公开(公告)号：IL294779B1

公开(公告)日：2024-12-01

申请号：IL29477922

申请日：2022-07-14

Applicant: IBM ,  MOOHENG ZEE ,  RICHARD MARK SCZEPCZENSKI ,  JOHN R FLANAGAN ,  CHRISTOPHER J COLONNA

Inventor： MOOHENG ZEE ,  RICHARD MARK SCZEPCZENSKI ,  JOHN R FLANAGAN ,  CHRISTOPHER J COLONNA

IPC: H04L67/1097 ,  H04L67/141 ,  H04L67/146 ,  H04L69/28

Abstract: Aspects of the invention include channel key loading of a host bus adapter (HBA) based on a secure key exchange (SKE) authentication response by a responder node of a computing environment. A non-limiting example computer-implemented method includes receiving an authentication response message at an initiator channel on an initiator node from a responder channel on a responder node to establish a secure communication, the receiving at a local key manager (LKM) executing on the initiator node. A state check can be performed based on a security association of the initiator node and the responder node. An identifier of a selected encryption algorithm can be extracted from the authentication response message. The initiator channel can request to communicate with the responder channel based at least in part on a successful state check and the selected encryption algorithm.

公开(公告)号：IL294779B2

公开(公告)日：2025-04-01

申请号：IL29477922

申请日：2022-07-14

Applicant: IBM ,  MOOHENG ZEE ,  RICHARD MARK SCZEPCZENSKI ,  JOHN R FLANAGAN ,  CHRISTOPHER J COLONNA

Inventor： MOOHENG ZEE ,  RICHARD MARK SCZEPCZENSKI ,  JOHN R FLANAGAN ,  CHRISTOPHER J COLONNA

IPC: H04L67/1097 ,  H04L67/141 ,  H04L67/146 ,  H04L69/28

Abstract: Aspects of the invention include channel key loading of a host bus adapter (HBA) based on a secure key exchange (SKE) authentication response by a responder node of a computing environment. A non-limiting example computer-implemented method includes receiving an authentication response message at an initiator channel on an initiator node from a responder channel on a responder node to establish a secure communication, the receiving at a local key manager (LKM) executing on the initiator node. A state check can be performed based on a security association of the initiator node and the responder node. An identifier of a selected encryption algorithm can be extracted from the authentication response message. The initiator channel can request to communicate with the responder channel based at least in part on a successful state check and the selected encryption algorithm.

公开(公告)号：GB2603666A

公开(公告)日：2022-08-10

申请号：GB202204407

申请日：2020-09-08

Applicant: IBM

Inventor： ROGER HATHORN ,  PATRICIA DRIEVER ,  CHRISTOPHER COLONNA ,  MOOHENG ZEE ,  RICHARD MARK SCZEPCZENSKI ,  MIKEL WILLIAM WELSH ,  JOHN FLANAGAN

IPC: H04L9/08 ,  H04L9/14 ,  H04L9/40 ,  H04W12/041 ,  H04W12/50

Abstract: Provided are a computer program product, system and method embodiments for secure communication between an initiator and a responder over a network. The initiator sends a security association initialization message to the responder to establish a security association including key material used to generate a key for the security association. In response to receiving a security association initialization response to accept the security association, the initiator sends an authentication message to the responder to establish authentication between the responder and the initiator. In response to receiving an authentication message response to the authentication message, the initiator is programmed with the security association. An authentication done message is received from the responder after receiving the authentication message response. The initiator activates the security association to use the key to secure communication between the responder and initiator in response to receiving the authentication done message.

公开(公告)号：IL294779A

公开(公告)日：2022-09-01

申请号：IL29477922

申请日：2022-07-14

Applicant: IBM ,  MOOHENG ZEE ,  RICHARD MARK SCZEPCZENSKI ,  JOHN R FLANAGAN ,  CHRISTOPHER J COLONNA

Inventor： MOOHENG ZEE ,  RICHARD MARK SCZEPCZENSKI ,  JOHN R FLANAGAN ,  CHRISTOPHER J COLONNA

IPC: H04L67/1097 ,  H04L67/141 ,  H04L67/146 ,  H04L69/28

Abstract: Aspects of the invention include channel key loading of a host bus adapter (HBA) based on a secure key exchange (SKE) authentication response by a responder node of a computing environment. A non-limiting example computer-implemented method includes receiving an authentication response message at an initiator channel on an initiator node from a responder channel on a responder node to establish a secure communication, the receiving at a local key manager (LKM) executing on the initiator node. A state check can be performed based on a security association of the initiator node and the responder node. An identifier of a selected encryption algorithm can be extracted from the authentication response message. The initiator channel can request to communicate with the responder channel based at least in part on a successful state check and the selected encryption algorithm.

公开(公告)号：GB2603667A

公开(公告)日：2022-08-10

申请号：GB202204448

申请日：2020-09-08

Applicant: IBM

Inventor： ROGER HATHORN ,  PATRICIA DRIEVER ,  CHRISTOPHER COLONNA ,  MOOHENG ZEE ,  MIKEL WILLIAM WELSH ,  RICHARD MARK SCZEPCZENSKI ,  JOHN FLANAGAN

IPC: H04L9/08

Abstract: Provided are a computer program product, system and method embodiments for secure communication between an initiator and a responder over a network. The responder receives, from the initiator, a security association initialization message to establish a security association with the responder including key material used to generate a key for the security association. The responder receives an authentication message from the initiator to program the responder to establish authentication between the responder and the initiator after establishing the security association. The responder sends an authentication message response to the initiator to establish authentication with the responder in response to the authentication message. The responder sends an authentication done message to the initiator after sending the authentication message response to cause the initiator to activate using the security association and the key to encrypt and decrypt communication between the responder and initiator.