System and method for securely replicating a configuration database of a security appliance

US 7,865,741 B1
Filed: 08/23/2006
Issued: 01/04/2011
Est. Priority Date: 08/23/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method for securely replicating a configuration database of a security appliance, the method comprising:

loading a copy of data of an original configuration database from an original security appliance onto a cloned configuration database of a cloned security appliance, wherein the configuration database comprises encryption keys used to perform at least one of encrypting the data and decrypting the data stored on cryptainers;

generating a first non-recoverable recovery policy key of a key hierarchy for storage on the cloned configuration database; and

applying recovery keys, from a quorum of recovery cards of the cloned security appliance, to one or more recoverable recovery policy keys of the cloned configuration database to restore all keys from a corresponding recoverable portion of the key hierarchy on the cloned security appliance to thereby substantially replicate all key material of the original configuration database on the cloned configuration database of the cloned security appliance.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method securely replicates a configuration database of a security appliance. Keys stored on an original configuration database of an original security appliance are organized as a novel key hierarchy. A replica or clone of the original security appliance may be constructed in accordance with a cloning technique of the invention. Construction of the cloned security appliance illustratively involves sharing of data between the appliances, as well as substantially replicating the key hierarchy on a cloned configuration database of the cloned appliance.

71 Citations

View as Search Results

17 Claims

1. A method for securely replicating a configuration database of a security appliance, the method comprising:
- loading a copy of data of an original configuration database from an original security appliance onto a cloned configuration database of a cloned security appliance, wherein the configuration database comprises encryption keys used to perform at least one of encrypting the data and decrypting the data stored on cryptainers;
  
  generating a first non-recoverable recovery policy key of a key hierarchy for storage on the cloned configuration database; and
  
  applying recovery keys, from a quorum of recovery cards of the cloned security appliance, to one or more recoverable recovery policy keys of the cloned configuration database to restore all keys from a corresponding recoverable portion of the key hierarchy on the cloned security appliance to thereby substantially replicate all key material of the original configuration database on the cloned configuration database of the cloned security appliance.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1 further comprising organizing one of encryption and signature keys stored on the original configuration database into the key hierarchy.
  - 3. The method of claim 2 wherein loading the copy of the data of the original configuration database comprises sharing data between the appliances, wherein the data comprises information additional to the keys of the key hierarchy.

4. A system configured to securely replicate a configuration database of a security appliance, the system comprising:
- a first configuration database including a copy of data stored on a second configuration database, wherein the configuration database comprises encryption keys used to perform at least one of encrypting the data and decrypting the data stored on cryptainers;
  
  a first security appliance coupled to the first configuration database, the first security appliance configured to generate a first non-recoverable recovery policy key of a key hierarchy for storage on the first configuration database; and
  
  one or more recovery cards of the first security appliance, the one or more recovery cards configured to apply one or more recovery keys, from a quorum of the one or more recovery cards, to one or more recoverable recovery policy keys of the first configuration database to restore all keys from a corresponding recoverable portion of the key hierarchy on the first security appliance, thereby replicating key material of the second configuration database on the first configuration database.
- View Dependent Claims (5, 6, 7)
- - 5. The system of claim 4 wherein the corresponding recoverable portion of the key hierarchy comprises second and third recovery policy keys, as well as all domain keys and secure storage keys below the second and third recovery policy keys in the hierarchy.
  - 6. The system of claim 5 wherein the secure storage keys are cryptainer keys.
  - 7. The system of claim 5 wherein the first configuration database is a clone of the second configuration database.

8. A key hierarchy configured to organize keys stored on a configuration database of a security appliance, the key hierarchy comprising:
- a master key generated by a storage encryption processor (SEP) of the security appliance;
  
  a plurality of recovery policy keys generated by the SEP and wrapped with the master key;
  
  one or more domain keys generated by the SEP, each domain key wrapped with one of the recovery policy keys;
  
  one or more cryptainer keys generated by the SEP, each cryptainer key wrapped with one of the domain keys; and
  
  one or more recovery keys, from a quorum of one or more recovery cards, utilized to enable restoration of at least one recovery policy key and those domain keys and those cryptainer keys below the at least one recovery policy key in the key hierarchy.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The key hierarchy of claim 8 wherein the recovery policy keys comprise a first recovery policy key and wherein keys wrapped by the first recovery policy key are unrecoverable.
  - 10. The key hierarchy of claim 9 wherein unrecoverable keys wrapped by the first recovery policy key include one or more non-recoverable domain keys configured to wrap one or more unrecoverable cryptainer keys.
  - 11. The key hierarchy of claim 9 wherein the at least one recovery policy key comprises a second recovery policy and wherein keys wrapped by the second recovery policy key are recoverable to hardware on the security appliance.
  - 12. The key hierarchy of claim 11 wherein the hardware on the security appliance includes the SEP.
  - 13. The key hierarchy of claim 11 wherein the at least one recovery policy key comprises a third recovery policy and wherein keys wrapped by the third recovery policy key are recoverable and exportable to software executing on the security appliance.

14. An apparatus configured to securely replicate a configuration database of a security appliance, the apparatus comprising:
- means for loading a copy of data of an original configuration database from an original security appliance onto a cloned configuration database of a cloned security appliance, wherein the configuration database comprises encryption keys used to perform at least one of encrypting the data and decrypting the data stored on cryptainers;
  
  means for generating a first non-recoverable recovery policy key of a key hierarchy for storage on the cloned configuration database; and
  
  means for applying recovery keys, from a quorum of recovery cards of the cloned security appliance, to one or more recoverable recovery policy keys of the cloned configuration database to restore all keys from a corresponding recoverable portion of the key hierarchy on the cloned security appliance to thereby replicate key material of the original configuration database on the cloned configuration database of the cloned security appliance.
- View Dependent Claims (15)
- - 15. The apparatus of claim 14 further comprising means for organizing keys stored on the original configuration database as the key hierarchy.

16. A computer readable storage medium containing program instructions executed by a processor, comprising:
- program instructions that load a copy of data on an original configuration database from an original security appliance onto a cloned configuration database of a cloned security appliance, wherein the configuration database comprises encryption keys used to perform at least one of encrypting the data and decrypting the data stored on cryptainers;
  
  program instructions that generate a first non-recoverable recovery policy key of a key hierarchy for storage on the cloned configuration database; and
  
  program instructions that apply appropriate recovery keys, from a quorum of recovery cards of the cloned security appliance, to one or more recoverable recovery policy keys of the cloned configuration database to restore all keys from a corresponding recoverable portion of the key hierarchy on the cloned security appliance to thereby replicate key material of the original configuration database on the cloned configuration database of the cloned security appliance.
- View Dependent Claims (17)
- - 17. The computer readable medium of claim 16 further comprising program instructions that organize keys stored on the original configuration database as the key hierarchy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Network Appliance Incorporated (NetApp, Inc.)
Original Assignee
NetApp, Inc.
Inventors
Sussland, Robert Jan, Wood, Robert Paul
Primary Examiner(s)
Arani; Taghi T
Assistant Examiner(s)
Jeudy; Josnel

Application Number

US11/508,431
Time in Patent Office

1,595 Days
Field of Search

726 26- 30, 380 44- 47, 380277-286, 713164-167, 713153-154
US Class Current

713/193
CPC Class Codes

G06F 11/2094 Redundant storage or storag...

G06F 21/606 by securing the transmissio...

System and method for securely replicating a configuration database of a security appliance

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

71 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for securely replicating a configuration database of a security appliance

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links