Security architecture for distributed processing systems and associated method

US 6,847,995 B1
Filed: 08/25/2000
Issued: 01/25/2005
Est. Priority Date: 03/30/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method of operating a distributed processing system having a network coupling a multiplicity of Host distributed devices for processing workloads for the distributed processing system, a plurality of Client systems requesting processing of the workloads, and a Server system for selectively distributing the workloads form the plurality of Client systems for processing on the distributed processing system comprising the steps of:

generating a security measure for electronic information to be sent from the Server system to the multiplicity of Host distributed devices;

partitioning the security measure into a number of N security measure sections;

sending first electronic information and a first security measure section selected from the N security measure sections to a first Host distributed device;

providing first data to the first Host distributed device defining which security measure section of the possible N security measure sections corresponds to the first security measure section for each security measure generated for the electronic information;

receiving particular electronic information and a corresponding particular security measure section in the first Host distributed device;

processing the particular electronic information thereby generating a reconstructed security measure; and

comparing the particular security measure section to a security section within the reconstructed security measure defined by the first data thereby validating the particular electronic information.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security architecture and an associated method are disclosed for providing secure transmissions within distributed processing systems. More particularly, a server system is coupled to a network that is configured to be coupled to a plurality of distributed devices. The server system utilizes a security measure that is partitioned and distributed to multiple distributed devices. The distributed device receiving electronic information reconstructs the security measure by obtaining the various partitioned portions from the multiple distributed devices. In addition, the security measure may be generation of a hash value for the electronic information to be transmitted.

142 Citations

View as Search Results

22 Claims

1. A method of operating a distributed processing system having a network coupling a multiplicity of Host distributed devices for processing workloads for the distributed processing system, a plurality of Client systems requesting processing of the workloads, and a Server system for selectively distributing the workloads form the plurality of Client systems for processing on the distributed processing system comprising the steps of:
- generating a security measure for electronic information to be sent from the Server system to the multiplicity of Host distributed devices;
  
  partitioning the security measure into a number of N security measure sections;
  
  sending first electronic information and a first security measure section selected from the N security measure sections to a first Host distributed device;
  
  providing first data to the first Host distributed device defining which security measure section of the possible N security measure sections corresponds to the first security measure section for each security measure generated for the electronic information;
  
  receiving particular electronic information and a corresponding particular security measure section in the first Host distributed device;
  
  processing the particular electronic information thereby generating a reconstructed security measure; and
  
  comparing the particular security measure section to a security section within the reconstructed security measure defined by the first data thereby validating the particular electronic information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the security measure is a hash value generated for the electronic information using a hash algorithm.
  - 3. The method of claim 2, wherein the hash value comprises M binary bits.
  - 4. The method of claim 3, wherein a security measure section is generated by dividing the hash value into N partitioned hash values comprising M/N binary bits.
  - 5. The method of claim 4, wherein the first Host distributed device processes the particular electronic information with the hash algorithm thereby generating a reconstructed hash value for the particular electronic information.
  - 6. The method of claim 1, wherein the electronic information comprises a project workload for processing on the distributed processing system.
  - 7. The method of claim 6, wherein the project workload comprises executable code.
  - 8. The method of claim 7, wherein the electronic information comprises workload data required by the project workload.
  - 9. The method of claim 1, wherein the first Host distributed device notifies the Server system of a security breach if the particular security section does not match the security section within the reconstructed security measure defined by the first data.
  - 10. The method of claim 1, wherein the first data a particular Host distributed device receives is modified to vary which security measure section of the possible N security measure sections is sent to the first Host distributed device for each security measure generated for the electronic information.
  - 11. The method of claim 1, wherein the first data is encrypted by the Server system and decrypted by the first Host distributed device.

12. A distributed processing system with security measures, comprising:
- a Server system for distributing workloads to a multiplicity of Host distributed devices for processing for the distributed processing system;
  
  a network for coupling the Server system to the multiplicity of Host to a plurality of Host distributed;
  
  and a plurality of Client systems coupled to the network and sending workloads to the Server system for processing on the distributed processing system; and
  
  a security subsystem within the Server system for generating a security measure for electronic information being sent from the Server system to the Host distributed devices and partitioning the security measure into a number N of security measure sections, wherein a first security measure section selected from the N security measure sections is sent to the first Host distributed device when the Server system sends the first Host distributed device the electronic information, wherein the security subsystem sends first data to the first Host distributed device indicating which security measure section of the security measure corresponds to the first security measure section;
  
  wherein the first Host distributed device has first circuitry for processing received particular electronic information thereby generating a reconstructed security measure; and
  
  Wherein the first Host distributed device has compare circuitry for comparing the particular security measure section to a security section within the reconstructed security measure defined by the first data thereby validating the particular electronic information.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The distributed processing system of claim 12, wherein the security measure is a hash value generated for the electronic information using a hash algorithm.
  - 14. The distributed processing system of claim 13, wherein the hash value comprises M binary bits.
  - 15. The distributed processing system of claim 14, wherein a security measure section is generated by dividing the hash value into N partitioned hash values comprising M/N binary bits.
  - 16. The distributed processing system of claim 15, wherein the first Host distributed device processes the particular electronic information with the hash algorithm thereby generating a reconstructed hash value for the particular electronic information.
  - 17. The distributed processing system of claim 13, wherein the first data is encrypted by the Server system and decrypted by the first Host distributed device.
  - 18. The distributed processing system of claim 14, wherein the first Host distributed device notifies the Server system of a security breach if the particular security section does not match the security section within the reconstructed security measure defined by the first data.
  - 19. The distributed processing system of claim 14, wherein the first data a particular Host distributed device receives is modified to vary which security measure section of the possible N security measure sections is sent to the first Host distributed device for each security measure generated for the electronic information.
  - 20. The distributed processing system of claim 13, wherein the electronic information comprises a project workload for processing on the distributed processing system.
  - 21. The distributed processing system of claim 20, wherein the project workload comprises executable code.
  - 22. The distributed processing system of claim 21, wherein the project workload includes workload data required by the project workload.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Byteweavr, LLC (Ascend Innovation Management, LLC)
Original Assignee
United Devices, Inc. (Altair Engineering Incorporated)
Inventors
Hubbard, Edward A., Mandyam, Sriram S.
Primary Examiner(s)
Eng, David Y.

Application Number

US09/648,832
Time in Patent Office

1,614 Days
Field of Search

380/255, 713/150, 713/189, 713/201, 709/223
US Class Current

709/223
CPC Class Codes

G06Q 30/02 Marketing; Price estimation...

Security architecture for distributed processing systems and associated method

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

142 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Security architecture for distributed processing systems and associated method

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

142 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links