Patents by Inventor Roger G. Hathorn

Roger G. Hathorn has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11991273
    Abstract: Key management for encrypted data. A node, such as a storage device, obtains a shared key to be used in cryptographic operations. The obtaining includes using an identifier of another node, such as a host of the computing environment, and a unique identifier of the shared key to obtain the shared key. The obtained shared key is then used in one or more cryptographic operations.
    Type: Grant
    Filed: September 4, 2018
    Date of Patent: May 21, 2024
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jacob L. Sheppard, Igor Popov, Roger G. Hathorn, Bernhard Laubli
  • Patent number: 11797448
    Abstract: A computer-implemented method, according to one embodiment, includes: in response to a determination that an available capacity of one or more buffers in a primary cache is not outside a predetermined range, using the one or more buffers in the primary cache to satisfy all incoming I/O requests. In response to a determination that the available capacity of the one or more buffers in the primary cache is outside the predetermined range, one or more buffers in a secondary cache are allocated, and the one or more buffers in the secondary cache are used to satisfy at least some of the incoming I/O requests.
    Type: Grant
    Filed: July 5, 2022
    Date of Patent: October 24, 2023
    Assignee: International Business Machines Corporation
    Inventors: Beth Ann Peterson, Kevin J. Ash, Lokesh Mohan Gupta, Warren Keith Stanley, Roger G. Hathorn
  • Patent number: 11784810
    Abstract: Provided are a computer program product, system, and method for determining key server type and key server redundancy information to enable encryption. A first key server type for a first protocol is indicated in a key server type field in response to determining a current protocol used to communicate with the key server comprises the first protocol. A query information request is submitted to the key server to determine a key server type in response to determining that the current protocol comprises the second protocol. The second key server type indicated in the response to the query information request is indicated in the key server type field in response to the response indicating the second key server type. The first or second type of key server indicated in the key server type field is used to determine information to include in a key retrieval request.
    Type: Grant
    Filed: May 25, 2022
    Date of Patent: October 10, 2023
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jacob Lee Sheppard, Roger G. Hathorn, Igor Popov
  • Patent number: 11714808
    Abstract: Provided are a computer program product, system, and method for processing request directed through a channel subsystem to a storage server. In one embodiment, a pattern search request is embedded in a Device Command Word (DCW) which allows the storage server to do all or substantially all of the search and comparison work in response to as few as a single DCW from the host. In addition, I/O processing can be enhanced to use the target record of interest of a successful embedded pattern search request as the starting point for read/write I/O processing, all in response to as few as a single DCW. Still further, orientation rules can also be relaxed such that once a target record is found, any and all fields of the record can be accessed and utilized in execution of subsequent commands of the initial or subsequent DCWs of the chain.
    Type: Grant
    Filed: September 8, 2021
    Date of Patent: August 1, 2023
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Beth Ann Peterson, Patricia G. Driever, Dale F. Riedy, John R. Paveza, Roger G. Hathorn, Wayne Erwin Rhoten
  • Patent number: 11704206
    Abstract: A host is configured to communicate with a storage controller over a first storage area network. A request is transmitted from the host to the storage controller to provide read diagnostic parameters of a second storage area network that is used to mirror data controlled by the storage controller to another storage controller. The host receives the read diagnostic parameters of the second storage area network from the storage controller.
    Type: Grant
    Filed: September 15, 2021
    Date of Patent: July 18, 2023
    Assignee: INTERATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Dale F. Riedy, Scott B. Compton, Susan K. Candelaria, Roger G. Hathorn, Harry M. Yudenfriend
  • Publication number: 20230071356
    Abstract: Provided are a computer program product, system, and method for processing request directed through a channel subsystem to a storage server. In one embodiment, a pattern search request is embedded in a Device Command Word (DCW) which allows the storage server to do all or substantially all of the search and comparison work in response to as few as a single DCW from the host. In addition, I/O processing can be enhanced to use the target record of interest of a successful embedded pattern search request as the starting point for read/write I/O processing, all in response to as few as a single DCW. Still further, orientation rules can also be relaxed such that once a target record is found, any and all fields of the record can be accessed and utilized in execution of subsequent commands of the initial or subsequent DCWs of the chain.
    Type: Application
    Filed: September 8, 2021
    Publication date: March 9, 2023
    Inventors: Beth Ann Peterson, Patricia G. Driever, Dale F. Riedy, John R. Paveza, Roger G. Hathorn, Wayne Erwin Rhoten
  • Patent number: 11563588
    Abstract: A path is secured from one node to another node of the computing environment. The one node obtains a first encryption key and a second encryption key. A shared key is obtained by the one node from a key server, and the shared key is used to encrypt a message. The encrypted message includes the first encryption key and the second encryption key. The encrypted message and an identifier of the shared key is sent from the one node to the other node, and a response message is received by the one node. The response message at least provides an indication that the other node received the encrypted message and obtained the shared key.
    Type: Grant
    Filed: May 10, 2021
    Date of Patent: January 24, 2023
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
  • Patent number: 11522681
    Abstract: A path for a node of a computing environment is secured. The securing includes obtaining, by the node, a message that includes an identifier of a shared key and an encrypted message. The node obtains the shared key from a key server and uses it to decrypt the encrypted message to obtain an encryption key and one or more parameters. A security parameters index to be associated with the encryption key and the one or more parameters is obtained. The node sends a response message to another node, the response message including the security parameters index.
    Type: Grant
    Filed: December 30, 2020
    Date of Patent: December 6, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Patricia G. Driever, Roger G. Hathorn, Christopher Colonna, John Flanagan, George P. Kuch, Richard M. Sczepczenski, Glen Jaquette
  • Publication number: 20220334970
    Abstract: A computer-implemented method, according to one embodiment, includes: in response to a determination that an available capacity of one or more buffers in a primary cache is not outside a predetermined range, using the one or more buffers in the primary cache to satisfy all incoming I/O requests. In response to a determination that the available capacity of the one or more buffers in the primary cache is outside the predetermined range, one or more buffers in a secondary cache are allocated, and the one or more buffers in the secondary cache are used to satisfy at least some of the incoming I/O requests.
    Type: Application
    Filed: July 5, 2022
    Publication date: October 20, 2022
    Inventors: Beth Ann Peterson, Kevin J. Ash, Lokesh Mohan Gupta, Warren Keith Stanley, Roger G. Hathorn
  • Patent number: 11474941
    Abstract: A computer-implemented method, according to one approach, includes: receiving a stream of incoming I/O requests, all of which are satisfied using one or more buffers in a primary cache. However, in response to determining that the available capacity of the one or more buffers in the primary cache is outside a predetermined range: one or more buffers in the secondary cache are allocated. These one or more buffers in the secondary cache are used to satisfy at least some of the incoming I/O requests, while the one or more buffers in the primary cache are used to satisfy a remainder of the incoming I/O requests. Moreover, in response to determining that the available capacity of the one or more buffers in the primary cache is not outside the predetermined range: the one or more buffers in the primary cache are again used to satisfy all of the incoming I/O requests.
    Type: Grant
    Filed: March 9, 2020
    Date of Patent: October 18, 2022
    Assignee: International Business Machines Corporation
    Inventors: Beth Ann Peterson, Kevin J. Ash, Lokesh Mohan Gupta, Warren Keith Stanley, Roger G. Hathorn
  • Publication number: 20220286284
    Abstract: Provided are a computer program product, system, and method for determining key server type and key server redundancy information to enable encryption. A first key server type for a first protocol is indicated in a key server type field in response to determining a current protocol used to communicate with the key server comprises the first protocol. A query information request is submitted to the key server to determine a key server type in response to determining that the current protocol comprises the second protocol. The second key server type indicated in the response to the query information request is indicated in the key server type field in response to the response indicating the second key server type. The first or second type of key server indicated in the key server type field is used to determine information to include in a key retrieval request.
    Type: Application
    Filed: May 25, 2022
    Publication date: September 8, 2022
    Inventors: Jacob Lee Sheppard, Roger G. Hathorn, Igor Popov
  • Publication number: 20220269833
    Abstract: A host port is enabled for security. In response to a determination by the host port that authentication or security association negotiation with a storage port cannot be completed successfully, the host port determines whether an audit mode indicator has been enabled in a login response from the storage port. The host port preserves input/output (I/O) access to the storage port based on determining whether the audit mode indicator has been enabled in the login response from the storage port.
    Type: Application
    Filed: May 11, 2022
    Publication date: August 25, 2022
    Inventors: Roger G. Hathorn, Patricia G. Driever, Christopher J. Colonna, Evan Rivera, John R. Flanagan
  • Patent number: 11422948
    Abstract: A computational device receives an indication of a minimum retention time in a cache for a plurality of tracks of an application. In response to determining that tracks of the application that are stored in the cache exceed a predetermined threshold in the cache, the computational device demotes one or more tracks of the application from the cache even though a minimum retention time in cache has been indicated for the one or more tracks of the application, while performing least recently used (LRU) based replacement of tracks in the cache.
    Type: Grant
    Filed: January 13, 2021
    Date of Patent: August 23, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Lokesh M. Gupta, Roger G. Hathorn, Joseph Hayward, Matthew G. Borlick
  • Patent number: 11405199
    Abstract: Provided are a computer program product, system, and method for determining key server type and key server redundancy information to enable encryption. A first key server type for a first protocol is indicated in a key server type field in response to determining a current protocol used to communicate with the key server comprises the first protocol. A query information request is submitted to the key server to determine a key server type in response to determining that the current protocol comprises the second protocol. The second key server type indicated in the response to the query information request is indicated in the key server type field in response to the response indicating the second key server type. The first or second type of key server indicated in the key server type field is used to determine information to include in a key retrieval request.
    Type: Grant
    Filed: March 11, 2020
    Date of Patent: August 2, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jacob Lee Sheppard, Roger G. Hathorn, Igor Popov
  • Publication number: 20220198075
    Abstract: A storage port receives a login request. The storage port configures an audit mode indicator as enabled in a login response to a host port to enter a security enabled mode to indicate to the host port that Input/Output (I/O) operations are to be transmitted from the host port to the storage port even if authentication or security association negotiation with the storage port cannot be completed successfully.
    Type: Application
    Filed: March 7, 2022
    Publication date: June 23, 2022
    Inventors: Roger G. Hathorn, Patricia G. Driever, John Flanagan, Christopher J. Colonna, Evan Rivera
  • Patent number: 11354455
    Abstract: A host port is enabled for security. In response to a determination by the host port that authentication or security association negotiation with a storage port cannot be completed successfully, the host port determines whether an audit mode indicator has been enabled in a login response from the storage port. The host port preserves input/output (I/O) access to the storage port based on determining whether the audit mode indicator has been enabled in the login response from the storage port.
    Type: Grant
    Filed: September 11, 2019
    Date of Patent: June 7, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Roger G. Hathorn, Patricia G. Driever, Christopher J. Colonna, Evan Rivera, John R. Flanagan
  • Publication number: 20220121537
    Abstract: A storage controller is configured to communicate with a host over a first storage area network. Data controlled via the storage controller is mirrored to another storage controller over a second storage area network. The storage controller receives a request from the host to provide read diagnostic parameters of the second storage area network. In response to receiving the request, the storage controller secures the read diagnostic parameters of the second storage area network. The storage controller transmits the read diagnostic parameters of the second storage area network to the host.
    Type: Application
    Filed: January 3, 2022
    Publication date: April 21, 2022
    Inventors: Dale F. Riedy, Scott B. Compton, Susan K. Candelaria, Roger G. Hathorn, Harry M. Yudenfriend
  • Patent number: 11308243
    Abstract: A storage port receives a login request. The storage port configures an audit mode indicator as enabled in a login response to a host port to enter a security enabled mode to indicate to the host port that Input/Output (I/O) operations are to be transmitted from the host port to the storage port even if authentication or security association negotiation with the storage port cannot be completed successfully.
    Type: Grant
    Filed: September 11, 2019
    Date of Patent: April 19, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Roger G. Hathorn, Patricia G. Driever, John Flanagan, Christopher J. Colonna, Evan Rivera
  • Patent number: 11303441
    Abstract: Provided are a computer program product, system, and method embodiments for reverting from a new security association to a previous security association in response to an error during a rekey operation. The responder maintains a first security association with the initiator having a first key to use to encrypt and decrypt messages transmitted with the initiator. The responder receives a message from the initiator for a rekey operation to establish a second security association with the initiator using a second key. The responder queues Input/Output (I/O) for transmission using the second key after completing the rekey operation. After activating the second security association, the responder receives a revert message from the initiator to revert back to using the first security association and first key in response to a failure of the rekey operation.
    Type: Grant
    Filed: September 25, 2019
    Date of Patent: April 12, 2022
    Assignee: International Business Machines Corporation
    Inventors: Roger G. Hathorn, Patricia G. Driever, Christopher J. Colonna, Mooheng Zee, Mikel William Welsh, Alol Antony Crasta, John R. Flanagan
  • Patent number: 11251979
    Abstract: In response to receiving a login request message with a security indicator enabled for security, a storage port establishes a security association by transmitting a response indicating a login accept with the security indicator enabled for security. In response to establishing the security association, the storage port modifies a protocol behavior for transmitting and receiving information units.
    Type: Grant
    Filed: October 30, 2019
    Date of Patent: February 15, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Roger G. Hathorn, Patricia G. Driever, Christopher J. Colonna, John R. Flanagan