Patents by Inventor Michael P. Groover
Michael P. Groover has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11088848Abstract: Provided are a computer program product, system, and method for using public keys provided by an authentication server to verify digital signatures. A plurality of public keys from a plurality of public-private key pairs and stored in a local key store. A request is received to access computational resources in the system. A challenge is returned in response to the request. A response to the challenge is received comprising a purported digitally signed challenge. A determination is made as to whether the purported digitally signed challenge is verified using a first public key of the public keys in the local key store. A determination is made as to whether the purported digitally signed challenge is verified using a second public key of the public keys in the local key store in response to determining that the first public key did not verify the purported digitally signed challenge.Type: GrantFiled: June 6, 2019Date of Patent: August 10, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Thomas Fiege, Michael P. Groover, Mark E. Hack
-
Patent number: 10979216Abstract: Provided are a computer program product, system, and method for generating public/private key pairs to deploy public keys at computing devices to verify digital signatures. A plurality of public-private key pairs are generated to store in a key store. A set of public keys of the public-private key pairs is distributed to the computing systems to use to verify purported digitally signed challenges. One of the public-private key pairs is selected to use a private key of the selected one of the public-private key pairs as a current private key to use to digitally sign challenges from the computing systems. A determination is made to retire the current private key. Another one of the public-private key pairs is selected and the current private key is set to a private key of the selected another one of the public-private key pairs to use to digitally sign challenges from the computing systems.Type: GrantFiled: August 29, 2019Date of Patent: April 13, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Thomas Fiege, Michael P. Groover, Mark E. Hack
-
Patent number: 10581595Abstract: Provided are a computer program product, system, and method for generating public/private key pairs to deploy public keys at computing devices to verify digital signatures. A plurality of public-private key pairs are generated to store in a key store. A set of public keys of the public-private key pairs is distributed to the computing systems to use to verify purported digitally signed challenges. One of the public-private key pairs is selected to use a private key of the selected one of the public-private key pairs as a current private key to use to digitally sign challenges from the computing systems. A determination is made to retire the current private key. Another one of the public-private key pairs is selected and the current private key is set to a private key of the selected another one of the public-private key pairs to use to digitally sign challenges from the computing systems.Type: GrantFiled: March 1, 2017Date of Patent: March 3, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Thomas Fiege, Michael P. Groover, Mark E. Hack
-
Publication number: 20190386821Abstract: Provided are a computer program product, system, and method for generating public/private key pairs to deploy public keys at computing devices to verify digital signatures. A plurality of public-private key pairs are generated to store in a key store. A set of public keys of the public-private key pairs is distributed to the computing systems to use to verify purported digitally signed challenges. One of the public-private key pairs is selected to use a private key of the selected one of the public-private key pairs as a current private key to use to digitally sign challenges from the computing systems. A determination is made to retire the current private key. Another one of the public-private key pairs is selected and the current private key is set to a private key of the selected another one of the public-private key pairs to use to digitally sign challenges from the computing systems.Type: ApplicationFiled: August 29, 2019Publication date: December 19, 2019Inventors: Thomas Fiege, Michael P. Groover, Mark E. Hack
-
Publication number: 20190288857Abstract: Provided are a computer program product, system, and method for using public keys provided by an authentication server to verify digital signatures. A plurality of public keys from a plurality of public-private key pairs and stored in a local key store. A request is received to access computational resources in the system. A challenge is returned in response to the request. A response to the challenge is received comprising a purported digitally signed challenge. A determination is made as to whether the purported digitally signed challenge is verified using a first public key of the public keys in the local key store. A determination is made as to whether the purported digitally signed challenge is verified using a second public key of the public keys in the local key store in response to determining that the first public key did not verify the purported digitally signed challenge.Type: ApplicationFiled: June 6, 2019Publication date: September 19, 2019Inventors: Thomas Fiege, Michael P. Groover, Mark E. Hack
-
Patent number: 10389535Abstract: Provided are a computer program product, system, and method for using public keys provided by an authentication server to verify digital signatures. A plurality of public keys from a plurality of public-private key pairs and stored in a local key store. A request is received to access computational resources in the system. A challenge is returned in response to the request. A response to the challenge is received comprising a purported digitally signed challenge. A determination is made as to whether the purported digitally signed challenge is verified using a first public key of the public keys in the local key store. A determination is made as to whether the purported digitally signed challenge is verified using a second public key of the public keys in the local key store in response to determining that the first public key did not verify the purported digitally signed challenge.Type: GrantFiled: March 1, 2017Date of Patent: August 20, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Thomas Fiege, Michael P. Groover, Mark E. Hack
-
Patent number: 10078507Abstract: Provided are techniques for code load processing. While performing code load processing of a set of modules of a same module type, it is determined that a first module in the set of modules is not in an operational state. It is determined that a second module is a redundant module for the first module. In response to determining that the second module is in an operational state and has already completed code update, the code load processing is continued. In response to determining that the second module is in an operational state and has not already completed code update, it is determined whether there is a third redundant module that is in an operational state. In response to determining that there is a third redundant module that is in an operational state, the code load processing is continued.Type: GrantFiled: February 25, 2016Date of Patent: September 18, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Michael P. Groover, Robin Han, Edward H. Lin, Yan Su, Wei Tang, Ming Zhi Zhao, Yi Zhou
-
Publication number: 20180254890Abstract: Provided are a computer program product, system, and method for generating public/private key pairs to deploy public keys at computing devices to verify digital signatures. A plurality of public-private key pairs are generated to store in a key store. A set of public keys of the public-private key pairs is distributed to the computing systems to use to verify purported digitally signed challenges. One of the public-private key pairs is selected to use a private key of the selected one of the public-private key pairs as a current private key to use to digitally sign challenges from the computing systems. A determination is made to retire the current private key. Another one of the public-private key pairs is selected and the current private key is set to a private key of the selected another one of the public-private key pairs to use to digitally sign challenges from the computing systems.Type: ApplicationFiled: March 1, 2017Publication date: September 6, 2018Inventors: Thomas Fiege, Michael P. Groover, Mark E. Hack
-
Publication number: 20180254889Abstract: Provided are a computer program product, system, and method for using public keys provided by an authentication server to verify digital signatures. A plurality of public keys from a plurality of public-private key pairs and stored in a local key store. A request is received to access computational resources in the system. A challenge is returned in response to the request. A response to the challenge is received comprising a purported digitally signed challenge. A determination is made as to whether the purported digitally signed challenge is verified using a first public key of the public keys in the local key store. A determination is made as to whether the purported digitally signed challenge is verified using a second public key of the public keys in the local key store in response to determining that the first public key did not verify the purported digitally signed challenge.Type: ApplicationFiled: March 1, 2017Publication date: September 6, 2018Inventors: Thomas Fiege, Michael P. Groover, Mark E. Hack
-
Patent number: 10042627Abstract: Provided are techniques for code load processing. While performing code load processing of a set of modules of a same module type, it is determined that a first module in the set of modules is not in an operational state. It is determined that a second module is a redundant module for the first module. In response to determining that the second module is in an operational state and has already completed code update, the code load processing is continued. In response to determining that the second module is in an operational state and has not already completed code update, it is determined whether there is a third redundant module that is in an operational state. In response to determining that there is a third redundant module that is in an operational state, the code load processing is continued.Type: GrantFiled: March 8, 2016Date of Patent: August 7, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Michael P. Groover, Robin Han, Edward H. Lin, Yan Su, Wei Tang, Ming Zhi Zhao, Yi Zhou
-
Patent number: 9696986Abstract: A system for managing a code load for a storage system is disclosed. The system can include instantiating a code load. The code load can include a first update for a first component and a second update for a second component. The system can include monitoring the operational state of the first and second components in response to instantiating the code load. The system can also include determining to perform the first update in response to a triggering event. The system can also include performing the first update in response to determining to perform the first update.Type: GrantFiled: March 24, 2016Date of Patent: July 4, 2017Assignee: International Business Machines CorporationInventors: Michael P. Groover, Robin Han, Yan Su, Wei Tang, Ming Zhi Zhao, Yi Zhou
-
Patent number: 9674105Abstract: Provided are a computer program product, system, and method for applying a platform code level update to update a source partition in a computing system. Computational resources in the computing system are allocated to a destination partition. A code load is applied to the destination partition to implement an updated platform code level comprising an update to the platform code level on the source partition while the source partition is operational and processing computing requests. Submission of new transactions to the source partition is blocked in response to applying the code load to the destination partition. An operational environment and system state at the source partition are migrated to the destination partition in response to blocking submission of new transactions to the source partition. Transactions are directed to the destination partition intended for the source partition in response to migrating the operational environment and system state to the destination partition.Type: GrantFiled: June 19, 2013Date of Patent: June 6, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Michael P. Groover, Robin Han, Yan Su, Wei Tang, Ming Z. Zhao, Yi Zhou
-
Patent number: 9600265Abstract: A sequence for distributing at least one of a plurality of code packages to the at least one facility according to different states of a fixed state machine is set. The at least one of the plurality of code packages is maintained in at least one staging area in a valid, dormant mode while the fixed state machine is stopped. Pursuant to a resumption of the fixed state machine at a subsequent time, a current code package is swapped with the at least one of the plurality of code packages in the at least one staging area to activate the at least one of the plurality of code packages.Type: GrantFiled: February 17, 2015Date of Patent: March 21, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Franck Excoffier, Michael P. Groover, Robin Han, Andreas B. M. Koster, Edward H. Lin, Mario Sweeney
-
Patent number: 9557984Abstract: Provided are a computer program product, system, and method for performing code load operations on managed components in a system. A first node group comprising at least one computational node in the computer system performs code load operations for the managed components. Status of the code load operations at the managed component is written to a status data structure while the code load operations are being performed at the managed component. The first node group transfers control of the code load operations for the managed components to a second node group comprising at least computational node in the computer system while the code load operations are occurring at the managed components. A second node group reads the status data structure for the managed components to determine the status of the code load operations and continue the code load operations at managed components.Type: GrantFiled: March 16, 2015Date of Patent: January 31, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Michael P. Groover, Robin Han, Cindy K. Hoac, Ronald D. Martens, Tony J. Zhang
-
Publication number: 20160274886Abstract: Provided are a computer program product, system, and method for performing code load operations on managed components in a system. A first node group comprising at least one computational node in the computer system performs code load operations for the managed components. Status of the code load operations at the managed component is written to a status data structure while the code load operations are being performed at the managed component. The first node group transfers control of the code load operations for the managed components to a second node group comprising at least computational node in the computer system while the code load operations are occurring at the managed components. A second node group reads the status data structure for the managed components to determine the status of the code load operations and continue the code load operations at managed components.Type: ApplicationFiled: March 16, 2015Publication date: September 22, 2016Inventors: MICHAEL P. GROOVER, ROBIN HAN, CINDY K. HOAC, RONALD D. MARTENS, TONY J. ZHANG
-
Publication number: 20160210139Abstract: A system for managing a code load for a storage system is disclosed. The system can include instantiating a code load. The code load can include a first update for a first component and a second update for a second component. The system can include monitoring the operational state of the first and second components in response to instantiating the code load. The system can also include determining to perform the first update in response to a triggering event. The system can also include performing the first update in response to determining to perform the first update.Type: ApplicationFiled: March 24, 2016Publication date: July 21, 2016Inventors: Michael P. Groover, Robin Han, Yan Su, Wei Tang, Ming Zhi Zhao, Yi Zhou
-
Publication number: 20160188319Abstract: Provided are techniques for code load processing. While performing code load processing of a set of modules of a same module type, it is determined that a first module in the set of modules is not in an operational state. It is determined that a second module is a redundant module for the first module. In response to determining that the second module is in an operational state and has already completed code update, the code load processing is continued. In response to determining that the second module is in an operational state and has not already completed code update, it is determined whether there is a third redundant module that is in an operational state. In response to determining that there is a third redundant module that is in an operational state, the code load processing is continued.Type: ApplicationFiled: March 8, 2016Publication date: June 30, 2016Inventors: Michael P. Groover, Robin Han, Edward H. Lin, Yan Su, Wei Tang, Ming Zhi Zhao, Yi Zhou
-
Publication number: 20160170737Abstract: Provided are techniques for code load processing. While performing code load processing of a set of modules of a same module type, it is determined that a first module in the set of modules is not in an operational state. It is determined that a second module is a redundant module for the first module. In response to determining that the second module is in an operational state and has already completed code update, the code load processing is continued. In response to determining that the second module is in an operational state and has not already completed code update, it is determined whether there is a third redundant module that is in an operational state. In response to determining that there is a third redundant module that is in an operational state, the code load processing is continued.Type: ApplicationFiled: February 25, 2016Publication date: June 16, 2016Inventors: Michael P. Groover, Robin Han, Edward H. Lin, Yan Su, Wei Tang, Ming Zhi Zhao, Yi Zhou
-
Patent number: 9329856Abstract: A method and system for managing a code load for a storage system is disclosed. The method and system can include instantiating a code load. The code load can include a first update for a first component and a second update for a second component. The method and system can include monitoring the operational state of the first and second components in response to instantiating the code load. The method and system can also include determining to perform the first update in response to a triggering event. The method and system can also include performing the first update in response to determining to perform the first update.Type: GrantFiled: March 19, 2014Date of Patent: May 3, 2016Assignee: International Business Machines CorporationInventors: Michael P. Groover, Robin Han, Yan Su, Wei Tang, Ming Zhi Zhao, Yi Zhou
-
Patent number: 9298501Abstract: A setup module organizes a single software image for a management command. A process module creates a plurality of processes independently executing the management command on each of the plurality of devices from a management console. Each process employs the software image. A termination module ends the management command after each process has completed on each of the plurality of devices.Type: GrantFiled: May 19, 2011Date of Patent: March 29, 2016Assignee: GLOBALFOUNDRIES INC.Inventors: Franck Excoffier, Michael P. Groover, Robin Han, Mario Kiessling, Yang Liu, Diana Y. Ong