Verifying authenticity in data storage management systems

US 8,646,070 B1
Filed: 06/30/2005
Issued: 02/04/2014
Est. Priority Date: 06/30/2005
Status: Active Grant

First Claim

Patent Images

1. In a storage area network management application that operates using agents for management of resources, a method for use in verifying authenticity in installing an agent on a host computer system in the storage area network, the method comprising:

identifying a file for use in installing the agent, wherein an agent installer identifies the agent for installation on the host computer system, wherein the agent collects and reports data within the storage area network, wherein the agent installer receives a list of installed agents and a list of agent versions from a master agent;

signing the file to produce a digital signature for the file;

providing, to a recipient, a certificate for use in verifying authenticity of information, wherein the recipient includes the master agent having the list of installed agents and the list of agent versions, wherein the master agent saves the certificate;

sending the file and digital signature to the recipient in a single secure transaction;

at the recipient, using the certificate and the digital signature to verify the file, wherein the master agent verifies the digital signature using the certificate; and

using the file, performing an agent installation operation to install the agent on the host computer system, wherein the host computer system connects to at least one data storage system to gain access to stored data on behalf of client computer systems requesting the stored data.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A storage area network management application operates using agents for management of resources. Authenticity is verified in installing an agent on a host computer system in the storage area network. A file is identified for use in installing the agent. The file is signed to produce a digital signature for the file. A certificate is sent to a recipient for use in verifying authenticity of information. The file and digital signature are sent to the recipient. At the recipient, the certificate and the digital signature are used to verify the file. An agent installation operation is performed, using the file, to install the agent on the host computer system.

26 Citations

View as Search Results

19 Claims

1. In a storage area network management application that operates using agents for management of resources, a method for use in verifying authenticity in installing an agent on a host computer system in the storage area network, the method comprising:
- identifying a file for use in installing the agent, wherein an agent installer identifies the agent for installation on the host computer system, wherein the agent collects and reports data within the storage area network, wherein the agent installer receives a list of installed agents and a list of agent versions from a master agent;
  
  signing the file to produce a digital signature for the file;
  
  providing, to a recipient, a certificate for use in verifying authenticity of information, wherein the recipient includes the master agent having the list of installed agents and the list of agent versions, wherein the master agent saves the certificate;
  
  sending the file and digital signature to the recipient in a single secure transaction;
  
  at the recipient, using the certificate and the digital signature to verify the file, wherein the master agent verifies the digital signature using the certificate; and
  
  using the file, performing an agent installation operation to install the agent on the host computer system, wherein the host computer system connects to at least one data storage system to gain access to stored data on behalf of client computer systems requesting the stored data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising:
    - providing the certificate to the recipient from a centralized location.
  - 3. The method of claim 1, further comprising:
    - providing the certificate to the recipient from an agent installation server.
  - 4. The method of claim 3, further comprising:
    - at the agent installation server, creating an obfuscated version of the certificate to send to the recipient.
  - 5. The method of claim 1, wherein the file includes a script file.
  - 6. The method of claim 5, further comprising:
    - executing the script file in the agent installation operation.
  - 7. The method of claim 1, wherein the file includes an archive file.
  - 8. The method of claim 1, further comprising:
    - validating the certificate at an agent installation server.
  - 9. The method of claim 1, further comprising:
    - validating the certificate at the recipient.
  - 10. The method of claim 1, further comprising:
    - storing the certificate in a limited access location.
  - 11. The method of claim 1, further comprising:
    - storing the digital signature in a limited access location.
  - 12. The method of claim 1, further comprising:
    - using RSA methodology, an SHA™
      
      hashing method, and a 2048 bit key length to produce the digital signature.

13. In a storage area network management application that operates using agents for management of resources, a method for use in verifying authenticity in installing an agent on a host computer system in the storage area network, the method comprising:
- identifying a file for use in installing the agent, wherein an agent installer identifies the agent for installation on the host computer system, wherein the agent collects and reports data within the storage area network, wherein the agent installer receives a list of installed agents and a list of agent versions from a master agent;
  
  signing the file to produce a digital signature for the file;
  
  storing the digital signature together with the file in a limited access location;
  
  sending the file and digital signature to a recipient in a single secure transaction, wherein the recipient includes the master agent having the list of installed agents and the list of agent versions;
  
  at the recipient, using the digital signature to verify the file, wherein the master agent verifies the digital signature; and
  
  using the file, performing an agent installation operation to install the agent on the host computer system, wherein the host computer system connects to at least one data storage system to gain access to stored data on behalf of client computer systems requesting the stored data.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The method of claim 13, further comprising:
    - providing a certificate to the recipient from a centralized location.
  - 15. The method of claim 13, further comprising:
    - providing a certificate to the recipient from an agent installation server.
  - 16. The method of claim 13, wherein the file includes a script file.
  - 17. The method of claim 16, further comprising:
    - executing the script file in the agent installation operation.

18. A computer system comprising:
- a memory;
  
  a processor;
  
  a communications interface;
  
  an interconnection mechanism coupling the memory, the processor and the communications interface;
  
  wherein the memory is encoded with instructions that when executed on the processor help cause the computer system to verify authenticity in installing an agent by performing the operations of;
  
  identifying a file for use in installing the agent, wherein an agent installer identifies the agent for installation on the host computer system, wherein the agent collects and reports data within the storage area network, wherein the agent installer receives a list of installed agents and a list of agent versions from a master agent, wherein the storage area network comprises a host computer system connecting to at least one data storage system to gain access to stored data on behalf of client computer systems requesting the stored data;
  
  signing the file to produce a digital signature for the file;
  
  sending, to a recipient, a certificate for use in verifying authenticity of information, wherein the recipient includes the master agent having the list of installed agents and the list of agent versions, wherein the master agent saves the certificate;
  
  sending the file and digital signature to the recipient in a single secure transaction; and
  
  at the recipient, using the certificate and the digital signature to verify the file, wherein the master agent verifies the digital signature using the certificate.
- View Dependent Claims (19)
- - 19. The computer system of claim 18, wherein the memory is encoded with instructions that when executed on the processor help cause the computer system to verify authenticity in installing an agent by performing the operation of providing the certificate to the recipient from an agent installation server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Patsenker, Svetlana, Thrift, Benjamin, Farizon, Boris, Zur, Mordechai Zvi, Martin, Sylvia, Hislop, Nigel B., Baize, Eric, Lee, Jeffrey B.
Primary Examiner(s)
Khoshnoodi, Nadia

Application Number

US11/171,906
Time in Patent Office

3,141 Days
Field of Search

None
US Class Current

726/22
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/64   Protecting data integrity, ...

G06F 8/61   Installation

Verifying authenticity in data storage management systems

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Verifying authenticity in data storage management systems

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links