Methods and computer systems with provisions for high availability of cryptographic keys
US9141814B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 3, 2014 |
| Grant date | Sep 22, 2015 |
| Priority date | — |
| Expiry date | Jun 3, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/24
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Computer systems and methods ensuring high availability of cryptographic keys using a shared file system. The keys are encrypted with at least one shareable master key to generate corresponding encrypted cryptographic keys, which are stored in a key database in the shared file system. A master key manager with access to the key database is elected from among master key manager candidates and is assigned a common virtual address. All master key manager candidates have the shareable master key such that during a failover event the availability of the encrypted cryptographic keys is not interrupted as a new master key manager takes over the common virtual address from the previous master key manager. Additionally, a message authentication code (MAC) is deployed for testing the integrity of keys during their retrieval.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.