Authentication device and computer system
First Claim
Patent Images
1. A computer system comprising:
- a plurality of storage devices; and
an authentication device,wherein each of the storage devices comprises;
a certificate retaining module that retains a certificate, which has been issued by a certification authority and contains address information of the storage device; and
a receiving module that receives a packet including the certificate and the address information of the storage device,wherein the authentication device comprises;
a receiving module configured to receive a packet including address information of a source of the packet and a certificate of the source of the packet; and
a certification processing module configured to validate the source of the packet based on a comparison of the address information of the source of the packet, which is included in the packet, and the address information that is recorded on the certificate in the packet, wherein when the comparison results in a match between the address information of the source of the packet and the address information recorded on the certificate in the packet, then the certification processing module validates the source of the packet,wherein upon receipt of a notification from a first storage device of an output of data from the first storage device to a second storage device, the receiving module of the authentication device receives the packet from each of the first storage device and the second storage device, andwherein the certification processing module of the authentication device validates each of the received packets, and if the validation is successful, notifies the first storage device of permission of the output of data.
3 Assignments
0 Petitions
Accused Products
Abstract
To restrict actions such as spoofing and thereby prevent tapping and leakages of data by certifying whether or not each communication device such as a storage device on a communication line is to be connected to the communication line.
Upon receipt of a packet that contains an IP address in its IP header and stores a certificate in its certificate payload from a storage device 300, an authentication device 200 compares an IP address that is recorded in the certificate and the IP address that is recorded on the IP header of the packet. If the comparison results in a match of these IP addresses, the authentication device 200 can certify that the storage device 300 is a device for which a certificate issuing device 100 has properly issued the certificate.
-
Citations
3 Claims
-
1. A computer system comprising:
-
a plurality of storage devices; and an authentication device, wherein each of the storage devices comprises; a certificate retaining module that retains a certificate, which has been issued by a certification authority and contains address information of the storage device; and a receiving module that receives a packet including the certificate and the address information of the storage device, wherein the authentication device comprises; a receiving module configured to receive a packet including address information of a source of the packet and a certificate of the source of the packet; and a certification processing module configured to validate the source of the packet based on a comparison of the address information of the source of the packet, which is included in the packet, and the address information that is recorded on the certificate in the packet, wherein when the comparison results in a match between the address information of the source of the packet and the address information recorded on the certificate in the packet, then the certification processing module validates the source of the packet, wherein upon receipt of a notification from a first storage device of an output of data from the first storage device to a second storage device, the receiving module of the authentication device receives the packet from each of the first storage device and the second storage device, and wherein the certification processing module of the authentication device validates each of the received packets, and if the validation is successful, notifies the first storage device of permission of the output of data.
-
-
2. A computer system comprising:
-
a plurality of storage devices; and an authentication device, wherein each of the storage devices comprises; a certificate retaining module that retains a certificate, which has been issued by a certification authority and contains address information of the storage device; and a receiving module that receives a packet including the certificate and the address information of the storage device, wherein the authentication device comprises; a receiving module configured to receive a packet including address information of a source of the packet and a certificate of the source of the packet; and a certification processing module configured to validate the source of the packet based on a comparison the address information of the source of the packet, which is included in the packet, and the address information that is recorded on the certificate in the packet, wherein when the comparison results in a match between the address information of the source of the packet and the address information recorded on the certificate in the packet, then the certification processing module validates the source of the packet, wherein upon receipt of a notification from a first storage device of an output of data from the first storage device to a second storage device, the receiving module of the authentication device receives the packet from each of the first storage device and the second storage device selected based on a predetermined condition, and wherein the certification processing module of the authentication device validates each of the received packets, and if the validation is successful, notifies the first storage device of the selected storage device and of permission of the output of data. - View Dependent Claims (3)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeGoogle LLC (Alphabet Inc.)
-
Original AssigneeHitachi, Ltd.
-
InventorsKanda, Akitsugu
-
Primary Examiner(s)Sheikh; Ayaz
-
Assistant Examiner(s)Besrour; Saoussen
-
Application NumberUS10/785,975Publication NumberTime in Patent Office1,657 DaysField of Search713/176US Class Current713/156CPC Class CodesH04L 63/0823 using certificates cryptogr...H04L 63/1466 Active attacks involving in...
