Systems and methods for providing secure multicast intra-cluster communication
First Claim
1. A method for optimizing cluster node authentication to facilitate improved security of multicast communications, the method comprising:
- performing, with a first network-connected computing device, an authentication handshake with a second network-connected computing device validly part of a cluster resulting in a successful mutual authentication with the second network-connected computing device;
receiving, with the first network-connected computing device, an encrypted cluster secret from the second network-connected computing device using a secure communication channel unique to the mutual authentication; and
decrypting, with the first network-connected computing device, the cluster secret using a session key generated during the authentication handshake, wherein the cluster secret enables the first network-connected computing device to securely communicate with the second network-connected computing device and every other one of a plurality of network-connected computing devices which is validly part of the cluster.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods which facilitate secure multicast communications between any valid node of a cluster using authentication between a node joining the cluster and any single node which is validly part of the cluster are disclosed. In accordance with embodiments, a cluster key is utilized to provide security with respect to intra-cluster communications. The cluster key of embodiments is shared by a node which is already part of the cluster with a node joining the cluster only after these two nodes mutually authenticate one another. The mutual authentication handshake of embodiments implements a protocol in which a session key is calculated by both nodes, thereby providing a secure means by which a cluster key may be shared. Having the cluster key, each node of the cluster is enabled to securely communicate with any other node of the cluster, whether individually (e.g., unicast) or collectively (e.g., multicast), according to embodiments.
26 Citations
18 Claims
-
1. A method for optimizing cluster node authentication to facilitate improved security of multicast communications, the method comprising:
-
performing, with a first network-connected computing device, an authentication handshake with a second network-connected computing device validly part of a cluster resulting in a successful mutual authentication with the second network-connected computing device; receiving, with the first network-connected computing device, an encrypted cluster secret from the second network-connected computing device using a secure communication channel unique to the mutual authentication; and decrypting, with the first network-connected computing device, the cluster secret using a session key generated during the authentication handshake, wherein the cluster secret enables the first network-connected computing device to securely communicate with the second network-connected computing device and every other one of a plurality of network-connected computing devices which is validly part of the cluster. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer readable medium having stored thereon instructions for optimizing cluster node authentication to facilitate improved security of multicast communications comprising machine executable code which when executed by a processor, causes the processor to perform steps comprising:
-
performing an authentication handshake with one of a plurality of network-connected computing devices validly part of a cluster resulting in a successful mutual authentication with the one network-connected computing device; receiving an encrypted cluster secret from the one network-connected computing device using a secure communication channel unique to the mutual authentication; and decrypting the cluster secret using a session key generated during the authentication handshake, wherein the cluster secret enables secure communication with the one network-connected computing device and every other one of the plurality of network-connected computing devices which is validly part of the cluster. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A network-connected computing device, comprising:
a processor coupled to a memory and configured to execute programmed instructions stored in the memory to; perform an authentication handshake with a second network-connected computing device validly part of a cluster resulting in a successful mutual authentication with the second network-connected computing device; receive an encrypted cluster secret from the second network-connected computing device using a secure communication channel unique to the mutual authentication; and decrypt the cluster secret using a session key generated during the authentication handshake, wherein the cluster secret enables secure communication with the second network-connected computing device and every other one of a plurality of network-connected computing devices which is validly part of the cluster. - View Dependent Claims (14, 15, 16, 17, 18)
Specification