公开(公告)号：US20250112859A1

公开(公告)日：2025-04-03

申请号：US18476955

申请日：2023-09-28

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： DUNCAN ROWETH ,  KEITH D. UNDERWOOD ,  IAN ZIEMBA

IPC: H04L45/00 ,  H04L45/748 ,  H04L49/90

Abstract: Systems and methods are provided for validating an identifier using a dynamic matching scheme, including software-defined-matching or hardware-validated-matching. Software-defined-matching may determine whether two identifiers are logically the same when they are both generated by a software application and match each other, and hardware-validated-matching may determine whether the identifier provided by a message stamping process generated by a hardware component of the device matches a second identifier. The flexible validation process can allow the origin of the device to be trusted when the device is sending communications in the network, while detaching the trust from the user that is operating the trusted device or installing software (e.g., an operating system) on the device for temporary use. By disassociating the trust and independently verifying the device separate from the user operating the device, the communications sent and received by the system can be further trusted or distrusted accordingly.

公开(公告)号：US20240250822A1

公开(公告)日：2024-07-25

申请号：US18360446

申请日：2023-07-27

Applicant: Hewlett Packard Enterprise Development LP

Inventor： KEITH D. UNDERWOOD ,  Robert L. Alverson

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3213 ,  H04L9/0825 ,  H04L9/3297

Abstract: Systems and methods are provided for providing a shared token as part of establishing a communication connection with a network (“connection establishment”) between a source device and a target device, after a previous communication connection to the network between the source device and the target device is closed or torn down, in helping to prevent future replay attacks.

公开(公告)号：US20240250815A1

公开(公告)日：2024-07-25

申请号：US18515782

申请日：2023-11-21

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： KEITH D. UNDERWOOD ,  Duncan Roweth ,  Michael R. Strom ,  Eric Edward Eilertson

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0894 ,  H04L9/0825 ,  H04L9/3263

Abstract: Systems and methods are provided for implementing encryption of data-in-motion and/or otherwise stored data using a key server and a secure enclave of a Network Interface Card (NIC). The NIC acts as a passthrough between the client device and the shared infrastructure of the supercomputer system to help ensure data security in a massively scaled and distributed system. For example, in response to an enrollment process that stores a decrypted key in the secure enclave of a NIC, the NIC can receive a data packet from a client device. The NIC can transmit a key request to a key server that includes an encrypted key corresponding to the decrypted key. The key server can look up the previously stored private/public key pair to authenticate the NIC. The key server can provide private/public key pair to the NIC to allow the NIC to later encrypt data-in-motion.