The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Sep. 11, 2012
Filed:
Apr. 30, 2009
Robert Przykucki, Redwood City, CA (US);
Gaurav Agarwal, Menlo Park, CA (US);
Leo Janze, Alamo, CA (US);
Logan Rand Jennings, Menlo Park, CA (US);
Robert Bartozynski, San Mateo, CA (US);
Robert Przykucki, Redwood City, CA (US);
Gaurav Agarwal, Menlo Park, CA (US);
Leo Janze, Alamo, CA (US);
Logan Rand Jennings, Menlo Park, CA (US);
Robert Bartozynski, San Mateo, CA (US);
NetApp, Inc., Sunnyvale, CA (US);
Abstract
Embodiments of the present invention provide a method and system, in a network storage system, for a remote key manager performing cryptographic operations upon a failure of a protected key manager, using a hardware encryption key (key) automatically migrated from the protected key manager. During initialization, the protected and remote key managers authenticate the communication channel (e.g. trustee link) between each other. A new key generated by dedicated hardware of the protected key manager is used by the protected key manager to perform cryptographic operations on data of a storage server. The remote key manager then requests and obtains the new key from the protected key manager across the trustee link. Upon a failure of the protected key manager, the remote key manager performs cryptographic operations on data of the storage server using the migrated key, ensuring accessibility and security of such data.