Providing a booting key to a remote system

US 10,498,711 B1
Filed: 06/21/2016
Issued: 12/03/2019
Est. Priority Date: 05/20/2016
Status: Active Grant

First Claim

Patent Images

1. A policy server comprising:

one or more processors; and

a memory storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising;

predetermining, based on a security threat level, a number of user devices;

receiving, at the policy server, a verification that the predetermined number of user devices provided secret information for booting a remote system; and

providing, from the policy server and in response to the received verification, a message for a key server to provide a booting key to the remote system, the key server providing the booting key to the remote system in response to the message and causing the remote system to complete a booting procedure, in response to the message from the policy server, wherein the policy server and the key server are separate machines, wherein communication between the policy server, the key server, and the remote system occurs via a first encrypted tunnel connecting the policy server to the key server and a second encrypted tunnel connecting the key server to the remote system, wherein the policy server and the key server are part of a first running instance of a fully encrypted system, wherein a second running instance of the fully encrypted system is used to decrypt the first running instance, wherein the first running instance and the second running instance are part of a plurality of running instances of the fully encrypted system, and wherein, if all of the plurality of running instances are offline, one of the plurality of running instances is decrypted manually.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects of the present disclosure relate to providing a booting key to a remote system. A policy server receives a verification that a predetermined number of user devices provided secret information for booting a remote system. The policy server provides, in response to the received verification, a message for a key server to provide a booting key to the remote system, the key server providing the booting key in response to the message and causing the remote system to complete a booting procedure, in response to the message from the policy server.

108 Citations

21 Claims

1. A policy server comprising:
- one or more processors; and
  
  a memory storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising;
  
  predetermining, based on a security threat level, a number of user devices;
  
  receiving, at the policy server, a verification that the predetermined number of user devices provided secret information for booting a remote system; and
  
  providing, from the policy server and in response to the received verification, a message for a key server to provide a booting key to the remote system, the key server providing the booting key to the remote system in response to the message and causing the remote system to complete a booting procedure, in response to the message from the policy server, wherein the policy server and the key server are separate machines, wherein communication between the policy server, the key server, and the remote system occurs via a first encrypted tunnel connecting the policy server to the key server and a second encrypted tunnel connecting the key server to the remote system, wherein the policy server and the key server are part of a first running instance of a fully encrypted system, wherein a second running instance of the fully encrypted system is used to decrypt the first running instance, wherein the first running instance and the second running instance are part of a plurality of running instances of the fully encrypted system, and wherein, if all of the plurality of running instances are offline, one of the plurality of running instances is decrypted manually.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The policy server of claim 1, wherein the remote system comprises a virtual system, a container, or a hypervisor.
  - 3. The policy server of claim 1, wherein the remote system comprises a remote client machine or a remote server.
  - 4. The policy server of claim 1, the operations further comprising:
    - receiving, at the policy server, an indication that the remote system has initiated the booting procedure; and
      
      responsive to the indication, prompting for the verification from a plurality of user devices, the plurality of user devices including the predetermined number of user devices.
  - 5. The policy server of claim 4, the operations further comprising:
    - receiving, at the policy server, data from a log of the remote system, the data indicating occurrences that occurred prior to the remote system needing to reboot; and
      
      providing the received data to the plurality of user devices together with prompting for the verification from the plurality of user devices.
  - 6. The policy server of claim 1, wherein the policy server comprises the key server, and wherein the key server stores a plurality of booting keys for a plurality of remote systems, and a mapping of remote system identifiers to booting keys.
  - 7. The policy server of claim 6, wherein the key server provides the booting key to the remote system via the second encrypted tunnel.
  - 8. The policy server of claim 1, wherein the verification that the predetermined number of user devices provided the secret information is received via an additional encrypted tunnel connecting the predetermined number of user devices with the policy server.
  - 9. The policy server of claim 1, wherein the message for the key server to provide the booting key to the remote system is transmitted from the policy server to the key server via the first encrypted tunnel.
  - 10. The policy server of claim 1, wherein the verification from the predetermined number of user devices is received via a push notification or via a mail server.
  - 11. The policy server of claim 1, wherein the message for the key server to provide the booting key to the remote system comprises authenticated information for providing the booting key to the remote system.

12. A non-transitory machine-readable medium storing instructions that, when executed by the one or more processors of a machine, cause the one or more processors to perform operations comprising:
- predetermining, based on a security threat level, a number of user devices;
  
  receiving, at a policy server, a verification that the predetermined number of user devices provided secret information for booting a remote system; and
  
  providing, from the policy server and in response to the received verification, a message for a key server to provide a booting key to the remote system, the key server providing the booting key to the remote system in response to the message and causing the remote system to complete a booting procedure, in response to the message, wherein the policy server and the key server are separate machines, wherein communication between the policy server, the key server, and the remote system occurs via a first encrypted tunnel connecting the policy server to the key server and a second encrypted tunnel connecting the key server to the remote system, wherein the policy server and the key server are part of a first running instance of a fully encrypted system, wherein a second running instance of the fully encrypted system is used to decrypt the first running instance, wherein the first running instance and the second running instance are part of a plurality of running instances of the fully encrypted system, and wherein, if all of the plurality of running instances are offline, one of the plurality of running instances is decrypted manually.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The machine-readable medium of claim 12, wherein the remote system comprises a virtual system, a container, or a hypervisor.
  - 14. The machine-readable medium of claim 12, wherein the remote system comprises a remote client machine or a remote server.
  - 15. The machine-readable medium of claim 12, the operations further comprising:
    - receiving an indication that the remote system has initiated the booting procedure; and
      
      responsive to the indication, prompting for the verification from a plurality of user devices, the plurality of user devices including the predetermined number of user devices.
  - 16. The machine-readable medium of claim 15, the operations further comprising:
    - receiving data from a log of the remote system, the data indicating occurrences that occurred prior to the remote system needing to reboot; and
      
      providing the received data to the plurality of user devices together with prompting for the verification from the plurality of user devices.
  - 17. The machine-readable medium of claim 12, wherein the verification that the predetermined number of user devices provided the secret information is received via an additional encrypted tunnel connecting the predetermined number of user devices with the policy server.
  - 18. The machine-readable medium of claim 12, wherein the message for the key server to provide the booting key to the remote system is transmitted from the policy server to the key server via the first encrypted tunnel.
  - 19. The machine-readable medium of claim 12, wherein the verification from the predetermined number of user devices is received via a push notification or via a mail server.

20. A method comprising:
- predetermining, based on a security threat level, a number of user devices;
  
  receiving, at one or more processors of a policy server, a verification that the predetermined number of user devices provided secret information for booting a remote system; and
  
  providing, from the policy server and in response to the received verification, a message for a key server to provide a booting key to the remote system, the key server providing the booting key to the remote system in response to the message and causing the remote system to complete a booting procedure, in response to the message from the policy server, wherein the policy server and the key server are separate machines, wherein communication between the policy server, the key server, and the remote system occurs via a first encrypted tunnel connecting the policy server to the key server and a second encrypted tunnel connecting the key server to the remote system, wherein the policy server and the key server are part of a first running instance of a fully encrypted system, wherein a second running instance of the fully encrypted system is used to decrypt the first running instance, wherein the first running instance and the second running instance are part of a plurality of running instances of the fully encrypted system, and wherein, if all of the plurality of running instances are offline, one of the plurality of running instances is decrypted manually.
- View Dependent Claims (21)
- - 21. The method of claim 20, wherein the number of user devices is a plural number of user devices, and wherein the security threat level represents existence of known security threats.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Palantir Technologies Incorporated
Original Assignee
Palantir Technologies Incorporated
Inventors
Cassidy, Justin, Smith, Tristan, Oliver, Kori
Primary Examiner(s)
Abbaszadeh, Jaweed A
Assistant Examiner(s)
Corcoran, Brian J

Application Number

US15/188,784
Time in Patent Office

1,260 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/575   Secure boot

G06F 9/4416   Network booting; Remote ini...

G06F 9/45558   Hypervisor-specific managem...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/0428   wherein the data content is...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

Providing a booting key to a remote system

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

108 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Providing a booting key to a remote system

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links