Cryptography – Key management – Key distribution
Reexamination Certificate
2006-11-30
2010-12-14
Moorthy, Aravind K (Department: 2431)
Cryptography
Key management
Key distribution
C713S153000, C713S165000, C713S189000, C726S026000, C711S004000, C711S100000, C711S162000, C711S163000, C707S609000, C707S641000, C707S670000, C707S687000, C707S821000
Reexamination Certificate
active
07853019
ABSTRACT:
A security appliance that encrypts and decrypts information is installed in each of redundant multi-paths between a host system and a back up tape storage system. The host system is arranged to detect failures in a primary path to the tape system being used. When the failure is detected, the host system enables transfers to the same tape system through an alternative path. Encryption keys and host/tape designators (identifiers) are broadcast among the security appliances in the alternative data paths. When the host system switches from the primary path to the secondary path, even though the secondary security appliance did not generate the encryption keys, the secondary path security appliance will have such keys and will properly encrypt and transfer data from the host to the tape system. The secondary will also properly retrieve encrypted data from the tape system, decrypt it and deliver it to the host. All of these operations will be transparent (invisible) to a running application in the host.
REFERENCES:
patent: 1310719 (1919-07-01), Vernam
patent: 4262329 (1981-04-01), Bright et al.
patent: 4558176 (1985-12-01), Arnold et al.
patent: 4731840 (1988-03-01), Mniszewski et al.
patent: 4757533 (1988-07-01), Allen et al.
patent: 5058162 (1991-10-01), Santon et al.
patent: 5185717 (1993-02-01), Mori
patent: 5235641 (1993-08-01), Nozawa
patent: 5265159 (1993-11-01), Kung
patent: 5375243 (1994-12-01), Parzych et al.
patent: 5495533 (1996-02-01), Linehan et al.
patent: 5677952 (1997-10-01), Blakeley, III et al.
patent: 5687237 (1997-11-01), Naclerio
patent: 5870468 (1999-02-01), Harrison
patent: 5931947 (1999-08-01), Burns
patent: 5933498 (1999-08-01), Schneck et al.
patent: 5940507 (1999-08-01), Cane
patent: 6073237 (2000-06-01), Ellison
patent: 6134660 (2000-10-01), Boneh et al.
patent: 6199163 (2001-03-01), Dumas et al.
patent: 6212600 (2001-04-01), Friedman et al.
patent: 6249866 (2001-06-01), Brundrett
patent: 6345101 (2002-02-01), Shukla
patent: 6356941 (2002-03-01), Cohen
patent: 6405315 (2002-06-01), Burns et al.
patent: 6414884 (2002-07-01), DeFelice et al.
patent: 6507911 (2003-01-01), Langford
patent: 6550011 (2003-04-01), Sims, III
patent: 6735693 (2004-05-01), Hamlin
patent: 6839437 (2005-01-01), Crane et al.
patent: 6857076 (2005-02-01), Klein
patent: 6915435 (2005-07-01), Merriam
patent: 7003674 (2006-02-01), Hamlin
patent: 7020779 (2006-03-01), Sutherland
patent: 7093127 (2006-08-01), McNulty et al.
patent: 7096355 (2006-08-01), Marvit et al.
patent: 7215771 (2007-05-01), Hamlin
patent: 7240197 (2007-07-01), Yamagami et al.
patent: 7260724 (2007-08-01), Dickinson et al.
patent: 2002/0138747 (2002-09-01), Clarke
patent: 2003/0028765 (2003-02-01), Cromer et al.
patent: 2004/0139240 (2004-07-01), DiCorpo et al.
patent: 2007/0112677 (2007-05-01), Witt et al.
patent: 2008/0065898 (2008-03-01), Greco et al.
patent: 2008/0144826 (2008-06-01), Chang
Anderson, et al., “The Steganographic File System,” Information Hiding, Second International Workshop, IH '98 Portland, Oregon. USA, Apr. 14-17, 1998, Proceedings, pp. 73-82, 1998.
Antonelli, et al., “The Packet Vault: Secure Storage of Network Data,” CITI Technical Report 98-5, pp. 1-15, Jun. 25, 1998.
Bashand, et al., “IBM Magstar Tape Drives—AIX High Availability SAN Failover for 3590,” IBM Magstar Tape Drives—SAN Failover Compatibility, IBM Corporation, Tucson, AZ, 10 pages, Jun. 12, 2001.
Blaze, “Oblivious Key Escrow,” Information Hiding, First International Workshop, Cambridge, UK, May 3D-Jun. 1, 1996, Proceedings, pp. 335-343, 1996.
Blaze, “A cryptographic File System for Unix,” Proceedings of the First ACM Conference on Computer and Communications Security, pp. 9-16 (1993).
Blaze, “Key Management in an Encrypting File System,” USENIX Summer 1994 Technical Conference, pp. 27-35, (Jun. 6-10, 1994).
Boneh, et al., “A Revocable Backup System,” In Proceedings 6th USENIX Security Conference, pp. 91-96, 1996.
Cattaneo, et al. “The Design and Implementation of a Transparent Cryptographic Filesystem for UNIX,” Proceedings of The FREENIX Track: 2001 UNIX Annual Technical Conference. pp. 199-212 (Jun. 25-30. 2001).
Christy, et al., “Mechanism for Secure Off-Site Computer Access,” IBM Technical Disclosure Bulletin. pp. 6754-6756. Apr. 1985.
Clark, “Physical Protection of Cryptographic Devices,” Lecture Notes in Computer Science. Advances in Cryptology—EUROCRYPT '87, pp. 83-93 (Apr. 13-15, 1987).
Coleman et al., “Mass Storage System Reference Manual: Version 4,” Technical Committee on Mass Storage Systems and Technology, IEEE, pp. 1-38, May 1990.
Comba, “Approaches to Cryptographic Key Management,” Symposium on Applied Computing. Proceedings of the Northeast ACM Symposium on Personal Computer Security, pp. 38-45 (1986).
Denning, “Cryptography and Data Security,” Addison-Wesley Publishing Co., pp. 164-169 and 179, 1982.
Di Crescenzo, et al., “How to Forget a Secret (Extended Abstract),” 16th Annual Symposium on Theoretical Aspects of Computer Science, pp. 500-509 (Mar. 4-6, 1999).
Dietrich, “Security Enclosure With Elastomeric Contact Stripes, ” IBM Technical Disclosure Bulletin, pp. 444-445, Feb. 1991.
“Disappearing Inc. Makes Old Email Vanish Everywhere; Reduces Corporate Liability as well as Improves Corporate Productivity by Enabling Sensitive Communications via Email-Company Business and Marketing,” Edge: Work-Group Computing Report, http://findarticles.com/p/articJes/mLmOWUB/is—1999—0cU 1/aL 56260487/print (Oct. 11, 1999).
Double, “Encryption Key Security by Electric Field Destruction of Memory Cells,” IBM Technical Disclosure Bulletin, pp. 8-11, Jan. 1989.
FIPS PUB 74, “Federal Information Processing Standards Publication 1981 Guidelines for Implementing and Using the NBS Data Encryption Standard,” Federal Information Processing Standards Publication 74, National Institute of Standards and Technology, Apr. 1, 1981, 39 pages.
FIPS PUB 140-1, “Security Requirements for Cryptographic Modules,” Federal Information Processing Standards Publication 140-1, National Institute of Standards and Technology, Jan. 11, 1994, 44 pages.
Flavin, et al., “Data Protection on Magnetic Media Via an Encrypting Controller,” IBM Technical Disclosure Bulletin, vol. 3D, No. 3, pp. 1284-1285 (Aug. 1987).
Garfinkel, S., “PGP: Pretty Good Privacy,” O'Reilly & Associates, pp. 43 and 65-67, Jan. 1995.
Garfinkel, S., “PGP: Pretty Good Privacy,” O'Reilly & Associates, pp. 54-55, 151-153, Jan. 1995.
Garfinkel, S., “Omniva's Self-Destructing Email,” Web Security, Privacy and Commerce, Second Edition, O'Reilly & Associates, Inc., Sebastopol, CA, pp. 280-283, Jan. 2002.
Gobioff, Howard, et al., “Security for Networked Attached Storage Devices,” Carnegie Mellon University Computer Science Technical Report CMU-CS-97-185, Oct. 1997, 20 pages.
Gobioff, Howard, “Security for a High Performance Commodity Storage Subsystem,” Carnegie Mellon University Computer Science Technical Report CMU-CS-99-160, Jul. 1999, 222 pages.
Gobioff, Howard, et al., “Smart Cards in Hostile Environments,” Proceedings of the Second USENIX Workshop on Electronic Commerce, pp. 23-28 (Nov. 18-21. 1996).
Graham, et al, “Data Protection at the Volume Level,” IBM Technical Disclosure Bulletin, pp. 146-148, Oct. 1988.
Gutmann, “Secure Deletion of Data from Magnetic and Solid-State Memory,” Proceedings of the Sixth Annual USENIX Security Symposium: Focusing on Applications of Cryptography, pp. 7-89 (Jul. 22-25,1996).
Hwang, et al., “An Access Control Scheme Based on Chinese Remainder Theorem and Time Stamp Concept,” Computers & Security, vol. 15. No. 1. pages 73-81,1996.
IBM Crypto Server Management General Information Manual, First Edition (May 2
Chaudhary Anant
Narver Andrew
Cesari and McKenna LLP
Moorthy Aravind K
NetApp, Inc.
LandOfFree
Tape failover across a cluster does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Tape failover across a cluster, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Tape failover across a cluster will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4225128