SECURE COMMUNICATIONS IN COMPUTER CLUSTER SYSTEMS

US 20090245518A1
Filed: 03/26/2008
Published: 10/01/2009
Est. Priority Date: 03/26/2008
Status: Active Grant

First Claim

Patent Images

1. A system to improve communication security for cluster machine processing, the system comprising:

a plurality of interconnected computers that can jointly process data;

a shared secret key used by each of said plurality of interconnected computers to at least one of encrypt, decrypt, and authenticate data being sent or received from one of said plurality of interconnected computers to another of said plurality of interconnected computers; and

a new shared secret key used by each of said plurality of interconnected computers to at least one of encrypt, decrypt, and authenticate data being sent or received from one of said plurality of interconnected computers to another of said plurality of interconnected computers, and said new shared secret key coexists with said shared secret key without adversely affecting the joint processing of data performed by said plurality of interconnected computers.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system to improve communication security in cluster machine processing may include interconnected computers that can jointly process data. The system may also include a shared secret key used by each of the interconnected computers to encrypt, decrypt, and/or authenticate data being sent, or received, from one of the interconnected computers to another of the interconnected computers. The system may further include a new shared secret key used by each of the interconnected computers to encrypt, decrypt, and/or authenticate data being sent, or received, from one of the interconnected computers to another of the interconnected computers. In addition, the new shared secret key may coexist with the shared secret key without adversely affecting the joint processing of data performed by the plurality of interconnected computers.

Citations

20 Claims

1. A system to improve communication security for cluster machine processing, the system comprising:
- a plurality of interconnected computers that can jointly process data;
  
  a shared secret key used by each of said plurality of interconnected computers to at least one of encrypt, decrypt, and authenticate data being sent or received from one of said plurality of interconnected computers to another of said plurality of interconnected computers; and
  
  a new shared secret key used by each of said plurality of interconnected computers to at least one of encrypt, decrypt, and authenticate data being sent or received from one of said plurality of interconnected computers to another of said plurality of interconnected computers, and said new shared secret key coexists with said shared secret key without adversely affecting the joint processing of data performed by said plurality of interconnected computers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1 wherein each of said plurality of interconnected computers are connected to each other via at least one of private communication networks and public communication networks.
  - 3. The system of claim 1 wherein each of said plurality of interconnected computers votes when to replace said shared secret key with said new shared secret key for said plurality of interconnected computers.
  - 4. The system of claim 3 wherein each of said plurality of interconnected computers authenticates transmitted data with said shared secret key, and authenticates received data with said shared secret key or said new shared secret key based upon the voting.
  - 5. The system of claim 3 wherein each of said plurality of interconnected computers authenticates transmitted data with said new shared secret key, and authenticates received data with said shared secret key or said new shared secret key based upon the voting.
  - 6. The system of claim 3 wherein each of said plurality of interconnected computers authenticates transmitted data with said new shared secret key, and authenticates received data with said new shared secret key based upon the voting.
  - 7. The system of claim 1 wherein each of said plurality of interconnected computers indicates whether said shared secret key or said new shared secret key is used to authenticate outgoing data in a header field for the data.
  - 8. The system of claim 1 wherein each of said plurality of interconnected computers indicates a count of said shared secret key and said new shared secret key it has in a header field for the data.

9. A method to improve communication security for cluster machine processing, the method comprising:
- using a shared secret key amongst a plurality of interconnected computers to at least one of encrypt, decrypt, and authenticate data being sent, or received, from one of the plurality of interconnected computers to another of the plurality of interconnected computers; and
  
  using a new shared secret key by each of the interconnected computers to at least one of encrypt, decrypt, and authenticate data being sent, or received, from one of the interconnected computers to another of the interconnected computers without adversely affecting the joint processing of data performed by the plurality of interconnected computers.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9 further comprising voting by each of the interconnected computers to replace the shared secret key with the new shared secret key for the whole group of interconnected computers.
  - 11. The method of claim 10 further comprising authenticating transmitted data with the shared secret key, while authenticating received data with the shared secret key or the new shared secret key based upon the voting.
  - 12. The method of claim 10 further comprising authenticating transmitted data with the new shared secret key, while authenticating received data with the shared secret key or the new shared secret key based upon the voting.
  - 13. The method of claim 10 further comprising authenticating transmitted data with the new shared secret key, while authenticating received data with the new shared secret key based upon the voting.
  - 14. The method of claim 9 further comprising indicating whether the shared secret key or the new shared secret key is used to authenticate outgoing data in a header field for the data.

15. A computer program product embodied in a tangible medium comprising:
- computer readable program codes coupled to the tangible medium to improve communication security for cluster machine processing, the computer readable program codes configured to cause the program to;
  
  use a shared secret key amongst a plurality of interconnected computers to at least one of encrypt, decrypt, and authenticate data being sent, or received, from one of the plurality of interconnected computers to another of the plurality of interconnected computers; and
  
  use a new shared secret key by each of the interconnected computers to at least one of encrypt, decrypt, and authenticate data being sent, or received, from one of the interconnected computers to another of the interconnected computers without adversely affecting the joint processing of data performed by the plurality of interconnected computers.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer program product of claim 15 further comprising program code configured to:
    - enable voting by each of the interconnected computers to replace the shared secret key with the new shared secret key for the whole group of interconnected computers.
  - 17. The computer program product of claim 16 further comprising program code configured to:
    - authenticate transmitted data with the shared secret key, while authenticating received data with the shared secret key or the new shared secret key based upon the voting.
  - 18. The computer program product of claim 16 further comprising program code configured to:
    - authenticate transmitted data with the new shared secret key, while authenticating received data with the shared secret key or the new shared secret key based upon the voting.
  - 19. The computer program product of claim 16 further comprising program code configured to:
    - authenticate transmitted data with the new shared secret key, while authenticating received data with the new shared secret key based upon the voting.
  - 20. The computer program product of claim 15 further comprising program code configured to:
    - indicate whether the shared secret key or the new shared secret key is used to authenticate outgoing data in a header field for the data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Sayre, Johannes, Suri, Hemant R., DeRobertis, Christopher V., Maerean, Serban C., Bae, Myung M., Hare, John R., Knop, Felipe, Gardner, Robert K., Gensler, Robert R. JR.

Granted Patent

US 8,767,964 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/273
CPC Class Codes

G06F 21/30   Authentication, i.e. establ...

H04L 63/0428   wherein the data content is...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/065   for group communications cr...

H04L 63/068   using time-dependent keys, ...

H04L 63/123   received data contents, e.g...

H04L 9/08   Key distribution or managem...

H04L 9/0816   Key establishment, i.e. cry...

H04L 9/0838   Key agreement, i.e. key est...

H04L 9/085   Secret sharing or secret sp...

H04L 9/0891   Revocation or update of sec...

H04L 9/12   Transmitting and receiving ...

H04L 9/14   using a plurality of keys o...

H04L 9/16   the keys or algorithms bein...

SECURE COMMUNICATIONS IN COMPUTER CLUSTER SYSTEMS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE COMMUNICATIONS IN COMPUTER CLUSTER SYSTEMS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links