METHOD AND APPARATUS FOR REDUCING COMMUNICATION SYSTEM DOWNTIME WHEN CONFIGURING A CRYTOGRAPHIC SYSTEM OF THE COMMUNICATION SYSTEM
First Claim
1. A method for reducing communication system downtime when enabling cryptographic operation of a cryptographic system of the communication system upon receipt of a command to enable cryptographic communication, the cryptographic system including a first cryptographic device coupled to a plurality of second cryptographic devices via a communication network of the communication system, the method comprising the steps of:
- causing a first mode of the first cryptographic device and the plurality of second cryptographic devices to be suspended;
the first cryptographic device sequentially determining a readiness state of each of the plurality of second cryptographic devices, wherein a first readiness state indicates said first cryptographic device or one of said plurality of second cryptographic devices is able to participate in synchronized cryptographic communications and a second readiness state indicates said first cryptographic device or one of said plurality of second cryptographic devices is not able to participate in synchronized cryptographic communications; and
causing the first cryptographic device and each of the plurality of second cryptographic devices to synchronously switch to operate in a second cryptographic mode if each of the plurality of second cryptographic devices is determined to have a first readiness state, wherein the first cryptographic mode is a pass-through mode rendering said first cryptographic device and one of said plurality of second cryptographic devices transparent to the communications network, and the second cryptographic mode is a secure mode enabling cryptographic operation on data transmitted via the communication network.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed is a method and apparatus for reducing communication system downtime when enabling cryptographic operation of a cryptographic system of the communication system where the cryptographic system includes a first cryptographic device operatively coupled to a plurality of second cryptographic devices via a communication network of the communication system. The method includes causing a pass-through mode of the second cryptographic devices to be suspended, sequentially determining a state of each of the second cryptographic devices, causing the second cryptographic devices and the first cryptographic device to substantially simultaneously operate in a secure mode if each of the second cryptographic devices is determined to have a first state, and causing the second cryptographic devices and the first cryptographic device to operate in the pass-through mode if at least one of the plurality of second cryptographic devices is determined to have a second state.
-
Citations
56 Claims
-
1. A method for reducing communication system downtime when enabling cryptographic operation of a cryptographic system of the communication system upon receipt of a command to enable cryptographic communication, the cryptographic system including a first cryptographic device coupled to a plurality of second cryptographic devices via a communication network of the communication system, the method comprising the steps of:
-
causing a first mode of the first cryptographic device and the plurality of second cryptographic devices to be suspended; the first cryptographic device sequentially determining a readiness state of each of the plurality of second cryptographic devices, wherein a first readiness state indicates said first cryptographic device or one of said plurality of second cryptographic devices is able to participate in synchronized cryptographic communications and a second readiness state indicates said first cryptographic device or one of said plurality of second cryptographic devices is not able to participate in synchronized cryptographic communications; and causing the first cryptographic device and each of the plurality of second cryptographic devices to synchronously switch to operate in a second cryptographic mode if each of the plurality of second cryptographic devices is determined to have a first readiness state, wherein the first cryptographic mode is a pass-through mode rendering said first cryptographic device and one of said plurality of second cryptographic devices transparent to the communications network, and the second cryptographic mode is a secure mode enabling cryptographic operation on data transmitted via the communication network. - View Dependent Claims (2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 56)
-
-
7. (canceled)
-
13. A method for reducing communication system downtime when changing at least one parameter value of a cryptographic system of the communication system, the cryptographic system including a first cryptographic device operatively coupled to a plurality of second cryptographic devices via a communication network, each of the first cryptographic device and the plurality of second cryptographic devices operating in a second mode using a first set of parameter values, the method comprising:
-
detecting receipt of a first command to synchronously switch from a first cryptographic mode to a second cryptographic mode using a second set of parameter values for the plurality of second cryptographic devices and the first cryptographic device wherein the first cryptographic mode is a pass-through mode rendering said first device or one of said plurality of second devices transparent to the communications system and the second cryptographic mode is a secure mode enabling cryptographic operation o data transmitted via the communication system; sequentially determining a state of each of the plurality of second cryptographic devices, wherein a first readiness state indicates said first device or one of said plurality of second devices is able to participate in synchronized cryptographic communications and a second readiness state indicates said first device or one of said plurality of second devices is not able to participate in synchronized cryptographic communications; and causing the plurality of second cryptographic devices and the first cryptographic device to substantially simultaneously operate in the second mode using the second set of parameter values if each of the plurality of second cryptographic devices is determined to have the first state, wherein at least one of the second set of parameter values is different from the first set of parameter values. - View Dependent Claims (14, 15, 16, 17, 19, 20, 21, 22, 23, 24, 25)
-
-
18. (canceled)
-
26. A method for reducing communication system downtime when enabling cryptographic operation of a cryptographic system of the communication system upon receipt of a command to enable cryptographic operation, the cryptographic system including a first cryptographic device operatively coupled to a plurality of second cryptographic devices via a communication network of the communication system, the method comprising the steps of:
-
The first cryptographic device sequentially determining a readiness state of each of the plurality of second cryptographic devices, wherein a first readiness state indicates said first device or one of said plurality of second devices is able to participate in synchronized cryptographic communications and a second readiness state indicates said first device or one of said plurality of second devices is not able to participate in synchronized cryptographic communications; and causing a first cryptographic device and each of the plurality of second cryptographic devices to synchronously switch to operate in a second mode if the readiness state of each of the plurality of second cryptographic devices is determined to have the first state, wherein the first cryptographic mode is a pass-through mode rendering said first device or one of said plurality of second devices transparent to the communications system and the second mode is a secure mode that enables cryptographic operation on data transmitted via the communication system. - View Dependent Claims (27, 28, 29, 30, 31, 32)
-
-
33. (canceled)
-
34. An apparatus for reducing communication system downtime when enabling cryptographic operation of a cryptographic system of the communication system, the communication system including a communication network, the apparatus comprising:
-
a first cryptographic device comprising a first microcontroller; and a plurality of second cryptographic devices operatively coupled to the first cryptographic device via the communication network, each of the plurality of second cryptographic devices comprising a second microcontroller, wherein the first microcontroller is adapted to; cause a first mode of the first cryptographic device and the plurality of second cryptographic devices to be suspended on reception of a first command, wherein the first cryptographic mode is a pass-through mode rendering said first cryptographic device or one of the plurality of second cryptographic devices transparent to the communication network, and a second cryptographic mode is a secure mode enabling cryptographic operations on data transmitted via the communication network, sequentially determine a readiness state of each of the plurality of second cryptographic devices wherein the first readiness state indicates said first device or one of the plurality of second devices is able to participate in synchronized cryptographic communications, and a second readiness state indicates said first device or one of said plurality of second devices is not able to participate in synchronized cryptographic communications; and cause the first cryptographic device and each of the plurality of second cryptographic devices to synchronously switch to operate in a second mode if each of the plurality of second cryptographic devices is determined to have the first state. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. An apparatus for reducing communication system downtime when changing at least one parameter value of a cryptographic system of the communication system, the communication system including a communication network, the apparatus comprising:
-
a first cryptographic device operating in a second mode using a first set of parameter values, the first cryptographic device comprising a first microcontroller; and a plurality of second cryptographic devices operatively coupled to the first cryptographic device via the communication network, each of the plurality of second cryptographic devices operating in a second cryptographic mode using a first set of parameter values, each of the plurality of second cryptographic devices comprising a second microcontroller, wherein a first cryptographic mode is a pass-through mode rendering said first device or one of said plurality of second devices transparent to the communication system, and the second cryptographic mode is a secure mode enabling cryptographic operation on data transmitted via the communication system, and wherein the first microcontroller is adapted to; detect receipt of a first command to synchronously enable second mode operation using a second set of parameter values for the plurality of second cryptographic devices and the first cryptographic device, sequentially determine a readiness state of each of the plurality of second cryptographic devices wherein a first readiness state indicates said first device or one of said plurality of second devices is able to participate in synchronized cryptographic communications and a second readiness state indicates said first device or one of said plurality of second devices is not able to participate in synchronized cryptographic communications, and cause each of the plurality of second cryptographic devices and the first cryptographic device to synchronously switch to operate in the second mode using the second set of parameter values if each of the readiness state of the plurality of second cryptographic devices is determined to have the first state, and wherein at least one of the second set of parameter values is different from the first set of parameter values. - View Dependent Claims (46, 47, 48, 50, 51, 52, 53, 54, 55)
-
-
49. (canceled)
Specification