Patents by Inventor Jacob Lee Sheppard
Jacob Lee Sheppard has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Performing key server redundancy verification to verify a key is obtained from redundant key servers
Patent number: 11784810Abstract: Provided are a computer program product, system, and method for determining key server type and key server redundancy information to enable encryption. A first key server type for a first protocol is indicated in a key server type field in response to determining a current protocol used to communicate with the key server comprises the first protocol. A query information request is submitted to the key server to determine a key server type in response to determining that the current protocol comprises the second protocol. The second key server type indicated in the response to the query information request is indicated in the key server type field in response to the response indicating the second key server type. The first or second type of key server indicated in the key server type field is used to determine information to include in a key retrieval request.Type: GrantFiled: May 25, 2022Date of Patent: October 10, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jacob Lee Sheppard, Roger G. Hathorn, Igor Popov -
Publication number: 20230070163Abstract: A first node and a second node are configured in a storage system, wherein the first node and the second node are communicatively coupled to a key server. One or more nodes of a set comprising the first node and the second node initiate a process to generate an encryption key to be shared between the first node and the second node in the storage system. A request for the encryption key is transmitted to the key server, from the one or more nodes of the set comprising the first node and the second node, in response to securing a common lock that is available.Type: ApplicationFiled: September 9, 2021Publication date: March 9, 2023Inventors: Jacob Lee SHEPPARD, Igor POPOV
-
Publication number: 20230052663Abstract: A method for sharing data encryption keys among a plurality of storage systems is disclosed. The method generates, by a first storage system, a data encryption key for encrypting data sent from the first storage system to cloud storage. The method stores the encrypted data in the cloud storage in the form of an encrypted data object. In certain embodiments, the first storage system stores an Internet Protocol (IP) address of a second storage system belonging to a same key sharing network as the first storage system. The method replicates, from the first storage system to the second storage system, the data encryption key. The second storage system retrieves the encrypted data object from the cloud storage and decrypts the encrypted data in the encrypted data object using the data encryption key received from the first storage system.Type: ApplicationFiled: August 10, 2021Publication date: February 16, 2023Applicant: International Business Machines CorporationInventors: Jacob Lee Sheppard, Samantha A. Utter
-
PERFORMING KEY SERVER REDUNDANCY VERIFICATION TO VERIFY A KEY IS OBTAINED FROM REDUNDANT KEY SERVERS
Publication number: 20220286284Abstract: Provided are a computer program product, system, and method for determining key server type and key server redundancy information to enable encryption. A first key server type for a first protocol is indicated in a key server type field in response to determining a current protocol used to communicate with the key server comprises the first protocol. A query information request is submitted to the key server to determine a key server type in response to determining that the current protocol comprises the second protocol. The second key server type indicated in the response to the query information request is indicated in the key server type field in response to the response indicating the second key server type. The first or second type of key server indicated in the key server type field is used to determine information to include in a key retrieval request.Type: ApplicationFiled: May 25, 2022Publication date: September 8, 2022Inventors: Jacob Lee Sheppard, Roger G. Hathorn, Igor Popov -
Patent number: 11405199Abstract: Provided are a computer program product, system, and method for determining key server type and key server redundancy information to enable encryption. A first key server type for a first protocol is indicated in a key server type field in response to determining a current protocol used to communicate with the key server comprises the first protocol. A query information request is submitted to the key server to determine a key server type in response to determining that the current protocol comprises the second protocol. The second key server type indicated in the response to the query information request is indicated in the key server type field in response to the response indicating the second key server type. The first or second type of key server indicated in the key server type field is used to determine information to include in a key retrieval request.Type: GrantFiled: March 11, 2020Date of Patent: August 2, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jacob Lee Sheppard, Roger G. Hathorn, Igor Popov
-
Publication number: 20210288799Abstract: Provided are a computer program product, system, and method for determining key server type and key server redundancy information to enable encryption. A first key server type for a first protocol is indicated in a key server type field in response to determining a current protocol used to communicate with the key server comprises the first protocol. A query information request is submitted to the key server to determine a key server type in response to determining that the current protocol comprises the second protocol. The second key server type indicated in the response to the query information request is indicated in the key server type field in response to the response indicating the second key server type. The first or second type of key server indicated in the key server type field is used to determine information to include in a key retrieval request.Type: ApplicationFiled: March 11, 2020Publication date: September 16, 2021Inventors: Jacob Lee Sheppard, Roger G. Hathorn, Igor Popov
-
Patent number: 8494170Abstract: Provided are a computer program product, system and method for a redundant key server encryption environment. A key server receives from at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key, a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server, and at least one additional wrapped encryption key by encrypting the encryption key with the at least one public key provided by the at least one remote key server. The key server transmits the generated keys to the requesting device.Type: GrantFiled: April 23, 2012Date of Patent: July 23, 2013Assignee: International Business Machines CorporationInventors: David Ray Kahler, Anjul Mathur, Richard Anthony Ripberger, Jacob Lee Sheppard, Glen Alan Jaquette
-
Patent number: 8300831Abstract: Provided are a computer program product, system and method for a redundant key server encryption environment. A key server transmits public keys associated with the key server and at least one device to at least one remote key server. The key server receives from the at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device comprising one of the at least one device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key associated with the requesting device. The key server generates a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server.Type: GrantFiled: April 26, 2010Date of Patent: October 30, 2012Assignee: International Business Machines CorporationInventors: David Ray Kahler, Anjul Mathur, Richard Anthony Ripberger, Jacob Lee Sheppard, Glen Alan Jaquette
-
Publication number: 20120233455Abstract: Provided are a computer program product, system and method for a redundant key server encryption environment. A key server receives from at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key, a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server, and at least one additional wrapped encryption key by encrypting the encryption key with the at least one public key provided by the at least one remote key server. The key server transmits the generated keys to the requesting device.Type: ApplicationFiled: April 23, 2012Publication date: September 13, 2012Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: David Ray Kahler, Anjul Mathur, Richard Anthony Ripberger, Jacob Lee Sheppard, Glen Alan Jaquette
-
Publication number: 20110261964Abstract: Provided are a computer program product, system and method for a redundant key server encryption environment. A key server transmits public keys associated with the key server and at least one device to at least one remote key server. The key server receives from the at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device comprising one of the at least one device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key associated with the requesting device. The key server generates a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server.Type: ApplicationFiled: April 26, 2010Publication date: October 27, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: David Ray Kahler, Anjul Mathur, Richard Anthony Ripberger, Jacob Lee Sheppard, Glen Alan Jaquette
-
Patent number: 8001104Abstract: Provided are a method, system, and program for storing and using metadata in multiple storage location. Signature data is stored in a system storage indicating a plurality of metadata copy locations, each locating identifying a storage device and a copy location within the storage device. Each location contains one copy of the metadata, wherein the metadata includes system configuration information. A copy of the signature data is stored with each copy of the metadata.Type: GrantFiled: August 19, 2008Date of Patent: August 16, 2011Assignee: International Business Machines CorporationInventors: Rhea Reyes Frondozo, Kurt Allen Lovrien, Richard Anthony Ripberger, Jacob Lee Sheppard, Michael P. Vageline
-
Patent number: 7788530Abstract: In one version of the present invention, a system to configure a storage server despite an out-of-service storage adapter includes a storage array and a pair of storage servers connected to the storage array via a corresponding pair of storage adapters. The storage servers may be configured to retrieve configuration metadata from the storage array during a system initialization sequence and communicate the configuration metadata to the other storage server in case one of the storage servers is blocked from accessing the storage array due to an out-of-service storage adapter. The storage servers may also be configured to share a processing load despite the out-of-service storage adapter. The configuration metadata may include a variety of definitions and control parameters such as rank definitions, volume definitions, logical subsystem definitions, mirroring parameters, remote archiving parameters, a rank segment table, and page pointer data.Type: GrantFiled: June 27, 2007Date of Patent: August 31, 2010Assignee: International Business Machines CorporationInventors: David Ray Kahler, Kurt Allen Lovrien, Jacob Lee Sheppard
-
Patent number: 7783917Abstract: Provided are a method, system, and article of manufacture, wherein a plurality of data arrays coupled to a storage controller is maintained. Data arrays are selected from the plurality of data arrays based on predetermined selection rules. Data is stored redundantly in the selected data arrays by writing the data to the selected data arrays.Type: GrantFiled: February 26, 2007Date of Patent: August 24, 2010Assignee: International Business Machines CorporationInventors: Jacob Lee Sheppard, Robert Akira Kubo, Kurt Allen Lovrien
-
Patent number: 7546412Abstract: An apparatus, system, and method are disclosed for global metadata copy repair. The apparatus includes a control module for copying global metadata from primary storage to target storage, a verification module configured to identify invalid track in the global metadata, a location module configured to maintain a current read address, and a read module configured to find a valid copy of the invalid track. The system includes a plurality of hosts, a storage controller in communication with the plurality of hosts over a network, a primary storage device, a target storage device, and the apparatus. The method includes copying global metadata from a primary storage device to a target storage device, identifying invalid track in the global metadata of the primary storage device, maintaining a current read address of a buffer read, and finding a valid copy of the invalid track.Type: GrantFiled: December 2, 2005Date of Patent: June 9, 2009Assignee: International Business Machines CorporationInventors: Said Abdullah Ahmad, Rhea Reyes Frondozo, Kurt Allen Lovrien, Jacob Lee Sheppard
-
Publication number: 20090006428Abstract: In one version of the present invention, a system to configure a storage server despite an out-of-service storage adapter includes a storage array and a pair of storage servers connected to the storage array via a corresponding pair of storage adapters. The storage servers may be configured to retrieve configuration metadata from the storage array during a system initialization sequence and communicate the configuration metadata to the other storage server in case one of the storage servers is blocked from accessing the storage array due to an out-of-service storage adapter. The storage servers may also be configured to share a processing load despite the out-of-service storage adapter. The configuration metadata may include a variety of definitions and control parameters such as rank definitions, volume definitions, logical subsystem definitions, mirroring parameters, remote archiving parameters, a rank segment table, and page pointer data.Type: ApplicationFiled: June 27, 2007Publication date: January 1, 2009Inventors: David Ray Kahler, Kurt Allen Lovrien, Jacob Lee Sheppard
-
Publication number: 20080313416Abstract: Provided are a method, system, and program for storing and using metadata in multiple storage location. Signature data is stored in a system storage indicating a plurality of metadata copy locations, each locating identifying a storage device and a copy location within the storage device. Each location contains one copy of the metadata, wherein the metadata includes system configuration information. A copy of the signature data is stored with each copy of the metadata.Type: ApplicationFiled: August 19, 2008Publication date: December 18, 2008Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Rhea Reyes Frondozo, Kurt Allen Lovrien, Richard Anthony Ripberger, Jacob Lee Sheppard, Michael P. Vageline
-
Patent number: 7444360Abstract: Provided are a method, system, and program for storing and using metadata in multiple storage location. Signature data is stored in a system storage indicating a plurality of metadata copy locations, each locating identifying a storage device and a copy location within the storage device. Each location contains one copy of the metadata, wherein the metadata includes system configuration information. A copy of the signature data is stored with each copy of the metadata.Type: GrantFiled: November 17, 2004Date of Patent: October 28, 2008Assignee: International Business Machines CorporationInventors: Rhea Reyes Frondozo, Kurt Allen Lovrien, Richard Anthony Ripberger, Jacob Lee Sheppard, Michael P. Vageline
-
Publication number: 20080209253Abstract: Provided are a method, system, and article of manufacture, wherein a plurality of data arrays coupled to a storage controller is maintained. Data arrays are selected from the plurality of data arrays based on predetermined selection rules. Data is stored redundantly in the selected data arrays by writing the data to the selected data arrays.Type: ApplicationFiled: February 26, 2007Publication date: August 28, 2008Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jacob Lee Sheppard, Robert Akira Kubo, Kurt Allen Lovrien