SECURE COMPUTING ENVIRONMENT IN A TRANSPORTABLE CONTAINER
First Claim
1. One or more computer-readable media comprising computer-executable instructions for protecting data within a secure container, the computer-executable instructions directed to steps comprising:
- receiving a request, from a container server internal to the secure container, for a container server cryptographic key associated with the container server that enables the container server to access encrypted data;
receiving sensor data from one or more sensors of the secure container;
providing the container server cryptographic key to the requesting container server if the sensor data has been received in an uninterrupted manner since the secure container was last sealed and if the sensor data indicates that the secure container has remained sealed since it was last sealed.
2 Assignments
0 Petitions
Accused Products
Abstract
A secure container can comprise a security server, one or more container servers, and one or more sensors that can detect a breach of the physically secure computing environment provided by the container. A management server external to the container can be informed when the container is sealed and authorized and can subsequently provide a cryptographic key enabling the security server in the container to boot. Each container server can request and receive a cryptographic key from the security server enabling them to boot. If the container is breached, such keys can be withheld and any computing device that is powered off, or restarted, will be unable to complete a subsequent boot. If the container loses a support system and is degraded, so long as the security server does not lose power, it can provide the cryptographic keys to container servers restarted after the degradation is removed.
31 Citations
20 Claims
-
1. One or more computer-readable media comprising computer-executable instructions for protecting data within a secure container, the computer-executable instructions directed to steps comprising:
-
receiving a request, from a container server internal to the secure container, for a container server cryptographic key associated with the container server that enables the container server to access encrypted data; receiving sensor data from one or more sensors of the secure container; providing the container server cryptographic key to the requesting container server if the sensor data has been received in an uninterrupted manner since the secure container was last sealed and if the sensor data indicates that the secure container has remained sealed since it was last sealed. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A secure container comprising:
-
at least one connection to a network; one or more container servers providing services over the network, wherein at least one of the one or more container servers requires a container server cryptographic key to access its data; one or more sensors monitoring physical security of the secure container; and at least one security server communicationally coupled to the one or more container servers and the one or more sensors, wherein the at least one security server provides the container server cryptographic key to the at least one of the one or more container servers if the communicational coupling between the at least one security server and the one or more sensors has remained uninterrupted since the secure container was last sealed and if sensor data from the one or more sensors indicates that the secure container has remained sealed since it was last sealed. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of authorizing a secure container comprising one or more container servers, one or more sensors and at least one security server, the method comprising the steps of:
-
verifying proper operation of the one or more sensors; sealing the secure container after the verifying; and authorizing the secure container with a management server external to the secure container, the authorizing enabling the management server to provide a security server cryptographic key to the at least one security server, the security server cryptographic key enabling the at least one security server to access its data. - View Dependent Claims (18, 19, 20)
-
Specification