
- 05 Mar 2014
TL;DR: In this paper, a system includes a plurality of data input ports, each port corresponding to one of a number of different levels of security classification; a security device, configured for cryptographic processing, coupled to receive incoming data from each of the plurality of input ports.
14
References
Patent
Method and apparatus for verifiably providing key recovery information in a cryptographic system
Rosario Gennaro,Paul A. Karger,Stephen M. Matyas,Mohammad Peyravian,David R. Safford,Nevenko Zunic +5 more
- 03 Jan 1997
TL;DR: In this article, the authors proposed a method for verifiably providing key recovery information to one or more trustees in a cryptographic communication system having a sender and a receiver, where each communicating party has its own Diffie-Hellman key pair comprising a secret value and corresponding public value, as does each trustee.
133
Patent
Method and apparatus for interoperable validation of key recovery information in a cryptographic system
Coimbatore S. Chandersekaran,Rosario Gennaro,Sarbari Gupta,Stephen M. Matyas,David R. Safford,Nevenko Zunic +5 more
- 24 Jul 1997
TL;DR: In this paper, a key recovery validation service (KRVS) is used to verify the ability of a sender to correctly generate key recovery information from encrypted data, which is transmitted along with the encrypted data to the receiver.
89
Patent
Framework-based cryptographic key recovery system
Sekar Chandersekaran,Sarbari Gupta +1 more
- 14 Nov 1997
TL;DR: Secure Key Management Framework (SKMF) as discussed by the authors defines an infrastructure for a complete set of cryptographic services augmented with key recovery enablement, where the application layer code invokes the cryptographic API and key-recovery API supported by SKMF.
61
Patent
System, method and apparatus for cryptography key management for mobile devices
Ravigopal Vennelakanti,Savio Fernandes +1 more
- 05 Aug 2005
TL;DR: In this article, a technique that binds encryption and decryption keys using a UID, a UDID, and a Pswd to a client mobile device in an enterprise is presented.
54
Patent
Key recovery system
Hiroyuki c,o Fujitsu Limited Ando,Seiichi Domyo,Seiko Kanno,Yasutsugu c,o Fujitsu Limited Kuroda,Hiroshi Miyauchi,Ichirou c,o Fujitsu Limited Morita,Kazue Sako,Naoya c,o Fujitsu Limited Torii,Hiroyoshi Tsuchiya,Masashi Yamazaki +13 more
- 31 Mar 1998
TL;DR: In this paper, a key recovery information distribution device is provided between a recoverer device and key recovery devices, which recovers a data key for the recoveer device, and reduces the load of the device.
50
Related Papers (5)
Thomas Alan Reid,Mark Edmonson Moffitt +1 more
- 31 Oct 2012
Toshihiro Morita,Shin Ogata,Susumu Morita +2 more
- 12 Jul 2007
Ron M. Redlich,Martin A. Nemzow +1 more
- 29 Apr 2009
[...]
Selim Aissi,Sekhar Nagasundaram +1 more
- 03 Jul 2013