SYSTEMS AND METHODS FOR SECURED COMMUNICATION HARDWARE SECURITY MODULE AND NETWORK-ENABLED DEVICES
First Claim
1. A system for secured communication with a plurality of network-enabled devices, comprising:
- said plurality of network-enabled devices each configured to;
establish a secured communication channel with a hardware security module (HSM) over a network;
offload its key management and crypto operations to the HSM once the network-enabled device is authenticated by the HSM;
said HSM having a plurality of HSM service units, wherein each of the HSM service units is configured to;
authenticate one of the network-enabled devices based on credentials provided by the network-enabled device over the secured communication channel;
process the key management and crypto operations offloaded from the network-enabled device once it is authenticated;
communicate results of the key management and crypto operations back to the network-enabled device via the secured communication channel.
3 Assignments
0 Petitions
Accused Products
Abstract
A new approach is proposed that contemplates systems and methods to support security communication between a hardware security module (HSM) and a plurality of network-enabled devices to offload their key storage, management, and crypto operations to the HSM. The HSM includes a plurality of HSM service units, each configured to authenticate one of the network-enabled devices based on its credentials and process the key management and crypto operations offloaded from the network-enabled device once it is authenticated. The HSM service unit also communicates results of the key management and crypto operations back to the network-enabled device via the secured communication channel.
-
Citations
25 Claims
-
1. A system for secured communication with a plurality of network-enabled devices, comprising:
-
said plurality of network-enabled devices each configured to; establish a secured communication channel with a hardware security module (HSM) over a network; offload its key management and crypto operations to the HSM once the network-enabled device is authenticated by the HSM; said HSM having a plurality of HSM service units, wherein each of the HSM service units is configured to; authenticate one of the network-enabled devices based on credentials provided by the network-enabled device over the secured communication channel; process the key management and crypto operations offloaded from the network-enabled device once it is authenticated; communicate results of the key management and crypto operations back to the network-enabled device via the secured communication channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for secured communication with a plurality of network-enabled devices, comprising:
-
establishing a secured communication channel between one of the network-enabled devices a hardware security module (HSM) over a network; authenticating the network-enabled device based on its credentials provided over the secured communication channel; offloading key management and crypto operations of the network-enabled device to one of a plurality of HSM service units of the HSM once the network-enabled device is authenticated by the HSM; processing the key management and crypto operations offloaded from the network-enabled device by its HSM service unit; communicating results of the key management and crypto operations back to the network-enabled device via the secured communication channel. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification