公开(公告)号：US20170331903A1

公开(公告)日：2017-11-16

申请号：US15152219

申请日：2016-05-11

Applicant: NetApp, Inc.

Inventor： Craig Everhart ,  Flora Wong ,  Ankit Jain ,  Vijay Singh ,  Robert Wyckoff Hyer, JR. ,  Balajee Nagasubramaniam

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/141 ,  H04L63/0281 ,  H04L63/0428 ,  H04L63/166 ,  H04L67/1097 ,  H04L67/28

Abstract: A method, non-transitory computer readable medium and local storage node computing device that establishes a first connection between a first endpoint in a kernel of an operating system and a second endpoint. A proxy application in a user space is invoked and a second connection is established from the operating system kernel to the proxy application. The proxy application is linked to a secure protocol implementation. Handshake messages are proxied between the second endpoint and the proxy application using the first and second connections. Security parameters for the first connection and determined from the handshake messages are sent from the proxy application to the operating system kernel via the second connection. Data is exchanged between the first endpoint in the operating system kernel and the second endpoint using the first connection and the security parameters.

公开(公告)号：US09832174B2

公开(公告)日：2017-11-28

申请号：US14823740

申请日：2015-08-11

Applicant: NetApp, Inc.

Inventor： Craig Everhart ,  Subhash Sankuratripati

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/061 ,  H04L63/065 ,  H04L63/083

Abstract: A method and system for authenticating of the pairing of computing devices is described. In an example, a passphrase is established on computing devices. The pairing between two devices is initiated by a first device by communicating independently generated data, wherein the generated data is used along with the passphrase on each of the devices to derive a common pairing key. The pairing is authenticated by using at least a first portion of the common pairing key through a key exchange protocol. Further, a shared secret code is derived using a second portion of the common pairing key and stored to be used indirectly to secure future communication between the paired devices.

公开(公告)号：US11005894B2

公开(公告)日：2021-05-11

申请号：US16381887

申请日：2019-04-11

Applicant: NetApp, Inc.

Inventor： Craig Everhart

IPC: H04L29/06 ,  H04L12/18

Abstract: Methods, non-transitory machine readable media, and computing devices that facilitate demultiplexing services over ports are disclosed. With this technology, a request is received via a connection over one or more communication networks. The request includes payload data and a port number. At least a portion of the payload data is analyzed to determine one of a set of protocols associated with the port number. A service is then bound to the connection based on the determined one of the set of protocols. The service is configured to interpret the request. This technology advantageously allows the use of multiple protocols for a port number in a manner that is compatible with existing protocols and does not require any client-side code or coordination.

公开(公告)号：US20200329074A1

公开(公告)日：2020-10-15

申请号：US16381887

申请日：2019-04-11

Applicant: NetApp, Inc.

Inventor： Craig Everhart

IPC: H04L29/06 ,  H04L12/18

Abstract: Methods, non-transitory machine readable media, and computing devices that facilitate demultiplexing services over ports are disclosed. With this technology, a request is received via a connection over one or more communication networks. The request includes payload data and a port number. At least a portion of the payload data is analyzed to determine one of a set of protocols associated with the port number. A service is then bound to the connection based on the determined one of the set of protocols. The service is configured to interpret the request. This technology advantageously allows the use of multiple protocols for a port number in a manner that is compatible with existing protocols and does not require any client-side code or coordination.

公开(公告)号：US11025728B2

公开(公告)日：2021-06-01

申请号：US15152219

申请日：2016-05-11

Applicant: NetApp, Inc.

Inventor： Craig Everhart ,  Flora Wong ,  Ankit Jain ,  Vijay Singh ,  Robert Wyckoff Hyer, Jr. ,  Balajee Nagasubramaniam

IPC: H04L29/08 ,  H04L29/06

Abstract: A method, non-transitory computer readable medium and local storage node computing device that establishes a first connection between a first endpoint in a kernel of an operating system and a second endpoint. A proxy application in a user space is invoked and a second connection is established from the operating system kernel to the proxy application. The proxy application is linked to a secure protocol implementation. Handshake messages are proxied between the second endpoint and the proxy application using the first and second connections. Security parameters for the first connection and determined from the handshake messages are sent from the proxy application to the operating system kernel via the second connection. Data is exchanged between the first endpoint in the operating system kernel and the second endpoint using the first connection and the security parameters.

公开(公告)号：US09973394B2

公开(公告)日：2018-05-15

申请号：US14928416

申请日：2015-10-30

Applicant: NETAPP, INC.

Inventor： Craig Everhart ,  Steven Ewing

IPC: G06F15/16 ,  H04L12/24 ,  H04L29/08

CPC classification number: H04L41/30 ,  H04L67/1051 ,  H04L67/1097

Abstract: The present application provides techniques to interrelate a group of multiple entities. A master entity makes configuration decisions regarding the group of entities and communicates those decisions to the entities. When the master relinquishes the master role, the retiring master selects a new master to accede to the master role. The retiring master releases the master role and ensures that the new master becomes aware of its assignment to the master role. During the time between when the retiring master abdicates and when the new master accedes, the group of entities is temporarily permitted to have no master. The master changes the configuration of the group of entities in a similar way. Using the techniques described herein, a new master may eventually replace the retiring master, and a new configuration may eventually replace the old configuration, without the risk of duplicating or dropping the master role or a configuration change.

公开(公告)号：US20170093983A1

公开(公告)日：2017-03-30

申请号：US14928416

申请日：2015-10-30

Applicant: NETAPP, INC.

Inventor： Craig Everhart ,  Steven Ewing

IPC: H04L29/08 ,  H04L12/26

CPC classification number: H04L41/30 ,  H04L67/1051 ,  H04L67/1097

Abstract: The present application provides techniques to interrelate a group of multiple entities. A master entity makes configuration decisions regarding the group of entities and communicates those decisions to the entities. When the master relinquishes the master role, the retiring master selects a new master to accede to the master role. The retiring master releases the master role and ensures that the new master becomes aware of its assignment to the master role. During the time between when the retiring master abdicates and when the new master accedes, the group of entities is temporarily permitted to have no master. The master changes the configuration of the group of entities in a similar way. Using the techniques described herein, a new master may eventually replace the retiring master, and a new configuration may eventually replace the old configuration, without the risk of duplicating or dropping the master role or a configuration change.

公开(公告)号：US20170048212A1

公开(公告)日：2017-02-16

申请号：US14823740

申请日：2015-08-11

Applicant: NetApp, Inc.

Inventor： Craig Everhart ,  Subhash Sankuratripati

IPC: H04L29/06

CPC classification number: H04L63/061 ,  H04L63/065 ,  H04L63/083

Abstract: A method and system for authenticating of the pairing of computing devices is described. In an example, a passphrase is established on computing devices. The pairing between two devices is initiated by a first device by communicating independently generated data, wherein the generated data is used along with the passphrase on each of the devices to derive a common pairing key. The pairing is authenticated by using at least a first portion of the common pairing key through a key exchange protocol. Further, a shared secret code is derived using a second portion of the common pairing key and stored to be used indirectly to secure future communication between the paired devices.

Abstract translation: 描述了用于验证计算设备的配对的方法和系统。 在一个例子中，在计算设备上建立了密码短语。 两个设备之间的配对由第一设备通过独立生成的数据进行通信，其中生成的数据与每个设备上的密码一起使用以导出公共配对密钥。 通过使用密钥交换协议使用公共配对密钥的至少第一部分来认证配对。 此外，使用公共配对密钥的第二部分导出共享密码，并将其存储以间接使用以保证配对设备之间的未来通信。