HARDWARE AUTHENTICATION IN A DISPERSED STORAGE NETWORK
First Claim
1. A method to authenticate a node in a dispersed storage network (DSN) having a dispersed storage (DS) management unit, the method comprises:
- receiving a device list originating from a hardware certificate authority (HCA);
receiving a hardware certificate from the node;
comparing the hardware certificate to the device list to determine if the hardware certificate is valid;
if the hardware certificate is valid, generating a challenge message and sending the challenge message to the node;
receiving a challenge response message from the node; and
determining if the challenge response message is valid.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for authenticating a node of a dispersed storage network (DSN). In various embodiments, a dispersed storage (DS) management unit receives a device list originating from a hardware certificate authority (HCA). The HCA also provides a hardware certificate to the node. Upon receiving the hardware certificate from the node, the DS management unit determines if the certificate is valid by comparing it to information contained in the device list (such as a device ID or a serial number associated with the node). If the certificate is valid, the DS management unit sends a challenge message to the node and analyzes the resulting challenge message response to determine if it is valid. If the response is valid, the DS management unit provides a signed certificate to the node for use in authenticating the node to perform dispersed storage operations within the DSN.
10 Citations
20 Claims
-
1. A method to authenticate a node in a dispersed storage network (DSN) having a dispersed storage (DS) management unit, the method comprises:
-
receiving a device list originating from a hardware certificate authority (HCA); receiving a hardware certificate from the node; comparing the hardware certificate to the device list to determine if the hardware certificate is valid; if the hardware certificate is valid, generating a challenge message and sending the challenge message to the node; receiving a challenge response message from the node; and determining if the challenge response message is valid. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A dispersed storage (DS) managing unit comprises:
-
at least one communication interface to communicate with nodes of a dispersed storage network (DSN); a memory; and a processing module coupled to the at least one communication interface and the memory, the processing module configured to; receive, via the at least one communication interface, a device list originating from a hardware certificate authority (HCA); store the device list in the memory; receive, via the at least one communication interface, a hardware certificate from a node of the DSN; compare the hardware certificate to the device list to determine if the hardware certificate is valid; if the hardware certificate is valid, generate a challenge message; and send the challenge message to the node of the DSN. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method to authenticate a node in a dispersed storage network (DSN) having a dispersed storage (DS) management unit, the method comprises:
-
receiving, by the node, a hardware certificate from a hardware certificate authority (HCA) or a separate element of the DSN; providing the hardware certificate to the DS management unit; receiving a challenge message from the DS management unit; generating a challenge response message based on the challenge message; providing the challenge response message to the DS management unit; and requesting a signed certificate from the DS management unit. - View Dependent Claims (20)
-
Specification