Computing systems are becoming more highly distributed and they are required to support many users, each operating one or more client devices. Some of these systems are centered about computer clusters whose machines or nodes execute client requests and serve the desired files. A large number of client devices ranging from smart phones to computers are usually connected to such systems at all times. The users of these devices have come to expect high availability of supported services.
At the same time, growth in the number client devices is putting pressure on security of individual services. In particular, the focus is on the handling of cryptographic keys that are used for file encryption and decryption in such computing systems. The management of these keys has to ensure both their high availability and security. Needless to say, satisfying both requirements at the same time is a challenge.
Most modern computer systems deploy a key manager for storing and handling of cryptographic keys. The key manager, in conjunction with other authentication and authorization functions, determines which parties or clients are authorized to retrieve any particular key. For added safety, several secure key managers are usually deployed together under some type of failover scheme. In other words, there is an agreed-upon process that dictates how the secure key managers act in the event that one or more of them fail.
In some systems, the secure key managers are synchronized and use time-outs when a client happens to be connected to a failing key manager. This means that the client has to wait until after the time-out to be connected to an active key manager, thus negating the requirement of high availability. Furthermore, all key managers have to be synchronized in order to ensure proper operation.
SafeNet's Key Secure is an example of a system with a number of key servers and it is described in the SafeNet KeySecure Product Brief, Feb. 22, 2013, pp. 1-4. This system works well when all key servers are operational and updated, but presents synchronization problems and operation blockage when one of them is down. Thus, a user may have to wait a potentially long time before the system is able to fulfill their key request. A key server may be unavailable when a key operation is performed, require synchronization and possible manual intervention.
Another approach is taken in the Virtual Machine Manager of Microsoft as described in pre-release documents entitled “Configuring Distributed Key Management in VMM”, Oct. 17, 2013, pp. 1-3. This approach uses a multi-master system with a loose criterion for convergence of their replicas when the system reaches steady state. At any particular instant in time, the replicas are not guaranteed to be consistent with each other. That is because in the multi-master paradigm changes can be applied to any replica at any time. When any particular master makes an update, it uses the time stamps of changes in the replication messages to determine whether it should update or discard the replication message. Due to finite response time of such systems, certain corner cases may force failure modes due to key conflict.
Another approach to encryption and key managers is taught in U.S. Pat. No. 7,877,603 to Goodman et al. This system relates to a storage drive that communicates with encryption and key managers. It is useful in the context of encrypting removable media but not extendable to distributed computing environments. Another useful teaching related to a key manager that tracks which assets are encrypted with which keys in the context of a data archiving system is found in U.S. Pat. No. 7,801,871 to Gosnell.
Finally, U.S. Pat. No. 8,385,551 to Pourzandi et al. teaches a highly available cryptographic key storage that deploys a classic active/passive failover model. This approach is better adapted to a highly available computer system but still suffers from a number of shortcomings. One of the main ones is the assumption made during key creation that backup nodes of the system are up. When this assumption does not hold, then the key creation operation blocks.
Thus, although a considerable amount of work has been devoted to devising appropriate computer systems and methods for highly available and secure key management, many challenges remain. In particular, it would be an advance in the art to further increase cryptographic key security in such computer systems while compromising little or not at all on the high availability aspect.