Replaceable or removable physical interface input/output module
First Claim
Patent Images
1. A system, comprising:
- a security device configured to receive a plurality of incoming packets from a plurality of data sources, each packet comprising a tag that identifies the respective data source, the security device comprising a plurality of programmable cryptographic modules, each of the cryptographic modules comprising;
(i) a packet input engine,(ii) a cryptographic engine comprising a first lower systolic array configured for cryptographic functions,(iii) a packet output engine, and(iv) a plurality of field-programmable gate arrays (FPGAs) configured in a top systolic array layer, wherein a first FPGA of the FPGAs is coupled to the packet input engine, and a second FPGA of the FPGAs is coupled to the cryptographic engine, wherein the packet input engine comprises a second lower systolic array logically underneath the top systolic array layer and configured for packet routing, and wherein the first lower systolic array is logically underneath the top systolic array layer,wherein the security device further comprises at least one interface configured to route each of the plurality of incoming packets to one of the cryptographic modules for encryption to provide encrypted packets, wherein each packet is routed based on its respective tag, and the at least one interface is further configured to route the encrypted packets to an external data storage;
an interchangeable input/output (I/O) panel; and
an interchangeable I/O electronics card associated with the I/O panel, the interchangeable I/O electronics card configured to couple to the security device.
1 Assignment
0 Petitions
Accused Products
Abstract
A system includes a removable or replaceable I/O interface (e.g., a panel and associated electronics card). In one embodiment, a security device includes an FPGA I/O array that can be programmed for different interfaces. The interchangeable I/O panel and card is designed with a selected interface'"'"'s matching physical electronics and connectors. This permits the main physical chassis of a security device to remain unchanged and avoid re-design, so that a user can readily use different interface options that can be changed by the user.
-
Citations
8 Claims
-
1. A system, comprising:
-
a security device configured to receive a plurality of incoming packets from a plurality of data sources, each packet comprising a tag that identifies the respective data source, the security device comprising a plurality of programmable cryptographic modules, each of the cryptographic modules comprising; (i) a packet input engine, (ii) a cryptographic engine comprising a first lower systolic array configured for cryptographic functions, (iii) a packet output engine, and (iv) a plurality of field-programmable gate arrays (FPGAs) configured in a top systolic array layer, wherein a first FPGA of the FPGAs is coupled to the packet input engine, and a second FPGA of the FPGAs is coupled to the cryptographic engine, wherein the packet input engine comprises a second lower systolic array logically underneath the top systolic array layer and configured for packet routing, and wherein the first lower systolic array is logically underneath the top systolic array layer, wherein the security device further comprises at least one interface configured to route each of the plurality of incoming packets to one of the cryptographic modules for encryption to provide encrypted packets, wherein each packet is routed based on its respective tag, and the at least one interface is further configured to route the encrypted packets to an external data storage; an interchangeable input/output (I/O) panel; and an interchangeable I/O electronics card associated with the I/O panel, the interchangeable I/O electronics card configured to couple to the security device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system, comprising:
-
a plurality of cryptographic computing devices; an input/output (I/O) panel; and an interchangeable physical interface, coupled to the I/O panel, the physical interface configured to receive a plurality of incoming packets from a plurality of data sources, each packet comprising a tag that identifies the respective data source, the interface configured to route each of the incoming packets to one of the cryptographic devices for encryption processing to provide encrypted packets for sending to a data storage, wherein each packet is routed to a respective cryptographic device based on its respective tag; wherein each cryptographic device of the plurality of cryptographic computing devices is configured to perform security processing, each cryptographic device comprising a packet input engine and a cryptographic engine, and each cryptographic device further comprising a plurality of field-programmable gate arrays (FPGAs) configured in a top systolic array layer, wherein a first FPGA of the FPGAs is coupled to the packet input engine, and a second FPGA of the FPGAs is coupled to the cryptographic engine; wherein the cryptographic engine comprises a first lower systolic array logically underneath the top systolic array layer and configured for cryptographic functions; wherein the packet input engine comprises a second lower systolic array logically underneath the top systolic array layer and configured for packet routing.
-
-
8. A method, comprising:
-
receiving a plurality of incoming packets from a data source; routing, by a first programmable input/output interface, the plurality of incoming packets to a first device of a plurality of cryptographic devices, each cryptographic device comprising at least one processor and at least one memory, each cryptographic device further comprising a packet input engine, a cryptographic engine, and a packet output engine, and each cryptographic device further comprising a plurality of field-programmable gate arrays (FPGAs) configured in a top systolic array layer, wherein a first FPGA of the FPGAs is coupled to the packet input engine, a second FPGA of the FPGAs is coupled to the cryptographic engine, and a third FPGA of the FPGAs is coupled to the packet output engine, wherein the cryptographic engine comprises a first lower systolic array logically underneath the top systolic array layer and configured for cryptographic functions, and wherein the packet input engine comprises a second lower systolic array logically underneath the top systolic array layer and configured for packet routing; encrypting the incoming packets using the first device to provide encrypted packets; and sending the encrypted packets to storage.
-
Specification