-
Patent Agency Ranking
公开(公告)号:US11070374B2
公开(公告)日:2021-07-20
申请号:US15908349
申请日:2018-02-28
Applicant: VMware, Inc.
Inventor: Asaf Kariv , Ittai Abraham , Yotam Harchol
Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of secrets within distributed computer systems, including private encryption keys used for client authentication during establishment of secure communications channels. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. Each secret-share-storing node transmits the requested secret share or derived-data share to the agent, which reconstructs the secret from all or a portion of the secret shares or a data value from all or a portion of the derived-data shares transmitted to the agent.
-
公开(公告)号:US11057209B2
公开(公告)日:2021-07-06
申请号:US15908435
申请日:2018-02-28
Applicant: VMware, Inc.
Inventor: Asaf Kariv , Ittai Abraham , Yotam Harchol
Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of confidential and critical data, referred to as “secrets,” within distributed computer systems. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. The multiple secret-share-storing nodes additionally cooperate to periodically alter the stored secret shares corresponding to a secret in a way that allows agents to recover the original secret, or derived data, from all or a portion of the altered secret shares or derived-data shares.
-
公开(公告)号:US20190268149A1
公开(公告)日:2019-08-29
申请号:US15908349
申请日:2018-02-28
Applicant: VMware, Inc.
Inventor: Asaf Kariv , Ittai Abraham , Yotam Harchol
Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of secrets within distributed computer systems, including private encryption keys used for client authentication during establishment of secure communications channels. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. Each secret-share-storing node transmits the requested secret share or derived-data share to the agent, which reconstructs the secret from all or a portion of the secret shares or a data value from all or a portion of the derived-data shares transmitted to the agent.
-
公开(公告)号:US11190458B2
公开(公告)日:2021-11-30
申请号:US15814237
申请日:2017-11-15
Applicant: VMware, Inc.
Inventor: Arjun Singhvi , Sujata Banerjee , Mark Peek , Yotam Harchol , Pontus Rydin
IPC: H04L12/911 , H04L12/851 , G06F9/50
Abstract: The disclosure provides an approach for enabling network functions to be executed in serverless computing environments. One embodiment employs a per-packet architecture, in which the trigger for launching a serverless computing instance is receipt of a packet. In such a case, each received packet is packaged into a request to invoke network function(s) required to process the packet, and a serverless computing environment in turn executes the requested network function(s) as serverless computing instance(s) that process the packet and return a response. Another embodiment employs a per-flow architecture in which the trigger for launching a serverless computing instance is receipt of a packet belonging to a new traffic flow. In such a case, a coordinator identifies (or receives notification of) a received packet that belongs to a new sub-flow and launches a serverless computing instance to process packets of the sub-flow that are redirected to the serverless computing instance.
-
公开(公告)号:US20190268150A1
公开(公告)日:2019-08-29
申请号:US15908435
申请日:2018-02-28
Applicant: VMware, Inc.
Inventor: Asaf Kariv , lttai Abraham , Yotam Harchol
Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of confidential and critical data, referred to as “secrets,” within distributed computer systems. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. The multiple secret-share-storing nodes additionally cooperate to periodically alter the stored secret shares corresponding to a secret in a way that allows agents to recover the original secret, or derived data, from all or a portion of the altered secret shares or derived-data shares.
-
-
-
-
Search Results
5
records
(took 0.014 seconds)
