Multi-tenancy architecture

Description

FIELD OF THE TECHNOLOGY

At least some embodiments disclosed herein relate to security processing and data storage in general, and more particularly, but not limited to, security processing in a multi-tenancy architecture.

BACKGROUND

In existing solutions to multi-tenancy, each customer is physically separated with its own network and network equipment with required protection. As the data center customer base expands, this expansion requires additional floor space. This additional floor space requires costly new buildings, and all of its related infrastructure in order to meet the new customer demands.

Multi-tenancy is a business model in which many companies, governments, and other entities store their data in a commonly-shared data center or storage array. There are data centers to conserve floor space that will store multiple customers' data in a common storage area. One problem with such storage is that a given customer's data is stored/mixed with the data for many of the other customers. Thus, an operator or equipment error may lead to the given customer's data accidently or inadvertently being read or accessed by one or more of the other customers.

SUMMARY OF THE DESCRIPTION

Systems and methods to provide security processing and/or storage for incoming data (e.g., data packets) in a multi-tenancy architecture using one or more security devices is described herein. Some embodiments are summarized in this section.

In one embodiment, a system includes a security device, configured for cryptographic processing, coupled to receive incoming data from a plurality of data sources (e.g., data from different companies, or other different customers or users), wherein the incoming data includes first data from a first data source; a controller (e.g., a key manager) configured to select a first set of keys from a plurality of key sets, each of the key sets corresponding to one of the plurality of data sources, wherein the first set of keys is used by the security device to encrypt the first data; and a common encrypted data storage, coupled to receive the encrypted first data from the security device.

In one embodiment, a system includes a plurality of security devices, each configured for cryptographic processing, coupled to receive incoming data from at least one data source; and a plurality of key managers, each key manager associated with a user, each key manager coupled to a respective one of the security devices, and each key manager configured to provide a set of keys to the security device for encryption of incoming data associated with the respective user, wherein the incoming data is to be stored in a common encrypted data storage after the encryption.

In one embodiment, a security device includes a plurality of cryptographic cores (e.g., a core configured using a systolic array) including an input core configured to perform encryption for a first data packet; at least one key cache storing a plurality of key sets, wherein a first set of keys is selected from the plurality of key sets to encrypt the first data packet by the input core; and a packet input engine configured to detect a header of the first data packet and to address the first set of keys. In one embodiment, the keys are initially provided to the security device by an external key manager through an application programming interface.

The disclosure includes methods and apparatuses which perform the above. Other features will be apparent from the accompanying drawings and from the detailed description which follows.

BRIEF DESCRIPTION OF THE DRAWINGS

The embodiments are illustrated by way of example and not limitation in the figures of the accompanying drawings in which like references indicate similar elements.

FIG. 1 shows a security processing system including a security device with a plurality of programmable cryptographic modules and a programmable input/output interface, according to one embodiment.

FIG. 2 shows a systolic-matrix security processing system for receiving and encrypting data packets from a non-encrypted data source, and concurrently processing control and data from a control plane for storage in a common encrypted data storage, according to one embodiment.

FIG. 3 shows a systolic-matrix cryptographic module including programmable input and output packet engines and a programmable cryptographic processing engine, according to one embodiment.

FIGS. 4 and 5 each show an example of a systolic-matrix array with two-dimensional computing paths, according to various embodiments.

FIG. 6 shows a security device implemented between a data source and encrypted data storage using an in-line configuration, according to one embodiment.

FIG. 7 shows a security device implemented between a data source and encrypted data storage using a side-car configuration, according to one embodiment.

FIG. 8 shows a security device interfacing with external and network services, according to one embodiment.

FIG. 9 shows an internal key manager of the cryptographic module that communicates with an external key manager via an application programming interface, according to one embodiment.

FIG. 10 shows a specific implementation of a programmable cryptographic module configured as a systolic array of FPGAs, according to one embodiment.

FIG. 11 shows a multi-tenancy system including a security device, according to one embodiment.

FIG. 12 shows a multi-tenancy system including multiple security devices and key managers, according to another embodiment.

FIG. 13 shows a security device in communication over a network with a common data storage, according to one embodiment.

FIG. 14 shows a block diagram of a multi-tenancy cryptographic module including cryptographic cores and key caches, as used in a multi-tenancy architecture according to one embodiment.

DESCRIPTION

The following description and drawings are illustrative and are not to be construed as limiting. Numerous specific details are described to provide a thorough understanding. However, in certain instances, well known or conventional details are not described in order to avoid obscuring the description. References to one or an embodiment in the present disclosure are not necessarily references to the same embodiment; and, such references mean at least one.

Reference in this specification to “one embodiment” or “an embodiment” means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the disclosure. The appearances of the phrase “in one embodiment” in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Moreover, various features are described which may be exhibited by some embodiments and not by others. Similarly, various requirements are described which may be requirements for some embodiments but not other embodiments.

FIG. 1 shows a security processing system including a security device 102 with a plurality of programmable cryptographic modules 104 and a programmable input/output interface 106, according to one embodiment. An interchangeable physical interface 108 is configured to receive a plurality of incoming packets from a data source (e.g., through physical interface 110). In one embodiment, the plurality of cryptographic modules is configured using at least two systolic layers for processing of packets, control data, and keys as discussed further below.

Programmable input/output interface 106 is coupled to the interchangeable physical interface and is configured to route each of the plurality of incoming packets to one of the cryptographic modules 104 for encryption to provide a plurality of encrypted packets. The programmable input/output interface 106 is configured to route the encrypted packets to a common internal or external data storage.

For outgoing packets, programmable input/output interface 106 routes encrypted packets to one of the cryptographic modules 104 for decryption. The decrypted packets are then routed by programmable input/output interface 106 to the data source.

In one embodiment, programmable input/output interface 106 is programmable to support different interface protocols, and each of the plurality of cryptographic modules 104 is programmable to support different encryption protocols (e.g., each module 104 may be programmed to support a different protocol). Programmable input/output interface 106 may include one or more field-programmable gate arrays that are programmable to support the different interface protocols. In one embodiment, programmable input/output interface 106 may be coupled to the cryptographic modules 104 by a high-speed bus such as, for example, a PCI-e bus.

In one embodiment, the interchangeable physical interface 108 is configurable to support two different physical interfaces. In one example, the interchangeable physical interface 108 comprises a replaceable physical input/output panel (or card) that can be replaced independently of the programmable input/output interface 106 and the plurality of cryptographic modules 104.

FIG. 1 also illustrates a control and display unit 114 coupled to control operation of cryptographic modules 104, and also to send or receive data over remote ports 112. Remote ports 112 may be, for example, RS-232, USB, or GigEthernet ports. Remote ports 112 may implement communications using, for example, an SNMP protocol.

Control and display unit 114 provides drivers to a display and status control screen on the user panel 116. User panel 116 also provides soft or hard buttons for user control and data input during the operation of security device 102. Various functions controllable on user panel 116 include a zeroize control (to zeroize the keys), a crypto ignition key (to start the encryption process), a key fill port (to load the keys), and a system reset.

In one embodiment, security device 102 (which may be, e.g., implemented as a security appliance) is used to prevent data breaches by a hacker trying to gain access to encrypted data. In this embodiment, security device 102 provides security, encryption, high-assurance, high-availability sustained bandwidths up to 400 Gbs (full duplex), programmability for data-at-rest and in-network applications. The security device 102 has an interchangeable I/O flexible module as described above to support different physical (PHY) interface connectors and electronics.

In one embodiment, use of the interchangeable I/O interface 108 and programmable I/O interface 106 (implemented using an FPGA I/O systolic array) provides the following advantages:

- 1) The FPGA I/O systolic array can be programmed for different interfaces and the interchangeable I/O is designed with the selected interface's physical electronics and connectors. This permits the main physical chassis of security device 102 to remain unchanged and to readily use different interface options that can be changed by a user.
- 2) The security device architecture in conjunction with the interchangeable I/O provides a high-density connectors capability. These flexible I/O design features can be programmed for many different types of interfaces to maximize interfacing flexibility to an end network application.
- 3) Scalable performance in programmable specified data rate increments for each cryptographic module up to, e.g., six modules which will have up to six times the programmed full duplex data rates. Other lesser or greater numbers of cryptographic modules may be used in other designs.

In one embodiment, flexible I/Os and flexible cryptographic (sometimes simply referred to as “crypto” herein) modules are accomplished by using a scalable systolic architecture and crypto-modules and interchangeable input/output (I/O) card, as described herein. The security device 102 has programmable delay latencies for a specified data block size of programmable bytes sizes. The security device architecture has two programmable elements: the programmable crypto-module and the programmable flexible I/O.

In one embodiment, the flexible I/O has two components: The FPGAs can be programmed to support different interface protocols, and an interchangeable physical I/O card is used to support the physical interfaces and connectors. The flexible I/O also has a switching network. The scalable and programmable crypto-module has a programmable full duplex bandwidth consisting of high performance CPUs and FPGAs clocking up to maximum allowable clock rates internal to the FPGA. This CPU and FPGA in systolic-matrix configuration and implementation provides a fully-programmable system to meet many different applications.

In one embodiment, the security device crypto-module design will be using high performance CPU or equivalent processors and FPGAs forming a programmable systolic scalable module. The programmability efficiencies of design are realized by segmenting functional subsystems from packet engines, crypto engines, key handler and overhead-control management engines. The I/O interface incorporates functional blocks (e.g., 100 Gbs Ethernet, PCI-express, Fibre channel, SAS, Infiniband, SCSI, or any other high speed interface protocols) that are incorporated.

In one embodiment, the security device 102 can be both a media-level encryptor and a file system encryptor. All data payload passing thru security device 102 is encrypted except for the file system headers-commands (which remain in the clear). Therefore, the existing file system will be intact with no drivers required for the end system. The only interface required is for the end system remote management and key management products. This makes the security device transparent to a user or network storage system.

FIG. 2 shows a security processing system for receiving and encrypting data packets from a non-encrypted data source 202 for storage in a common encrypted data storage 204, according to one embodiment. The system includes cryptographic modules 104. Each cryptographic module is coupled between programmable high-speed input/output (I/O) interfaces 206 and 208, which are each coupled to an interchangeable physical interface (see, e.g., interface 108 in FIG. 1). In one embodiment, interfaces 206 and 218 communicate with each other during security data processing using, for example, a serial bus 216 (e.g., an Interbus serial bus).

Processor 210 handles control plane and data processing for the cryptographic modules 104 and the high-speed input/output interfaces 206, 208, 218. In one embodiment, processor 210 is a control plane processor configured to control systolic data flow for the cryptographic modules 104, and also to control loading of keys from an external key manager to an internal key cache (see, e.g., FIG. 9 below).

Physical interface 212 receives a plurality of incoming packets from data source 202. The first programmable high-speed input/output interface 208 routes each of the plurality of incoming packets to one of the cryptographic modules 104 for encryption processing to provide encrypted packets. The second programmable high-speed programmable input/output interface 206 routes the encrypted packets from the cryptographic module 104 to common encrypted data storage 204 via physical interface 214.

In one embodiment, the routing and switching functions of high-speed interfaces 206 and 208 are provided by programmable input/output interface 106 of FIG. 1. In one embodiment interchangeable physical input/output interface 108 includes physical interface 212 and/or 214.

In one embodiment, each of the encrypted packets has a respective tag to identify an original entry port (e.g., a port of high-speed I/O interface 208), keys or key addresses associated with each of the encrypted packets is decrypted by one of the cryptographic modules to provide corresponding decrypted packets, and the first programmable input/output interface 208 is further configured to use the respective tag to route each decrypted packet back to its original entry port.

In one embodiment, each programmable input/output interface 206, 208, 218 is programmable to support different interface protocols. For example, the first programmable input/output interface 208 may include a plurality of field-programmable gate arrays that are programmable to support the different interface protocols.

In one embodiment, the first programmable input/output interface 208 and the second programmable input/output interface 206 each comprise a switching network and a router (not shown) to route incoming packets (from data source 202 or data storage 204, respectively) to one of the cryptographic modules 104.

In one embodiment, each cryptographic module 104 is designed and programmed, and mathematically optimized for any cryptographic algorithms and network IP protocols. The design can be scaled up to, for example, six or more crypto modules. The security device 102 can be mathematically optimized, for example, for any cryptographic algorithms for full-duplex data rate performance.

In one embodiment, the security device architecture is adaptable to any enterprise class data-at-rest or IP network solution due to the flexible switching I/O architecture. The flexible input and output switching I/O interfaces provide a significant cost advantage and homogeneous data flow and relax the need for data separation. The security device may use FPGAs that bridge to the native I/O interface for the required number of crypto-modules. This allows a single crypto-module to be used with many possible system implementations and configurations based on the end application I/O type and throughput requirements and also be scalable with programmable data rate increments.

In one embodiment, the flexible switch I/O architecture described herein includes programmable I/O modules (using FPGAs) that function as a low latency bridge and switch between the native I/O to the target data-at-rest system and to the internal array of crypto-module processors. A pair of separated, designated programmable FPGA-based I/O interface modules bridges security device 102 to an industry standard network. This scalability and flexibility enables security device 102 to be inserted into existing or new storage network systems supporting scalable data rates.

In one embodiment, the flexible programmable I/O interface is adaptable to any enterprise, or mobile, class data-at-rest interface application. The flexible I/O architecture includes programmable I/O modules (using FPGAs) that function as a low latency bridge between the native I/O of the target data-at-rest system and the internal array of crypto-modules. Flexible I/O programmability is based on FPGA-based modules that can be programmed to any industry standards or a custom interface to the storage system fabric or IP network.

In one embodiment, security device 102 performs at data rates only limited by the technology used. The key-handling agility is matched to the data rates. The internal key management is central to the performance of the cryptographic module in this embodiment.

FIG. 3 shows a cryptographic module 104 including programmable input and output packet engines and a programmable cryptographic processing engine, according to one embodiment. More specifically, cryptographic module 104 comprises a programmable packet input engine 304, a programmable cryptographic engine 302, and a programmable packet output engine 306. In one embodiment, packet engines 304 and 306 are coupled to cryptographic engine 302 using a high-speed serial or parallel bus 322 (e.g., an Interbus bus) for control operations, and using high-speed data busses for data transfer.

In one embodiment, the programmable packet input engine 304, the programmable cryptographic engine 302, and the programmable packet output engine 306 are each configured as a systolic-matrix array and each include one or more field-programmable gate arrays (FPGAs) programmable to support different security protocols. In one example, the programmable packet input engine 304, the programmable cryptographic engine 302, and the programmable packet output engine 306 are each coupled to a respective dedicated program memory for each FPGA (e.g., memory 310 or 312), and to a respective dedicated processor (not shown) to control programming of each FPGA. Each memory 310, 312 may be used, e.g., to provide data, keys buffering and/or storage.

In a method according to one embodiment, the first programmable input/output interface 208 (see FIG. 2) includes a field-programmable gate array (FPGA), and the method includes programming the FPGA to support a different interface protocol than previously used for receiving incoming data packets. In this method, each of the plurality of cryptographic modules 104 includes programmable systolic packet input engine 304, programmable systolic-matrix cryptographic engine 302, and programmable systolic-matrix packet output engine 306. The method further includes programming an FPGA of the packet input engine 304, an FPGA of the cryptographic engine 302, and an FPGA of the packet output engine 306.

In one embodiment, a top systolic layer includes FPGAs 308, 318, and 320, which are coupled to systolic packet engines 304, 306 and cryptographic engine 302, each also including an FPGA, in order to form a two-dimensional systolic-matrix array for data and control processing.

In one embodiment, each crypto module 104 has input and output packet engines and the crypto core. The crypto module has a systolic crypto engine that is tightly coupled to the input and output systolic packet engines. Each element in the crypto module has a dedicated high-performance CPU plus its memory, and dedicated memory to the input-output systolic packet engines and crypto core buffer/storage memory.

In one embodiment, each FPGA(s) array has a dedicated program memory. Also, a compression engine (included, e.g., in auxiliary engines 314) is included for data compression or other data processing required.

In one embodiment, the crypto module of FIG. 3 uses secure boot 316 to verify the FPGA code and that any software (SW) within the crypto module is encrypted-secure and authenticated. During the secure boot process, if any anomalies are detected, the system will not boot and further may provide a user alert that issues have been detected. The secure boot 316 may be designed to work with existing industry key manager systems.

In one embodiment, the crypto module design of FIG. 3 provides features such as hard-wired, one-time programmable options and custom analog/digital circuits for flexible physical partitioning for un-encrypted (plain text) and encrypted (cipher text) separation.

FIGS. 4 and 5 each show an example of a systolic-matrix array with two-dimensional computing paths, according to various embodiments. FIG. 4 shows FPGAs 402 organized in a systolic-matrix array for data, keys and control processing of security packets. Although FPGAs are shown forming the systolic-matrix array in FIG. 4, other forms of programmable devices, or other types of data processing units or processors may be used to form the systolic-matrix array in other embodiments (e.g., ASICs may be used). FIG. 5 shows an alternative configuration for systolic-matrix array comprising FPGAs 502 for data control processing of security packets.

In one embodiment, each cryptographic module 104 is implemented using a systolic-matrix array configuration. For example, cryptographic module 104 as illustrated in FIG. 3 is configured in a systolic-matrix array such as the basic form illustrated in FIG. 4. In addition, in one embodiment, the input and output packet engines 304, 306 and/or the cryptographic processing engine 302 for each cryptographic module 104 are also each themselves designed with an internal systolic-matrix array architecture. For example, the cryptographic processing engine 302 may be configured in a systolic-matrix array configuration such as illustrated in FIG. 5. In another example, each packet engine may itself have the systolic array configuration of FIG. 4 or FIG. 5, or yet other systolic array configurations, as part of its internal sub-block processing architecture.

Thus, as described above, in some embodiments, security device 102 is configured with a two or greater multiple-layer systolic-matrix array architecture. In this architecture, each cryptographic module 104 has a systolic-matrix array configuration (i.e., a top systolic array layer), and each of the packet engines and/or cryptographic processing engine has an internal systolic-matrix array configuration (e.g., in a lower systolic array layer formed of FPGAs that is logically underneath the top systolic-matrix array layer). The multiple-layers above combined with two-dimensional systolic arrays provides a three-dimensional systolic-matrix architecture for security device 102.

FIG. 6 shows security device 102 implemented between a data source 604 and encrypted data storage 204 using an in-line configuration, according to one embodiment. In one example, security device 102 is installed as an enterprise high-performance data storage encryption and authentication appliance. The security device is installed as in-line (bump in the wire) between the data storage arrays. Security device 102 also interfaces with management console 602 and external key manager console 603.

FIG. 7 shows security device 102 implemented between data source 604 and encrypted data storage 204 using a side-car configuration, according to one embodiment. In one example, security device 102 is installed as a data storage encryption and authentication appliance as side car (off to the side of the data storage). Security device 102 also interfaces with management console 602 and external key manager console 603.

FIG. 8 shows security device 102 interfacing with external and network services, according to one embodiment. In particular, security device 102 is interfaced with a management console consisting of external key manager 802, network services management 804, and any other required external management services 806.

FIG. 9 shows an internal key manager 902 of cryptographic module 104 that communicates with an external key manager 906, according to one embodiment. Each of the plurality of cryptographic modules 104 comprises internal key manager 902, which is coupled via an application programming interface (API) 904 to external key manager 906. Keys received via API 904 are stored in one of multiple key caches 908 for use by the cryptographic modules 104 during encryption or decryption of incoming packets. In one embodiment, control plane processor 210 controls loading of the keys from API 904 to one of key caches 908.

In one embodiment, each of the incoming packets to a cryptographic module 104 includes a key tag to identify at least one key associated with the packet to be security processed, and further may also include a source tag to identify a data source and keys for the packet. The internal key manager 902 is configured to retrieve the keys from one of key caches 908 using the key tag for the packet to be processed by the respective cryptographic module 104.

In one embodiment, programmable input/output interface 106, 206, and/or 208 is further configured to route a packet to one of the plurality of cryptographic modules 104 based on the source tag.

In one embodiment, each of the plurality of cryptographic modules 104 may be physically partitioned from the other of the cryptographic modules. In one embodiment, other key features of security device 102 may include the ability to interface or port third party key management software and network management software.

Various additional, non-limiting embodiments of security device 102 are now described below. In one or more embodiments, security device 102 may provide one or more of the following advantages:

1. A fast data rate encryptor at hundreds of gigabits full duplex (e.g., for meeting future optical network data rates).

2. A programmable systolic architecture consisting of FPGAs and CPUs. The security device is flexible and programmable requiring only software upgrades for different versions and features.

3. Multi-tenancy to secure an entity's or individual user's data. Each entity/user's data will be encrypted/decrypted using a unique key per the entity/user. In this way, each entity/user's data will be uniquely encrypted/decrypted and stored in a common data storage area. If by operator or machine error the wrong data is accessed and mistakenly sent to another of the entity/users using the storage area, the data is still safe since it will not be decrypted by the correct entity/user key. Various embodiments for a multi-tenancy architecture are discussed below in the section titled “Multi-Tenancy Architecture”.

4. A multi-level security architecture to secure different levels of classified data using a single security device (e.g., an encryptor). Each classification of data will be encrypted/decrypted using a unique key per the data class. In this way, each classification of data will be uniquely encrypted/decrypted and stored in a common storage area. If by operator or machine error the wrong data is accessed and mistakenly sent to another level of classification, the data is still safe since it is not decrypted by the correct user key.

5. A high-speed key agility and storage for millions of keys.

6. A flexible high-density I/O to interface to network equipment at multiple customer (or other source) sites. Also, the flexible I/O can be programmed for mixed interface types (e.g., 10 Gbs Ethernet, Infiniband, or PCI-express), thus requiring no interface bridging network equipment.

7. A replaceable, flexible I/O physical panel that can be customized for a specific network installation without the need to re-design the main chassis of security device 102.

8. A secure boot to protect, authenticate the CPUs, FPGAs firmware and software (SW) codes.

FIG. 10 shows a specific implementation of a programmable cryptographic module configured as a systolic-matrix array of FPGAs, according to one embodiment. In particular, the system of FIG. 10 is an exemplary implementation of cryptographic module 104 as was discussed for FIG. 3 above.

Specifically, un-encrypted or plain text data (e.g., incoming data packets) enters physical interface 1014 and is routed by programmable input interface 1010 to packet input engine 1002. Data packets are routed by input engine 1002 to an appropriate cryptographic core in cryptographic processing engine 1006.

A security association (SA) key lookup is used in packet engine 1002 or 1004 to determine appropriate keys for loading from a key memories array to cryptographic engine 1006 via a key manager interface or as defined in the packet header. These keys are used for security processing of the corresponding data packet.

After encryption by processing engine 1006, encrypted packets are provided to packet output engine 1004 for routing to programmable output interface 1012. The encrypted data leaves via physical interface 1016.

Programmable interfaces 1010 and 1012 may be formed using FPGAs or other programmable devices (e.g., as described above for I/O interfaces 106 or 208 of FIGS. 1 and 2). In one embodiment, physical interfaces 1014 and 1016 may form a part of interchangeable physical input/output interface 108. In one embodiment, physical interface 108 is implemented as a removable physical card.

In one embodiment, FPGAs 1008, 1018, and 1020 form a portion of the systolic-matrix array configuration illustrated in FIG. 10 and may be coupled to the packet input and output engines and cryptographic processing engine using serial buses. The packet input and output engines and cryptographic engine are formed using FPGAs to provide a two-dimensional systolic array of a top systolic layer. In one example, data and control processing is performed in two dimensions using the six FPGA units (e.g., FPGA 1008 and packet input engine 1002) as illustrated in FIG. 10.

In one embodiment, the sub-blocks in the packet input engine 1002 or packet output engine 1004 such as packet routing, packet multiplexer, and IP context lookup are implemented in a systolic-matrix array configuration as was discussed above. Data comes into the packet engine, and the packet engine looks at the packets, including the context, and decides where to route each packet. Then, the packet engine determines that a packet requires a particular security association, which is implemented using a key lookup. The packet engine associates the key to the incoming data. The key is read out, and the data is encrypted or decrypted in one of the crypto cores.

In one embodiment, high-speed memory is coupled to the input and output packet engines, and may be any type of high-speed memory in various embodiments.

In one embodiment, all primary processing works in a matrix. Data is constantly flowing in two dimensions. For example, data is flowing horizontally, keys are flowing up vertically, and control information is flowing down vertically as part of the two-dimensional processing.

Variations

Additional variations, details, and examples for various non-limiting embodiments of the above security processing system are now discussed below. In a first variation, with reference to FIG. 1, the programmable input/output interface 106 is a router/switch that selects one of the crypto modules 104 to receive forwarded packets. A router and switch are incorporated inside the input/output interface 106. For example, if a first packet comes through a second port, the first packet will be routed to crypto module number six. Crypto module number six will later route the first packet back out through that same second port of original entry.

There may be two components to the programmable I/O interface. On one side, the interface programs the type of I/O that is desired. The other side of the interface is the router/switch. The router/switch multiplexer knows which crypto module 104 is to receive a given packet. Also, the router/switch knows which crypto module is ready for processing of a packet. For example, if crypto module number one is ready for processing, it will flag itself as being ready for processing. For example, there is a semaphore flag or packet header bits used that tells I/O interface 106 which module is ready to process data. Whatever port is used to bring in the data, that data will be processed in one of the crypto modules, and then tagged out back to the same port when later being decrypted and sent out from storage (e.g., the packet is tagged with some identification of the port using a tag). The tag is used to redirect the packet back to the correct port of original entry.

The crypto module has a security association that determines which keys go with which packet. The programmable input/output may allow programming of different applications because of the use of FPGAs. The back end of the router/switch will accommodate the type of input/output to be used. The router/switch will identify the crypto module to be used. When reprogramming the programmable interface 106, a new physical interface needs to be interchanged or installed. The main security device chassis is not changed out—only the I/O portion is being changed.

In one embodiment, remote ports 112 are basically control ports. The protocol for the remote port may typically be a Simple Network Management Protocol (SNMP) protocol or any other management protocols. The key fill port is where the keys are filled into the security device. The crypto ignition key ignites the security device.

With reference to FIG. 2, the Interbus serial bus (mentioned above) coordinates the operation of the two input/output interfaces 206, 218. The Interbus handles any protocol issues between the router and the switch functions of these interfaces. The Interbus is used to provide communication between the FPGAs of the systolic array during operation of the security device. In one example, the Interbus helps to coordinate operation as to which crypto module 104 will receive an incoming packet.

Processor 210 manages control plane operation. Processor 210 also configures components when a new security protocol will be used, uses routing tables, sets the configuration, sets up the programmability, and sets up the power-on self-test. Processor 210 also may facilitate key loading. The key fill port on the front of user panel 116 operates under control by processor 210.

With reference to FIG. 3, a secure boot is used to guarantee that the data booted into the FPGAs of the cryptographic module 104 is proper. The secure boot is executed when the unit is turned on or at boot-up. The code is authenticated by the system. The FPGAs are programmed at every boot up of the unit, or any time that the unit is reset. Each crypto module may have its own CPU which controls programming.

With reference to FIG. 8, external key manager 802 is a location that

the keys may be stored for passing to the security device 102. A network operator loads the keys into the external key manager 802. The security device 102 loads the keys into the crypto modules. There is key tagging in the packet headers and inside the crypto module. When a packet comes into the security device 102, the packet is associated with a given key, and the packet contains information used to route the packet. The external key management can load keys in real-time or only a single time. Network services management 804 is remote management which provides control status, setting-up of the security device unit, and sending of the status back to a user. The other external management services 806 could be used to track how many other units are in the field, what the units are doing, whether each unit is running, and what configuration the unit is in.

In one embodiment, data packets include key tags, customer tags, and packet tags. The packet tag tells what type of packet is coming in. The customer tag identifies the company or source of the data. The key tag tells what key goes with what packet. Each tag is looked at by the packet engine to determine how the packet is going to be routed within the crypto module 104.

Now discussing an embodiment regarding flexible physical partitioning, each cryptographic module 104 may be physically isolated by design. So, only a certain packet will go through a module number one and only certain other packets will go through module number two. For example, crypto module number one may only process a certain style of packet. Crypto module number two may only process packets for a particular customer. Thus, it is physically partitioned. For example, customer number one's data is tagged as belonging to customer number one, for sending it to the specific crypto module. The router determines this requirement, and only that particular crypto module can process that customer's packet.

Regarding internal key management in the crypto module's performance, the key manager loads the keys, and further decides how the keys are dispersed within the crypto module based on the tagging of the incoming data packet. Keys are stored in the selectable key cache 908. The key manager decides based on the tagging of the data packet what keys will be associated with the current packet. This provides key agility.

With reference to FIG. 9, API 904 may be programmed to map into any of several different external key managers 906. The use of API 904 thus provides increased flexibility.

Multi-Tenancy Architecture

FIG. 11 shows a multi-tenancy system including a security device 1102, according to one embodiment. Security device 1102 is configured for cryptographic processing. Security device 1102 receives incoming data from a plurality of data sources 1106. For example, the incoming data includes first data from a first data source (Source 1). More specifically, the cryptographic processing includes encryption of data packets written to the common encrypted data storage 204, and decryption of data packets read from the common encrypted data storage 204.

A controller (not shown) is configured to select a first set of keys from a plurality of key sets 1104. Each of the key sets 1104 corresponds to one of the plurality of data sources 1106. The first set of keys (e.g., Key Set 1) is used by the security device to encrypt the first data. Common encrypted data storage 204 receives the encrypted first data from security device 1102.

The controller may be, for example, a key manager as discussed further below. In one embodiment, the security device 1102 includes the controller. In one embodiment, the controller is an internal key manager (e.g., as discussed above for FIG. 9 and internal key manager 902).

In one embodiment, the first data is a first data packet, and security device 1102 is configured to detect a tag of the first data packet that identifies the first data source (e.g., Source 1). The controller selects the first set of keys (Key Set 1) based on the detection of the tag.

Each of the plurality of data sources is typically located at a different physical location for a respective user (e.g., an entity such as a company or individual) using the common encrypted data storage 204 to store data sent over a network (e.g., the Internet or another communication link) to the security device 1102.

FIG. 12 shows a multi-tenancy system including multiple security devices 1204 and key managers (Key Manager 1, 2, 3, 4), according to another embodiment. Each of the key managers may be, for example, an external key manager such as described for FIGS. 8 and 9 above.

Each of the security devices 1204 is configured for cryptographic processing and receives incoming data from at least one data source 1202. Each of the key managers is associated with a user (e.g., corporation or an individual). For example, a given user may control an external key manager that provides keys to one of the security devices 1204 for cryptographic processing of that user's data. A switch 1206 receives the incoming data from data source 1202 and routes the incoming data to one of the security devices. For example, switch 1206 may route the data to the security device that corresponds to the user that sent the data for storage.

Each key manager is coupled to a respective one of the security devices 1204, and each key manager is configured to provide a set of keys to a particular security device 1204 for encryption of incoming data associated with the respective user. The incoming data is then stored in common encrypted data storage 204 after the encryption.

Switch 1208 is used to route the encrypted data from the security device to encrypted data storage 204. When data is read from common encrypted data storage 204, switch 1208 routes the data to the appropriate security device 1204 for decryption processing.

In one embodiment, security devices 1204 include a first security device (Security Device 1). The key managers include a first key manager (Key Manager 1). The first security device comprises a key cache (not shown) configured to store a first set of keys (e.g., Key Set 1 as shown in FIG. 11) that are received from the first key manager. The first set of keys is loaded into a cryptographic core (not shown) of the first security device and then used to encrypt data packets in the incoming data.

FIG. 13 shows a security device 1302 in communication over a network 1306 (via communication links 1310) with common data storage 204, according to one embodiment. In this embodiment, the controller discussed for security device 1102 above is an external key manager 1304 that provides keys to the security device 1302 via an application programming interface (as was discussed for FIG. 9 above). In one embodiment, the first data source 1106 of FIG. 11 corresponds to a first user, and external key manager 1304 receives commands from this first user to control access to the first set of keys by the security device 1302.

In FIG. 13, security device 1302 is shown located at a physical location or site 1308 of the first user. In other embodiments, security device 1302 may be located at the physical location of common encrypted data storage 204. In these other embodiments, key manager 1304 may still remain at physical location 1308 under the control of the first user.

FIG. 14 shows a block diagram of a multi-tenancy cryptographic module including cryptographic cores 1406, 1408 and key caches 1410, 1412, as used in a multi-tenancy architecture according to one embodiment. The cryptographic module is, for example, included in security device 1102 of FIG. 11, or in one or more of security devices 1204 of FIG. 12. Cryptographic core 1406 is an input core configured to perform encryption for data packets received from packet input engine 1402. Cryptographic core 1408 is an output core configured to perform decryption for data packets received from packet output engine 1404.

Input key cache 1410 and output key cache 1412 each store a plurality of key sets. A first set of keys is selected from the key sets stored in key cache 1410 to encrypt a first data packet by the input core 1406. Packet input engine 1402 is configured to detect a header of the first data packet and to address the first set of keys. In one embodiment, the cryptographic module includes a processor (not shown) configured to verify that the packet input engine 1402 is authorized to address the first set of keys.

The cryptographic module includes a key loader controller 1414 to load keys, for example, from an external key manager via an application programming interface. The key loader controller 1414 loads the first set of keys for storage in key cache 1410 prior to receipt of the first data packet by the cryptographic module. In one embodiment, key cache 1410 and key cache 1412 are each configured so that a key cache failure causes the respective key cache to be zeroized.

Stored keys are loaded into the appropriate cryptographic core 1406 or 1408 from key cache 1410 or 1412. The packet input engine 1402 provides a signal (e.g., an addressing signal) used by input key cache 1410 to select the first set of keys for use by the cryptographic core 1406 in encrypting incoming data packets. Packet output engine 1404 addresses keys in key cache 1412 in a similar way for decrypting outgoing packets.

Packet output engine 1404 provides encrypted data packets from the input core 1406 when writing data to common encrypted data storage 204. Packet output engine 1404 detects a header of each data packet when reading from the common encrypted data storage 204 in order to address a set of keys in output key cache 1412 for decrypting each data packet by output core 1408. Output core 1408 provides the decrypted data packets to packet input engine 1402, which sends the data packets to one of data sources 1106 of FIG. 11.

In one embodiment, input key cache 1410 stores a set of keys for encryption and output key cache 1412 stores a set of keys for decryption. The cryptographic module is configured to zeroize input core 1406, the input key cache 1410, and key loader controller 1414 after encrypting the first data packet. Output core 1408, output key cache 1412, and key loader controller 1414 are zeroized after decrypting data packets read from common encrypted data storage 204.

In one embodiment, as described in more detail below, a secure multi-tenancy system is provided to encrypt a customer's data to minimize or avoid situations where data is mistakenly read by another customer. The system reduces the risk of unauthorized access to a customer's data.

The packet input engine 1402 performs header detections, or modifications, and will authenticate and associate the customer's data. Once the data is authenticated and identified, packet input engine 1402 will address the unique specific customer's key in input key cache 1410. The input key cache 1410 stores this customer's specific keys. The input key cache also has a fail safe and key authentication processor (not shown) to verify the packet input engine 1402 is authorized to address the keys within the input key cache.

Key loader controller 1414 loads and verifies keys and addresses from the packet input engine 1402. A fail safe feature of the input key cache 1410 and key loader controller 1414 is that any key cache failure will result in a zeroized key cache. The key loader controller 1414 and the respective input or output key cache is designed to ensure the proper key is associated with the data that will be encrypted or decrypted. The key controller and each key cache is designed to be fail safe, in that if there is any failure in the key controller or one of the key caches, the cryptographic module will fail to a known state and the data will not be compromised.

Each of the key caches is designed to store, for example, one or more millions of keys. In one embodiment, each key cache writes keys one way to its respective cryptographic core (i.e., input core or output core).

Packet output engine 1404 performs header detections, or modifications, and authenticates and associates the customer's data read from common encrypted data storage 204. Once the data is authenticated and identified, packet output engine 1404 addresses output key cache 1412. The output key cache 1412 operates similarly to the input key cache 1410, discussed above.

Each cryptographic core is an encryption/decryption engine to encrypt or decrypt the data from the packet input/output (I/O) engines discussed above. The keys are loaded from the respective key caches, as was discussed above.

In some embodiments, the multi-tenancy architecture detects the packet header and associates the keys that will be encrypted/decrypted. There is an option provided for the keys in the key cache to be encrypted using a key encryption key or to be un-encrypted. The multi-tenancy architecture is configured to provide selected encrypted data into common storage area 204 (e.g., for data storage or for internal network processing and use). In one embodiment, the multi-tenancy architecture authenticates the I/O packet engines to the associated encryption and decryption keys within the respective input or output key cache for simultaneous two-way data traffic. The system requires that data be encrypted with a set of keys associated to a specific customer's data.

The multi-tenancy architecture may have fail safe features to ensure in cases of failure that the multi-tenancy architecture will fail to a safe state. Each key cache may be coupled to a fail safe key loader controller to authenticate the packet engines and send the correct key addresses. The key cache may be fail safe with authentication. The cryptographic core may use fail safe features and key agility to process keys from the respective key cache and data from the input/output packet engine.

Additional variations, details, and examples for various non-limiting embodiments of the multi-tenancy architecture/system are now discussed below. In a first variation, data is coming in from many different customers. Data is stored in one large database and in an encrypted form. For example, a first company's key and a second company's key are each loaded into the multi-tenancy system. The first company's key is selected for processing the first company's data.

In another variation, no entity but the customer is able to see the keys of the customer. The customer controls the keys by interacting with the key manager discussed above. The customer's keys cannot be lost by a data storage center operator, and cannot be used by another company.

In one example, each customer owns its own security device unit and controls and manages its own key manager. The other equipment of the data storage center can be commonly owned and operated by the data storage center operator. Each customer's security device unit is installed at the data storage center or at the customer's physical location.

In one variation, the internal control plane key bus as illustrated in FIG. 14, provides user or operational keys into key loader controller 1414. The front panel key load as illustrated in FIG. 14 is used to load keys from a key loader into the key loader controller 1414.

Closing

At least some aspects disclosed can be embodied, at least in part, in software. That is, the techniques may be carried out in a computer system or other data processing system in response to its processor, such as a microprocessor, executing sequences of instructions contained in a memory, such as ROM, volatile RAM, non-volatile memory, cache or a remote storage device.

In various embodiments, hardwired circuitry may be used in combination with software instructions to implement the techniques. Thus, the techniques are neither limited to any specific combination of hardware circuitry and software nor to any particular source for the instructions executed by the data processing system.

Although some of the drawings may illustrate a number of operations in a particular order, operations which are not order dependent may be reordered and other operations may be combined or broken out. While some reordering or other groupings are specifically mentioned, others will be apparent to those of ordinary skill in the art and so do not present an exhaustive list of alternatives. Moreover, it should be recognized that various stages or components could be implemented in hardware, firmware, software or any combination thereof.

In the foregoing specification, the disclosure has been described with reference to specific exemplary embodiments thereof. It will be evident that various modifications may be made thereto without departing from the broader spirit and scope as set forth in the following claims. The specification and drawings are, accordingly, to be regarded in an illustrative sense rather than a restrictive sense.

Claims

1. A system, comprising: at least one processor, ASIC, or field-programmable gate array configured to: receive a first data packet from a first data source, the first data packet including a tag associated with the first data source;authenticate data of the first data packet;detect a tag of the first data packet that identifies the first data source;select a first set of keys based on the tag;encrypt the first data packet using the first set of keys; send, over a network, the encrypted first data packet to a storage;read, over the network, the first data packet from the storage;detect the tag of the first data packet read from the storage;select the first set of keys based on the detected tag; anddecrypt the first data packet read from the storage using the first set of keys.
2. The system of claim 1, further including a packet input engine configured to receive the first data packet and detect the tag in the first data packet, and a packet output engine configured to send the encrypted first data packet to the storage.
3. The system of claim 2, wherein the packet input engine is further configured to provide a signal to a key cache for selecting the first set of keys.
4. A system comprising: at least one processor, ASIC, or field-programmable gate array configured to: receive a first data packet from a first data source, the first data packet including a tag associated with the first data source;authenticate data of the first data packet;select, in response to authenticating the data of the first data packet, a first key based on the tag;encrypt the first data packet using the first key;send, over a network, the encrypted first data packet to a storage;read, over the network, the first data packet from the storage;after reading the first data packet from the storage, decrypt the first data packet using the first key; andafter decrypting the first data packet, send the first data packet to the first data source; andat least one switch or router configured to: when reading the first data packet from the storage, detect the tag; andselect a first cryptographic engine and the first key for decrypting the first data packet based on the detected tag.
5. The system of claim 4, further comprising at least one memory configured to store a plurality of keys including the first key.
6. The system of claim 4, further comprising at least one key cache, wherein the at least one processor, ASIC, or field-programmable gate array is further configured to authorize access to keys in the at least one key cache.
7. The system of claim 4, wherein a second key is selected for encrypting the first data packet, and the second key is selected based on the tag of the first data packet.
8. The system of claim 4, wherein the received first data packet further includes a header, the header remains in the clear during encrypting of the first data packet, and the at least one processor, ASIC, or field-programmable gate array is further configured to send the header to the storage along with the encrypted first data packet.
9. The system of claim 4, wherein the first data packet is encrypted by a second cryptographic engine, and the at least one processor, ASIC, or field-programmable gate array is further configured to, after encrypting the first data packet, zeroize the second cryptographic engine.
10. The system of claim 4, wherein the at least one processor, ASIC, or field-programmable gate array includes a systolic-matrix array of FPGAs configured to support at least one security protocol.
11. The system of claim 4, wherein the tag is a first tag that identifies a source of data, the first data packet further comprises a second tag, and the at least one processor, ASIC, or field-programmable gate array is further configured to determine a type of packet based on the second tag.
12. The system of claim 11, wherein the first cryptographic engine is selected for encrypting the first data packet based on the second tag.
13. A system comprising: at least one memory configured to store a key; andat least one processor, ASIC, or field-programmable gate array configured to: receive a first data packet from a first source, the first data packet including a tag associated with the first data source;authenticate data of the first data packet;select, in response to authenticating the data of the first data packet, a first key based on the tag;in response to receiving the first data packet, determine an association of the first data packet with the first source;select, based on the association of the first data packet with the first source, a first processor;encrypt, by the selected first processor using the first key, the first data packet;send the encrypted first data packet to storage;read the encrypted first data packet from the storage;detect the tag when reading the encrypted first data packet; andselect the first processor and the first key for decrypting the encrypted first data packet based on the detected tag.
14. The system of claim 13, wherein the at least one processor, ASIC, or field-programmable gate array is further configured to select the first processor based on the tag.
15. The system of claim 13, wherein the at least one processor, ASIC, or field-programmable gate array is further configured to include a packet input engine to receive the first data packet and detect the tag in the first data packet, and a packet output engine to send the encrypted first data packet to the storage.
16. The system of claim 13, further including a key cache for storing the first key.
17. The system of claim 13, wherein the at least one processor, ASIC, or field-programmable gate array is further configured to include an input cryptographic core for encrypting the first data packet using the first key, and an output cryptographic core for decrypting the encrypted first data packet using the first key.
18. A security device comprising: a packet input engine configured to receive a data packet from a data source, authenticate the data source and provide a first key selection signal based on a detected tag in the data packet once the data source is authenticated;an input key cache configured to select, based on the first key selection signal, a first set of keys stored in the input key cache for encrypting the data packet;an input cryptographic core configured to receive and encrypt the data packet using the first set of keys; anda packet output engine configured to receive and output the encrypted data packet to a storage device.
19. The security device of claim 18, wherein the packet output engine is further configured to retrieve the encrypted data packet from the storage device and provide a second key selection signal based on the detected tag in the encrypted data packet.
20. The security device of claim 19, further comprising: an output key cache configured to select, based on the second key selection signal, a second set of keys stored in the output key cache for decrypting the encrypted data packet; andan output cryptographic core configured to receive and decrypt the encrypted data packet, wherein the packet input engine is further configured to receive and send the decrypted data packet to the data source.
21. The security device of claim 18, further comprising a key loader controller configured to load the first set of keys to be stored in the input key cache prior to the packet input engine receiving the data packet, and to load a second set of keys to be stored in the output key cache prior to the packet output engine receiving the encrypted data packet.
22. A system comprising: a physical interface; andat least one processor, ASIC, or field-programmable gate array configured to: receive, via the physical interface, a first data packet from a first data source;encrypt the first data packet using a cryptographic engine;after encrypting the first data packet, zeroize the cryptographic engine;send, over a network, the encrypted first data packet to a data storage;read, over the network, the first data packet from the data storage;after reading the first data packet from the data storage, decrypt the first data packet; andafter decrypting the first data packet, send the first data packet to the first data source.
23. The system of claim 22, wherein the first data packet includes a tag associated with the first data source, and the cryptographic engine is a first cryptographic engine, the system further comprising at least one switch or router configured to: when reading the first data packet from the data storage, detect the tag; andselect a second cryptographic engine for decrypting the first data packet based on the detected tag.

RELATED APPLICATIONS

This is a continuation application of U.S. Non-Provisional application Ser. No. 15/824,015, filed Nov. 28, 2017, which is a continuation application of U.S. Non-Provisional application Ser. No. 15/150,624, filed May 10, 2016, now issued as U.S. Pat. No. 9,858,442, which is a continuation application of U.S. Non-Provisional application Ser. No. 14/208,337, filed Mar. 13, 2014, now issued as U.S. Pat. No. 9,355,279, entitled “MULTI-TENANCY ARCHITECTURE,” by Richard J. Takahashi, which itself claims priority to U.S. Provisional Application Ser. No. 61/806,775, filed Mar. 29, 2013, entitled “MULTI-TENANCY ARCHITECTURE,” by Richard J. Takahashi, the entire contents of which applications are each incorporated by reference as if fully set forth herein. This application is related to U.S. Non-Provisional application Ser. No. 14/198,097, filed Mar. 5, 2014, entitled “MULTI-LEVEL INDEPENDENT SECURITY ARCHITECTURE,” by Richard J. Takahashi, the entire contents of which application is incorporated by reference as if fully set forth herein. This application is related to U.S. Non-Provisional application Ser. No. 14/177,392, filed Feb. 11, 2014, entitled “SECURITY DEVICE WITH PROGRAMMABLE SYSTOLIC-MATRIX CRYPTOGRAPHIC MODULE AND PROGRAMMABLE INPUT/OUTPUT INTERFACE,” by Richard J. Takahashi, the entire contents of which application is incorporated by reference as if fully set forth herein.

US Referenced Citations (341)

Number	Name	Date	Kind
4319079	Best	Mar 1982	A
4357529	Atalia	Nov 1982	A
5351299	Matsuzaki et al.	Sep 1994	A
5594797	Alan ar a et al.	Jan 1997	A
5602916	Grube	Feb 1997	A
5631960	Likens et al.	May 1997	A
5892962	Cloutier	Apr 1999	A
5915025	Taguchi et al.	Jun 1999	A
5961626	Harrison et al.	Oct 1999	A
5995628	Kitaj et al.	Nov 1999	A
6044388	DeBellis et al.	Mar 2000	A
6081895	Harrison et al.	Jun 2000	A
6101255	Harrison et al.	Aug 2000	A
6128666	Muller et al.	Oct 2000	A
6275588	Videcrantz et al.	Aug 2001	B1
6304973	Williams	Oct 2001	B1
6351813	Mooney	Feb 2002	B1
6378072	Collins	Apr 2002	B1
6515993	Williams et al.	Feb 2003	B1
6550012	Villa et al.	Apr 2003	B1
6577734	Etzel	Jun 2003	B1
6598161	Kluttz et al.	Jul 2003	B1
6715028	Toda	Mar 2004	B1
6845446	Fuller	Jan 2005	B1
7171000	Toh et al.	Jan 2007	B1
7200756	Griffin et al.	Apr 2007	B2
7277941	Ignatius et al.	Oct 2007	B2
7370348	Patel	May 2008	B1
7382787	Barnes et al.	Jun 2008	B1
7421576	Kent	Sep 2008	B1
7496764	Robert	Feb 2009	B2
7594262	Hanzlik et al.	Sep 2009	B2
7607167	Johnson et al.	Oct 2009	B1
7639696	Wu	Dec 2009	B2
7644268	Filipi-Martin et al.	Jan 2010	B2
7716467	Deffet et al.	May 2010	B1
7734844	Pedersen et al.	Jun 2010	B2
7773754	Buer et al.	Aug 2010	B2
7804504	Agarwal	Sep 2010	B1
7814316	Hughes et al.	Oct 2010	B1
7836490	Smith	Nov 2010	B2
7849306	Takeshima et al.	Dec 2010	B2
RE42212	Hoffman	Mar 2011	E
7908472	Freed et al.	Mar 2011	B2
7920701	Cox	Apr 2011	B1
7921284	Kinghorn et al.	Apr 2011	B1
7921288	Hildebrand	Apr 2011	B1
7930540	Ahuja et al.	Apr 2011	B2
7930756	Crocker et al.	Apr 2011	B1
7958351	Luthl	Jun 2011	B2
7996670	Krishna et al.	Aug 2011	B1
8065713	Vainstein et al.	Nov 2011	B1
8073949	Cunchon et al.	Dec 2011	B2
8166289	Owens et al.	Apr 2012	B2
8219799	Lucchesi	Jul 2012	B1
8229116	Ogata	Jul 2012	B2
8230207	Iyer et al.	Jul 2012	B2
8234686	Alvermann et al.	Jul 2012	B2
8266433	Przykucki et al.	Sep 2012	B1
8266670	Merkow et al.	Sep 2012	B1
8275984	Loveless	Sep 2012	B2
8289975	Suganthi et al.	Oct 2012	B2
8307206	Ahuja et al.	Nov 2012	B2
8356177	McGrew et al.	Jan 2013	B2
8386768	Nair et al.	Feb 2013	B2
8407194	Chaput et al.	Mar 2013	B1
8416954	Raizen et al.	Apr 2013	B1
8418252	Akyol et al.	Apr 2013	B2
8433783	Jackowski et al.	Apr 2013	B2
8433929	Yamashita	Apr 2013	B2
8438626	Anderson et al.	May 2013	B2
8443069	Bagepalli et al.	May 2013	B2
8452956	Kersey	May 2013	B1
8479304	Clifford	Jul 2013	B1
8533494	Harada	Sep 2013	B2
8536957	Nakamura et al.	Sep 2013	B1
8539571	Smith	Sep 2013	B2
8561127	Agrawal et al.	Oct 2013	B1
8594335	Izhar	Nov 2013	B1
8595814	Le et al.	Nov 2013	B2
8631460	Shea et al.	Jan 2014	B2
8681974	Langhammer	Mar 2014	B1
8707020	Lengyel	Apr 2014	B1
8751826	O'Connor et al.	Jun 2014	B2
8811620	Chaves	Aug 2014	B2
8813247	Alten	Aug 2014	B1
8909942	Obukhov et al.	Dec 2014	B1
8935523	Osburn, III	Jan 2015	B1
8966249	Lindteigen	Feb 2015	B2
8966288	Ignatius et al.	Feb 2015	B2
8988713	Gutnik et al.	Mar 2015	B2
9088538	Lindteigen et al.	Jul 2015	B2
9100361	Lucchesi et al.	Aug 2015	B1
9191200	Adams et al.	Nov 2015	B1
9227139	Mamtani et al.	Jan 2016	B2
9245148	Runkis et al.	Jan 2016	B2
9306917	Brugger et al.	Apr 2016	B2
9317705	O'Hare et al.	Apr 2016	B2
9317718	Takahashi	Apr 2016	B1
9355279	Takahashi	May 2016	B1
9374344	Takahashi	Jun 2016	B1
9374345	Brugger et al.	Jun 2016	B2
9378359	Qureshi et al.	Jun 2016	B2
9380048	Lindteigen et al.	Jun 2016	B2
9524399	Takahashi	Dec 2016	B1
9536103	Redberg	Jan 2017	B2
9560019	Barney	Jan 2017	B2
9660964	Asiedu	May 2017	B2
9680801	Martini	Jun 2017	B1
9690598	Lindteigen	Jun 2017	B2
9692605	Lindteigen et al.	Jun 2017	B2
9705854	Khazan	Jul 2017	B2
9794064	Takahashi	Oct 2017	B2
9794270	Lindteigen	Oct 2017	B2
9798899	Takahashi	Oct 2017	B1
9858442	Takahashi	Jan 2018	B1
9871662	Glisson	Jan 2018	B2
9916456	O'Hare et al.	Mar 2018	B2
10013580	Takahashi	Jul 2018	B2
10114766	Takahashi	Oct 2018	B2
10708236	Takahashi	Jul 2020	B2
10902155	Takahashi	Jan 2021	B2
11063914	Takahashi	Jul 2021	B1
11283774	Anderson et al.	Mar 2022	B2
11288402	Takahashi	Mar 2022	B2
11429540	Takahashi	Aug 2022	B2
20010042124	Barron	Nov 2001	A1
20020027906	Athreya	Mar 2002	A1
20020029280	Holden	Mar 2002	A1
20020083317	Ohta	Jun 2002	A1
20020091975	Redlich et al.	Jul 2002	A1
20020099959	Redlich et al.	Jul 2002	A1
20020162024	Cunchon	Oct 2002	A1
20020165961	Everdell et al.	Nov 2002	A1
20030012373	Ogura et al.	Jan 2003	A1
20030014627	Krishna et al.	Jan 2003	A1
20030023846	Krishna	Jan 2003	A1
20030051054	Redlich et al.	Mar 2003	A1
20030070077	Redlich et al.	Apr 2003	A1
20030074552	Olkin et al.	Apr 2003	A1
20030119484	Adachi et al.	Jun 2003	A1
20030120949	Redlich et al.	Jun 2003	A1
20030172279	Yudasaka	Sep 2003	A1
20030182435	Redlich et al.	Sep 2003	A1
20030196108	Kung	Oct 2003	A1
20030210702	Kendall	Nov 2003	A1
20040034772	Alao	Feb 2004	A1
20040054914	Sullivan	Mar 2004	A1
20040083286	Holden	Apr 2004	A1
20040114558	Krishnamurthi	Jun 2004	A1
20040123096	Buer	Jun 2004	A1
20040123119	Buer	Jun 2004	A1
20040123120	Buer	Jun 2004	A1
20040123121	Paaske	Jun 2004	A1
20040123123	Buer	Jun 2004	A1
20040148500	Olkin et al.	Jul 2004	A1
20040151323	Olkin et al.	Aug 2004	A1
20040196979	Cheng	Oct 2004	A1
20050010690	Marshall et al.	Jan 2005	A1
20050097357	Smith	May 2005	A1
20050132070	Redlich et al.	Jun 2005	A1
20050138109	Redlich et al.	Jun 2005	A1
20050138110	Redlich et al.	Jun 2005	A1
20050138654	Minne	Jun 2005	A1
20050166066	Ahuja et al.	Jul 2005	A1
20050190758	Gai et al.	Sep 2005	A1
20050198412	Pedersen et al.	Sep 2005	A1
20050198498	Gaur	Sep 2005	A1
20050198500	Gaur	Sep 2005	A1
20050257062	Ignatius et al.	Nov 2005	A1
20060015748	Goto	Jan 2006	A1
20060059537	Alvermann et al.	Mar 2006	A1
20060059553	Morais	Mar 2006	A1
20060117126	Leung et al.	Jun 2006	A1
20060129810	Jeong	Jun 2006	A1
20060133604	Buer et al.	Jun 2006	A1
20060140410	Aihara	Jun 2006	A1
20060149965	Sharma	Jul 2006	A1
20060174102	Smith et al.	Aug 2006	A1
20060174112	Wray	Aug 2006	A1
20070067630	Lenkov et al.	Mar 2007	A1
20070067634	Siegler	Mar 2007	A1
20070074020	Nishimura	Mar 2007	A1
20070115812	Hughes	May 2007	A1
20070136801	Le et al.	Jun 2007	A1
20070160198	Orsini et al.	Jul 2007	A1
20070192596	Otsuka	Aug 2007	A1
20070195951	Leung, Jr.	Aug 2007	A1
20070195960	Goldman	Aug 2007	A1
20070204159	Hara	Aug 2007	A1
20070237327	Taylor	Oct 2007	A1
20070245413	Andolina	Oct 2007	A1
20070250921	LiVecchi	Oct 2007	A1
20070258586	Huang et al.	Nov 2007	A1
20080005569	Watson et al.	Jan 2008	A1
20080010233	Sack	Jan 2008	A1
20080022136	Mattson	Jan 2008	A1
20080037777	Ignatius et al.	Feb 2008	A1
20080052533	Iida et al.	Feb 2008	A1
20080052765	Shinomiya et al.	Feb 2008	A1
20080062803	Fronte	Mar 2008	A1
20080091945	Princen et al.	Apr 2008	A1
20080098226	Zokumasui	Apr 2008	A1
20080130889	Qi	Jun 2008	A1
20080130894	Qj	Jun 2008	A1
20080141023	Qi	Jun 2008	A1
20080151893	Nordmark et al.	Jun 2008	A1
20080168135	Redlich et al.	Jul 2008	A1
20080181406	Iyer et al.	Jul 2008	A1
20080183992	Martin et al.	Jul 2008	A1
20080288782	Iyer	Nov 2008	A1
20090019527	Winslow	Jan 2009	A1
20090034734	Owens et al.	Feb 2009	A1
20090043901	Mizikovsky et al.	Feb 2009	A1
20090046858	Iyer et al.	Feb 2009	A1
20090097661	Orsini et al.	Apr 2009	A1
20090129388	Akhtar et al.	May 2009	A1
20090177894	Orsini et al.	Jul 2009	A1
20090178144	Redlich et al.	Jul 2009	A1
20090198997	Yeap et al.	Aug 2009	A1
20090228708	Trostle	Sep 2009	A1
20090249084	Ogawa	Oct 2009	A1
20090254572	Redlich et al.	Oct 2009	A1
20090254750	Bono et al.	Oct 2009	A1
20090327617	Furuichi et al.	Dec 2009	A1
20100010968	Redlich et al.	Jan 2010	A1
20100115260	Venkatesan et al.	May 2010	A1
20100153702	Loveless	Jun 2010	A1
20100153704	Winslow	Jun 2010	A1
20100161981	Dodgson et al.	Jun 2010	A1
20100169645	McGrew et al.	Jul 2010	A1
20100198730	Ahmed et al.	Aug 2010	A1
20100250497	Redlich et al.	Sep 2010	A1
20100254537	Buer et al.	Oct 2010	A1
20100274861	Asiedu	Oct 2010	A1
20100278338	Chang et al.	Nov 2010	A1
20100299313	Orsini et al.	Nov 2010	A1
20110069835	Maliszewski	Mar 2011	A1
20110087889	Iyer et al.	Apr 2011	A1
20110131138	Tsuchiya	Jun 2011	A1
20110153969	Petrick	Jun 2011	A1
20110153985	Saha et al.	Jun 2011	A1
20110154019	Wang	Jun 2011	A1
20110154031	Banerjee et al.	Jun 2011	A1
20110167265	Ahuja et al.	Jul 2011	A1
20110202755	Orsini et al.	Aug 2011	A1
20110246766	Orsini et al.	Oct 2011	A1
20110246785	Linsley et al.	Oct 2011	A1
20110252236	De Atley et al.	Oct 2011	A1
20110252480	Patawaran et al.	Oct 2011	A1
20110264905	Dvsiannikov	Oct 2011	A1
20110283339	Smith	Nov 2011	A1
20110296440	Laurich et al.	Dec 2011	A1
20110311048	Nagata et al.	Dec 2011	A1
20120011351	Mundra et al.	Jan 2012	A1
20120066509	Lapp et al.	Mar 2012	A1
20120072723	Orsini et al.	Mar 2012	A1
20120110316	Chamberlain et al.	May 2012	A1
20120159159	Messerges et al.	Jun 2012	A1
20120159183	Adams et al.	Jun 2012	A1
20120166576	Orsini et al.	Jun 2012	A1
20120166818	Orsini et al.	Jun 2012	A1
20120179916	Staker et al.	Jul 2012	A1
20120198241	O'Hare et al.	Aug 2012	A1
20120204032	Wilkins et al.	Aug 2012	A1
20120210119	Baxter et al.	Aug 2012	A1
20120213360	Le Quere	Aug 2012	A1
20120233472	Faraboschi	Sep 2012	A1
20120246489	Brelot	Sep 2012	A1
20120257506	Bazlamacci et al.	Oct 2012	A1
20120278529	Hars	Nov 2012	A1
20120303826	Nelson	Nov 2012	A1
20120324222	Massey et al.	Dec 2012	A1
20120331088	O'Hare et al.	Dec 2012	A1
20130013931	O'Hare et al.	Jan 2013	A1
20130034229	Sauerwald	Feb 2013	A1
20130054979	Basmov	Feb 2013	A1
20130077788	Blanchard et al.	Mar 2013	A1
20130124852	Haeger	May 2013	A1
20130254542	Buer et al.	Sep 2013	A1
20130268931	O'Hare et al.	Oct 2013	A1
20130305039	Gauda	Nov 2013	A1
20130311780	Besehanic	Nov 2013	A1
20130326220	Connelly	Dec 2013	A1
20130332724	Walters	Dec 2013	A1
20140013123	Khazan et al.	Jan 2014	A1
20140013452	Aissi et al.	Jan 2014	A1
20140068262	Robertson et al.	Mar 2014	A1
20140108782	Salinger et al.	Apr 2014	A1
20140108785	Lindteigen et al.	Apr 2014	A1
20140122866	Haeger et al.	May 2014	A1
20140143533	Ganong, III et al.	May 2014	A1
20140143538	Lindteigen	May 2014	A1
20140195793	Lindteigen	Jul 2014	A1
20140195798	Brugger et al.	Jul 2014	A1
20140229731	O'Hare et al.	Aug 2014	A1
20140245007	Buer et al.	Aug 2014	A1
20140250300	Runkis et al.	Sep 2014	A1
20140281526	Lindteigen	Sep 2014	A1
20140324698	Dolcino et al.	Oct 2014	A1
20150019443	Sheets et al.	Jan 2015	A1
20150074409	Reid et al.	Mar 2015	A1
20150095645	Eldar	Apr 2015	A1
20150128243	Roux et al.	May 2015	A1
20150154418	Redberg	Jun 2015	A1
20150163229	Lindteigen	Jun 2015	A1
20150188893	Sood	Jul 2015	A1
20150222604	Ylonen	Aug 2015	A1
20150256518	Buer et al.	Sep 2015	A1
20150271151	Brugger et al.	Sep 2015	A1
20150363608	Redberg	Dec 2015	A1
20150363611	Redberg	Dec 2015	A1
20150381710	Kish	Dec 2015	A1
20160056956	O'Hare	Feb 2016	A1
20160219024	Verzun et al.	Jul 2016	A1
20160308680	Lindteigen	Oct 2016	A1
20170019377	Lindteigen	Jan 2017	A1
20170061141	Redberg	Mar 2017	A1
20170075821	Takahashi	Mar 2017	A1
20170083725	Takahashi	Mar 2017	A1
20170085372	Anderson et al.	Mar 2017	A1
20170093587	Glisson	Mar 2017	A1
20170098096	Redberg	Apr 2017	A1
20170118180	Takahashi	Apr 2017	A1
20170118214	Vainstein	Apr 2017	A1
20170126623	Lindteigen	May 2017	A1
20170149748	Lindteigen	May 2017	A1
20170201382	Lindteigen	Jul 2017	A1
20170286669	O'Hare et al.	Oct 2017	A1
20170359317	Anderson et al.	Dec 2017	A1
20180041485	O'Hare et al.	Feb 2018	A1
20180068125	Redberg	Mar 2018	A1
20180082084	Takahashi et al.	Mar 2018	A1
20180139061	Glisson	May 2018	A1
20180176194	Xiong	Jun 2018	A1
20180268173	Takahashi et al.	Sep 2018	A1
20190050348	Takahashi et al.	Feb 2019	A1
20210119979	Takahashi	Apr 2021	A1
20220174049	Takahashi	Jun 2022	A1
20220174050	Anderson	Jun 2022	A1
20220198069	Takahashi	Jun 2022	A1

Foreign Referenced Citations (8)

Number	Date	Country
2337304	Jun 2011	EP
3350974	Jul 2018	EP
2005-167816	Jun 2005	JP
2012-137975	Jul 2012	JP
2014-176030	Sep 2014	JP
2017048896	Mar 2017	WO
2017074887	May 2017	WO
2018231519	Dec 2018	WO

Non-Patent Literature Citations (47)

Entry
Blum, Thomas et al. Worcester Polytechnic Institute ECE Department. “Montgomery Modular Exponentiation on Reconfigurable Hardware” Apr. 1999. pp. 1-8, 8 pages.
Carbonite White Paper—“The Better Backup Plan, Making Sense of the Cloud”; 5 pages.
Carbonite White Paper—“The Better Backup Plan, Trouble Free Backup Solutions”; 3 pages.
Dichtl et al.; High-Speed True Random Number Generation with Logic Gates Only; 18 pages; Siemens AG and Telecom Italia; Europe.
Korean Intellectual Property Office; International Patent Application No. PCT/US2016/058568, International Search Report and Written Opinion, dated Jan. 20, 2017; 9 pages; Korea.
Korean Intellectual Property Office; International Patent Application No. PCT/US2016/051834, International Search Report and Written Opinion, dated Dec. 21, 2016; 11 pages; Korea.
McIvor et al. The Institute of Electronics, Communications and Information Technology (ECIT) “High-Radix Systolic Modular Multiplication on Reconfigurable Hardware.” 2005. pp 13-18, 6 pages.
Nedjah, Nadia et al. State University of Rio de Janeiro, Department de Systems of Engineering and Computation. “Systolic Hardware Implementation for the Montgomery Modular Multiplication.” 6 pages.
Satoh et al.; High-Performance Hardware Architectures for Galois Counter Mode; IEEE Transactions on Computers, vol. 58, No. 7; Jul. 2009; pp. 917-930.
U.S. Appl. No. 14/198,097, filed Mar. 5, 2014, entitled “Multi-Level Independent Security Architecture,” by Richard J. Takahashi.
U.S. Appl. No. 14/208,337, filed Mar. 13, 2014, entitled “Multi-Tenancy Architecture,” by Richard J. Takahashi.
U.S. Appl. No. 14/217,912, filed Mar. 18, 2014, entitled “Removable or Replaceable Physical Interface Input/Output Module,” by Richard J. Takahashi.
U.S. Appl. No. 14/219,651, filed Mar. 19, 2014, entitled “Secure End-to-End Communication System,” by Richard J. Takahashi.
U.S. Appl. No. 14/177,392, filed Feb. 11, 2014, entitled “Security Device With Programmable Systolic-Matrix Cryptographic Module and Programmable Input/Output Interface,” by Richard J. Takahashi.
Vasyltsov et al.; Fast Digital TRNG Based on Metastable Ring Oscillator; 17 pages; Samsung Electronics; Korea.
Wikipedia; Linear-Feedback Shift Register; downloaded from https://en.wikipedia.org/wiki/Linear-feedback_shift_register; Feb. 26, 2017; 9 pages.
Wikipedia; Physical Unclonable Function; downloaded from https://en.wikipedia.org/wiki/Physical_unclonable_function; Feb. 24, 2017; 6 pages.
The International Bureau of WIPO; PCT International Preliminary Report on Patentability, Issued for PCT/US2016/058568; dated May 11, 2018; 5 pages; Europe.
The International Bureau of WIPO; PCT International Preliminary Report on Patentability, Issued for PCT/US2016/051834; dated Mar. 20, 2018; 9 pages; Europe.
Mozaffari-Kermani, Mehran et al.; Efficient and High-Performance Parallel Hardware Architectures for the AES-GCM; IEEE Transactions on Computers; vol. 61, No. 8; pp. 1165-1178; Aug. 2012.
Crenne et al.; Efficient Key-Dependent Message Authentication in Reconfigurable Hardware; Proc. IEEE International Conference on Filed-Programmable Technology (FPT); 2011; pp. 1-6.
Korean Intellectual Property Office; International Patent Application No. PCT/US2018/035052, International Search Report and Written Opinion, dated Sep. 11, 2018; 11 pages; Korea.
European Pattent Office; Extended European Search Report, issued in connection to EP16847265.2; dated Feb. 11, 2019; 11 pages; Europe.
Karim Moussa Ali Abdellatif; Authenticated Encryption on FPGAs from the Reconfigurable Part to the Static Part; Cryptography and Security, Universite Pierre et Marie Curie—Paris VI, 2014; 125 pages.
Karim Moussa Ali Abdellatif et al.; Imporved Method for Parallel AES-GCM Cores Using FPGAs; ReConFig 2013—International Conference on Reconfigurable Computing and FPGAs; pp. 1-4; 2013.
Korean Intellectual Property Office; The International Search Report and the Written Opinion of the International Searching Authority, issued in connection to PCT/US2019/033309; dated Sep. 26, 2019; 12 pages; Korea.
Gajski, Daniel D.; Principles of Digital Design; Chapter 6 and 8; Prentice-Hall Inc.; 1996; 144 pages.
6.004 Computation Structures—Lecture #10—Instruction Sets; Lecture Notes for MIT Course No. 6.004; Spring 2009; retrieved from https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-004-computation-structures-spring-2009/lecture-notes/MIT6_004s09_lec10.pdf; 8 pages.
Korean Intellectual Property Office; PCT International Search Report, issued in connection to PCT/US2019/042793; dated Nov. 11, 2019; 3 pages; Korea.
Korean Intellectual Property Office; PCT Written Opinion of the International Searching Authority, issued in connection to PCT/US2019/042793; dated Nov. 11, 2019; 6 pages; Korea.
Israeli Patent Office; Office Action issued in connection to application No. 258095; dated Dec. 17, 2019; 5 pages; Israel.
The International Bureau of WIPO; PCT International Preliminary Report on Patentability, issued in connection to PCT/US2018/035052; dated Dec. 17, 2019; 9 pages; Switzerland.
Korean Intellectual Property Office; PCT International Search Report, issued in connection to PCT/US2019/056644; dated Feb. 5, 2020; 9 pages; Korea.
Korean Intellectual Property Office; PCT Written Opinion of the International Searching Authority, issued in connection to PCT/US2019/056644; dated Feb. 5, 2020; 6 pages; Korea.
Australian Government, IP Australia; Examination Report No. 1 for Standard Patent Application, issued in connection to application No. 2016323147; dated Mar. 25, 2020; 5 pages; Australia.
European Patent Office; Extended European Search Report, issued in connection to EP18816604.5; dated Mar. 18, 2020; 8 pages; Europe.
Japanese Patent Office; Office Action Summary, issued in connection to application No. 2018-534774; Oct. 3, 2020; 4 pages; Japan.
European Patent Office; Communication Pursuant to Article 94(3) EPC, issued in connection to application No. EP16847265.2; dated Oct. 12, 2020; 6 pages; Europe.
Menezes, A. et al.; Chapter 7: Block Ciphers ED; Handbook of Applied Cryptography; Oct. 1, 1996; 223-282 pages; CRC Press Series on Discrete Mathematics and its Applications; CRC Press.
European Patent Office; Communication Pursuant to Article 94(3) EPC, issued in connection to application No. 18816604.5; dated Dec. 21, 2021; 6 pages; Europe.
European Patent Office; Summons to Attend Oral Proceedings Pursuant to Rule 115(1) EPC; dated Feb. 21, 2022; 7 pages; Europe.
Australian Government, IP Australia; Examination Report No. 1 for Standard Patent Application, issued in connection to application No. 2021201714; dated May 19, 2022; 3 pages; Australia.
Canadian Intellectual Property Office; Examiner's Report, issued in connection to application No. 2997125; dated Dec. 29, 2022; 4 pages; Canada.
European Patent Office; Communication pursuant to Article 94(3) EPC, issued in connection to application No. 18816604.5; dated Feb. 22, 2023; 6 pages; Europe.
Japanese Patent Office; Office Action Summary, issued in connection to application No. 2021-176856; dated Nov. 8, 2022; 6 pages; Japan.
Wikipedia; Hardware Security Module; 6 pages.
Eguro, Ken; FPGAS for trusted cloud computing; 2012; IEEE; pp. 63-70.

Related Publications (1)

	Number	Date	Country
	20220019699 A1	Jan 2022	US

Provisional Applications (1)

	Number	Date	Country
	61806775	Mar 2013	US

Continuations (3)

	Number	Date	Country
Parent	15824015	Nov 2017	US
Child	17123713		US
Parent	15150624	May 2016	US
Child	15824015		US
Parent	14208337	Mar 2014	US
Child	15150624		US

Multi-tenancy architecture

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

CPC

International Classifications

Disclaimer

Term Extension

Abstract