×

KEY MANAGEMENT IN SECURE NETWORK ENCLAVES

  • US 20100318800A1
  • Filed: 06/11/2009
  • Published: 12/16/2010
  • Est. Priority Date: 06/11/2009
  • Status: Active Grant
First Claim
Patent Images

1. A method of operating a computer system to provide secure communications, the computer system comprising a plurality of host devices interconnected by a network and organized into enclaves, and the method comprising:

  • in each enclave of the plurality of enclaves, providing a plurality of pair-wise enclave keys, the plurality of pair-wise enclave keys comprising, for each of a plurality of pairs of enclaves including the enclave, a pair-wise enclave key;

    in at least one processor, for each of a plurality of enclaves, computing for each of a plurality of server devices in the enclave a plurality of server keys, each of the plurality of server keys being computed from a pair-wise enclave key for a pair of enclaves including the enclave of the server;

    establishing a security association between a first host device in a first enclave of the plurality of enclaves and a second host device in a second enclave of the plurality of enclaves, the establishing comprising;

    with the first host device, generating security parameters of the security association, the security parameters being generated from a selected server key of the plurality of server keys computed for the first host device, the server key comprising a server key computed from a pair-wise enclave key for the first enclave and the second enclave.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×