Master key generation and distribution for storage area network devices

Assignee

• Cisco Technology, Inc. · US

Inventors

• Praveen Patnala · Santa Clara, US
• Anand Parthasarathy · Fremont, US
• Makarand Deshmukh · Cupertino, US
• Jason Mellblom · New York, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/24
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Mechanisms are provided for generating a master key used to secure key objects associated with data blocks in a data center. A cryptographic node creation request is received. It is determined that a master key can not be obtained from another cryptographic node in the data center. A master key is generated. The master key is included in a key hierarchy used to encrypt a data center key object, the data center key object corresponding to a data block maintained in a storage area network (SAN), where the data center key object includes a unique identifier, an encrypted key, and a wrapper unique identifier. The master key is split into N shares, with M shares required to recreate the master key, wherein M is less than N. The N shares are distributed to different entities.