Secure distribution of root keys for hardware security modules

The root key distribution system uses ephemeral keys and user-controlled key-encrypting keys to securely distribute master keys across an HSM cluster, addressing the issue of user control over cryptographic keys in cloud environments and preventing cloud service provider access.

JP7882622B2Active Publication Date: 2026-06-30INTERNATIONAL BUSINESS MACHINE CORPORATION

Patent Information

Authority / Receiving Office
JP · JP
Patent Type
Patents
Current Assignee / Owner
INTERNATIONAL BUSINESS MACHINE CORPORATION
Filing Date
2022-09-09
Publication Date
2026-06-30

AI Technical Summary

Technical Problem

Existing key management services in cloud environments require coordination between two nodes to maintain root keys, allowing cloud service providers access to cryptographic keys, compromising user control over data security.

Method used

A root key distribution system that uses ephemeral keys and user-controlled key-encrypting keys to securely distribute and authenticate master keys across a hardware security module (HSM) cluster, ensuring user ownership and exclusive control over the root key hierarchy.

Benefits of technology

Enables users to maintain complete control over cryptographic keys in a cloud environment, preventing cloud service providers from accessing data and ensuring secure, trusted distribution of root keys within the HSM cluster.

✦ Generated by Eureka AI based on patent content.
Patent Text Reader

Abstract

A technique is provided for distributing root keys to Hardware Security Modules (HSMs) of an HSM cluster. A signed first command to create a master key is sent to a source HSM. A fingerprint of the master key is received in a response signed by the source HSM using a module signing key hardcoded in the source HSM during manufacture. A second command to generate an importer key pair is sent to the first HSM. A request to create and export a wrapped master key is sent to the source HSM. A master key wrapped using a transport key is received. The wrapped master key is sent to the first HSM. The master key is activated in the first HSM.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] The present invention relates to managing resources of a computing infrastructure, and more particularly, to initializing a hardware security module (HSM) cluster and securely distributing encryption keys across the HSM cluster.

Background Art

[0002] Known key management services provided by cloud service providers include a bring-your-own-key function that enables a user to import a user key or a randomly generated key into an HSM, which is then used with envelope encryption to encrypt data at rest. Data services such as database-as-a-service and infrastructure services integrate with known key management services to use key-encrypting keys, securely store data encryption keys locally within the service, and decrypt data by unwrapping the data encryption keys by accessing the key management service. Known key management services allow a user to control and generate a root key (also known as a wrapping key or master key) on a system external to the key management service, and further allow the user to upload the root key via a key ceremony. The user has the problem of having to maintain physical security and processes centered around managing a copy of the root key.

[0003] Therefore, there is a need for a root key distribution system that uses key-encrypting keys to protect data within a cloud computing environment, but requires user ownership and exclusive control of the root key of the key hierarchy.

Summary of the Invention

[0004] In one embodiment, the present invention provides a computer system comprising a central processing unit (CPU), memory coupled to the CPU, and one or more computer-readable storage media coupled to the CPU. The one or more computer-readable storage media collectively include instructions executed by the CPU via memory to implement a method for distributing root keys to hardware security modules (HSMs) in an HSM cluster. This method includes the computer system sending a first command to a source HSM for creating a master key. The first command is signed by the administrator of the HSM in the HSM cluster. This method further includes the computer system receiving a fingerprint of the master key from the source HSM in a response signed by the source HSM using a module signing key hardcoded into the source HSM at the time of manufacture of the source HSM. This method further includes the computer system sending a second command to the first HSM in the HSM cluster. The second command generates an importer key pair, which includes an importer private key and an importer public key. This method further includes the computer system receiving the importer public key from the first HSM in response to sending a second command. This method also includes the computer system receiving the master key and ExporterThe method further includes sending a request to the source HSM to export the public key. The method further includes the computer system receiving from the source HSM, in response to sending this request, (i) the master key wrapped with the transport key and (ii) the exporter public key. The transport key is derived from the importer public key and the exporter private key. The method further includes the computer system sending (i) the master key wrapped with the transport key and (ii) the exporter public key to the first HSM. The method further includes the computer system activating the master key in the first HSM.

[0005] The aforementioned embodiments advantageously enable a customer or end-user to authenticate each node of an HSM cluster that holds a root key and to ensure that each node is a trusted destination.

[0006] In an optional aspect of the present invention, the method further comprises a computer system using an activated master key as a root key in a key management service, thereby providing the customer or end-user with complete control over the cryptographic keys protecting data in a cloud computing environment, without requiring the key management service to manage the root key outside of the key management service, and preventing the cloud service provider from accessing the data. The aforementioned aspects of the present invention favorably require the end-user and remote system to authorize the action of distributing the root key, rather than relying on the difficult coordination between two HSMs used to maintain the root key in the key management service.

[0007] In another optional aspect of the present invention, the method further includes the first HSM deriving a transport key from the exporter public key and importer private key stored by the first HSM after transmitting the master key and exporter public key. The method further includes the first HSM unwrapping the master key using the transport key. The method further includes the first HSM registering the unwrapped master key as a new master key in the first HSM's registers in an uncommitted state. The aforementioned aspects of the present invention favorably utilize a temporary key rather than using a less secure secret shared across all nodes in the HSM cluster to securely transport the root key.

[0008] In another optional embodiment of the present invention, the method further includes a computer system sending a command to a second HSM in an HSM cluster to generate a second importer key pair comprising a second importer private key and a second importer public key. The second importer key pair is different from the importer key pair. The method further includes the computer system receiving the second importer public key from the second HSM. The method further includes the computer system receiving the master key and the second importer public key. ExporterThis method further includes sending a request to the source HSM to export the public key. This method further includes the computer system receiving from the source HSM (i) a master key wrapped with a second transport key and (ii) a second exporter public key, the second transport key being derived from the second importer public key and the second exporter private key, unlike the transport key. This method further includes the computer system sending to the second HSM (i) a master key wrapped with a second transport key and (ii) a second exporter public key, the second HSM derives a second transport key from the second exporter public key and the second importer private key stored by the second HSM, unwraps the master key using the second transport key, and registers the master key in the second HSM's registers in an uncommitted state. This method further includes a computer system setting a master key registered with a second HSM to a committed state and activating the master key stored by the second HSM. The aforementioned aspects of the present invention favorably utilize temporary keys for securely transporting root keys, rather than using less secure secrets shared across all nodes in the HSM cluster used to hold the root keys of the key hierarchy.

[0009] Computer program products and methods corresponding to the computer systems summarized above are also described herein. The aforementioned advantages relating to computer systems also apply to computer program products and methods. [Brief explanation of the drawing]

[0010] [Figure 1] This is a block diagram of a system for securely distributing root keys to HSMs in an HSM cluster, according to an embodiment of the present invention. [Figure 2A] This diagram shows a flowchart of the process for securely distributing root keys to HSMs within an HSM cluster, according to an embodiment of the present invention. [Figure 2B] This diagram shows a flowchart of the process for securely distributing root keys to HSMs within an HSM cluster, according to an embodiment of the present invention. [Figure 2C] This diagram shows a flowchart of the process for securely distributing root keys to HSMs within an HSM cluster, according to an embodiment of the present invention. [Figure 3] This is a block diagram of a computer that performs the processes shown in Figures 2A to 2C, which is included in the system of Figure 1 according to an embodiment of the present invention. [Figure 4] This figure shows a cloud computing environment according to an embodiment of the present invention. [Figure 5] This figure shows an abstract model layer according to an embodiment of the present invention. [Modes for carrying out the invention]

[0011] overview In traditional key management services within a cloud environment, maintaining the root key involves coordination between two nodes (i.e., two HSMs) and a secret shared across all nodes in the cluster used to hold the root key of the key hierarchy, allowing the cloud service provider to access the cryptographic keys within the HSMs, thereby preventing users encrypting data within the cloud environment from having complete control over access to those keys. Furthermore, in cloud computing environments where end users want to protect their cryptographic keys, another party may have physical access to the system, potentially logging in without the end user's knowledge and having the ability to copy domain keys. As used herein, a node is a node within an HSM cluster and is also referred to as an HSM.

[0012] Embodiments of the present invention address the aforementioned unique challenge of managing root keys by using key encryption keys, but with the user having ownership of the root key of the key hierarchy and exclusive control over the root key to protect data in a cloud environment. Embodiments of the present invention require end-users and remote systems to authorize key management actions rather than using conventional coordination between two nodes to maintain the root key. Embodiments of the present invention use ephemeral keys rather than using known techniques of using a secret shared across all nodes in the HSM cluster used to hold the root key to securely transfer the root key. Embodiments of the present invention enable the user to authenticate each node in the HSM cluster holding the root key to ensure that the destination is a trusted destination. The user has complete control over authorizing the distribution process and authenticating destinations, and the distribution process distributes the root key of the key hierarchy used to protect data in multiple cloud services to nodes in the HSM cluster without requiring the generation or protection of copies of the root key outside the HSM cluster.

[0013] In one embodiment, the root key distribution system uses an activated master key as the root key in the key management service, and the key management service does not require root key management outside of the key management service, providing the customer or end user with complete control over the cryptographic keys protecting data in the cloud computing environment and preventing the cloud service provider from accessing the data.

[0014] In one embodiment, the root key distribution system establishes an administrator for each HSM (i.e., node) in an HSM cluster, uploads a private / public key pair to the node to authorize commands on a given node after the node is released from imprint mode, generates a root key, synchronizes the nodes in response to the user authorizing the process by using a key management service (e.g., IBM® Cloud Trusted Key Entry (TKE)) within the cloud computing environment, and uses the root key in the key management service to protect data within the cloud computing environment. IBM is a registered trademark of International Business Machines Corporation, located in Armonk, New York.

[0015] In one embodiment, the root key distribution system described herein enables users to protect data by controlling the key hierarchy without requiring the management of root keys outside of a key management service. The first (i.e., top-level) level of the key hierarchy includes the HSM root key (i.e., master key), which is stored in the HSM and set by the user via the TKE command-line interface (CLI) or smart card, with backups stored only at the client level. The second level in the key hierarchy includes the customer root key (CRK), which is stored in a form wrapped only by Hyper Protect Crypto Services (HPCS), is randomly generated by the HSM or imported via an API, and is backed up by HPCS within a geographical area. The third level in the key hierarchy includes the data encryption key (DEK), which is stored in a form wrapped by an application or other service, is randomly generated by the HSM or imported via an API, and is backed up by the application using the DEK.

[0016] A system for distributing root keys to HSMs in an HSM cluster. Figure 1 is a block diagram of a system 100 for securely distributing root keys to HSMs in an HSM cluster according to an embodiment of the present invention. System 100 includes a computer 102 which includes a software-based root key distribution system 104, the root key distribution system 104 which includes an HSM administrator establishment module 106, a root key generation and HSM synchronization module 108, and a root key activation module. In one embodiment, the root key distribution system 104 is included in an IBM(R) Trusted Key Entry workstation.

[0017] The root key distribution system 104 receives the signing secret key 112 from the administrator's computer system (not shown). System 100 also includes an instance 114 of a key management service and cloud HSM that communicates with the root key distribution system 104. The instance 114 of the management service and cloud HSM can be, for example, an IBM(R) Hyper Protect Crypto Services instance.

[0018] Instance 114 of the management service and cloud HSM includes a cluster of cryptographic units 116-1, ..., 116-N, where N is an integer greater than 1. A cryptographic unit is a single unit representing an HSM and its corresponding software stack. The cluster of cryptographic units 116-1, ..., 116-N acts as a single logical entity for key management and key governance. Each of the cryptographic units 116-1, ..., 116-N includes an HSM 118 (i.e., a cloud HSM) that collectively constitutes the HSM cluster. The cloud HSM is a tamper-proof, readily detectable hardware device configured to securely manage, process, and store cryptographic keys.

[0019] The management service and instance 114 of the cloud HSM also includes source HSM 120, which is also a hardware security module. HSM 120 creates a master key, creates an exporter key pair, derives a transport key, and uses the transport key to wrap the master key. In one embodiment, each of the cryptographic units 116-1, ..., 116-N includes a key management service application programming interface (KMS API) (not shown) and an Enterprise Public-Key Cryptography Standard (PKCS) #11 application programming interface (EP11 API) (not shown). The KMS API manages keys for the key management service. The EP11 API provides remote access to instance 114 (e.g., an IBM(R) Hyper Protect Crypto Services instance) for data encryption and management.

[0020] The HSM administrator establishment module 106 establishes the administrator of the HSMs in the HSM cluster. For example, an IBM(R) Crypto Express card provides a function for establishing the administrator of the HSM. The HSM administrator establishment module 106 uploads a certificate from the private key / public key pair to each HSM 118. The root key distribution system 104 uses this certificate to permit commands for a given node in the HSM cluster after the given node is released from the imprint mode.

[0021] The root key generation and HSM synchronization module 108 generates a root key and synchronizes the nodes in the HSM cluster in response to the user permitting the root key distribution process by using the TKE client.

[0022] The root key activation module 110 activates the pending root key within the key management service and the instance 114 of the cloud HSM, and protects the data within the cloud computing environment.

[0023] The functions of the components shown in FIG. 1 are described in more detail in the discussion of FIGS. 2A-2C and FIG. 3 presented below.

[0024] Process for distributing the root key to the HSMs of the HSM cluster FIGS. 2A-2C show a flowchart of a process for securely distributing a root key to the HSMs within an HSM cluster in accordance with an embodiment of the present invention. The process of FIGS. 2A-2C begins at the start node 200 in FIG. 2A. In step 202, the root key distribution system 104 (see FIG. 1) receives a command from the administrator's computer system to create a new master key. As used herein, the master key is synonymous with the root key. The master key is an encryption key used to protect the key management service and the instance 114 of the cloud HSM (see FIG. 1) by encrypting the contents of the HSM 118 (see FIG. 1) and protecting cryptographic operations.

[0025] In step 204, the root key distribution system 104 (see FIG. 1) generates a command to create a master key, signs this command, and sends this command to the source HSM 120 (see FIG. 1). The root key distribution system 104 (see FIG. 1) signs the command to create a master key by using the signature private key 112 (see FIG. 1).

[0026] After step 204 and before step 206, the source HSM120 (see Figure 1) receives the command sent in step 204, verifies the validity of the signature of the command sent in step 204, generates a master key (also referred to herein as a new master key), generates a response using the module signing key hardcoded into the source HSM120 (see Figure 1) during its manufacture, and signs this response.

[0027] In step 206, the root key distribution system 104 (see Figure 1) receives the master key fingerprint in the response generated after step 204 and before step 206 using the module signing key.

[0028] In step 208, the root key distribution system 104 (see Figure 1) verifies the validity of the signature of the response generated after step 204 and before step 206 using the module signing key.

[0029] In step 210, the root key distribution system 104 (see Figure 1) sends an instruction to the administrator's computer system indicating that the creation of the new master key is complete.

[0030] In step 212, the root key distribution system 104 (see Figure 1) generates a command, signs the command, and sends the command to the first HSM in the HSM cluster (i.e., HSM 118 in cryptographic unit 116-1 in Figure 1). The command sent in step 212 is for generating an importer key pair, which includes the importer private key and the importer public key.

[0031] After step 212 and before step 214, the first HSM receives the command sent in step 212, generates an importer key pair, and stores the importer private key.

[0032] In step 214, the root key distribution system 104 (see Figure 1) receives the importer public key from the first HSM.

[0033] In step 216, the root key distribution system 104 (see Figure 1) distributes the master key and Exporter Generate a request to export the public key, sign this request, and send it to the source HSM120 (see Figure 1).

[0034] After step 216, the process shown in Figures 2A-2C continues to step 218 in Figure 2B. After step 216 and before step 218, the source HSM120 (see Figure 1) receives the request sent in step 216, generates an exporter key pair including the exporter private key and the exporter public key, derives a transport key from the importer public key and the exporter private key, wraps the master key using this transport key, generates a response to the request sent in step 216, and discards the importer public key, the exporter private key, and the transport key. As used herein, wrapping the master key means encrypting the master key using another key.

[0035] In step 218, the root key distribution system 104 (see Figure 1) receives the wrapped master key and exporter public key in the response.

[0036] In step 220, the root key distribution system 104 (see Figure 1) generates a wrapped master key and exporter public key, signs the wrapped master key and exporter public key, and sends the wrapped master key and exporter public key to the first HSM.

[0037] After step 220 and before step 222, the first HSM receives the wrapped master key and exporter public key transmitted in step 220, derives a transport key from the importer private key and exporter public key, uses the transport key derived from the importer private key and exporter public key to unwrap the master key, and places the unwrapped master key in a new master key register in an uncommitted state. The unwrapped master key placed in the new master key register is also referred to herein as the pending master key. As used herein, unwrapping a master key means decrypting the wrapped master key by using another key.

[0038] In step 222, the root key distribution system 104 (see Figure 1) receives an instruction that the import of the master key to the first HSM is complete.

[0039] In step 224, the root key distribution system 104 (see Figure 1) generates a command to commit the pending master key, signs the command, and sends the command to the first HSM.

[0040] After step 224 and before step 226, the first HSM receives the command sent in step 224 and, in response to the received command, changes the state of the pending master key from uncommitted to committed.

[0041] In step 226, the root key distribution system 104 (see Figure 1) receives an instruction from the first HSM that the pending master key is committed.

[0042] In step 228, the root key distribution system 104 (see Figure 1) generates a command to complete the pending master key, signs the command, and sends the command to the first HSM (see Figure 1).

[0043] After step 228 and before step 230, the first HSM receives the command sent in step 228 and sets the pending master key to be active (i.e., activates the pending master key).

[0044] In step 230, the root key distribution system 104 (see Figure 1) receives an instruction from the first HSM that the pending master key has been activated.

[0045] After step 230, the process shown in Figures 2A-2C continues to step 232 in Figure 2C.

[0046] In step 232, the root key distribution system 104 (see Figure 1) determines whether there is another HSM in the HSM cluster that is not being used in the loop starting from step 212 (see Figure 2A). If the root key distribution system 104 (see Figure 1) determines that there is another HSM (i.e., the next HSM), the "yes" branch in step 232 is selected, and the processes in Figures 2A-2C loop pack back to step 212 (see Figure 2A), and the first HSM in the description of steps 212-230 is replaced with the next HSM.

[0047] If, in step 232, the root key distribution system 104 (see Figure 1) determines that there is no other HSM in the HSM cluster that should be used in the aforementioned loop, the "No" branch in step 232 is selected and step 234 is executed.

[0048] In step 234, the root key distribution system 104 (see Figure 1) sends a message to the administrator's computer system indicating that the distribution of master keys within the HSM cluster is complete.

[0049] The processes shown in Figures 2A-2C terminate at termination node 236.

[0050] Computer system Figure 3 is a block diagram of a computer that performs the processes shown in Figures 2A-2C, which is included in the system of Figure 1 according to an embodiment of the present invention. Computer 102 is generally a computer system that includes a central processing unit (CPU) 302, memory 304, an input / output (I / O) interface 306, and a bus 308. Furthermore, computer 102 is coupled with an I / O device 310 and a computer data storage unit 312. The CPU 302 performs the computational and control functions of computer 102, including executing instructions contained in the program code 314 of the root key distribution system 104 (see Figure 1) to perform a method of securely distributing root keys to HSMs in an HSM cluster, and these instructions are executed by the CPU 302 via memory 304. The CPU 302 may include a single processing unit or processor, or it may be distributed across one or more processing units or one or more processors in one or more locations (e.g., on clients and servers).

[0051] Memory 304 includes known computer-readable storage media as described below. In one embodiment, a cache memory element of memory 304 provides temporary storage for at least some program code (e.g., program code 314) to reduce the number of times the code must be retrieved from bulk storage while program code instructions are being executed. Furthermore, similar to the CPU 302, memory 304 may reside in a single physical location including one or more types of data storage, or it may be distributed across multiple physical systems or multiple computer-readable storage media of various forms. In addition, memory 304 may include data distributed across, for example, a local area network (LAN) or a wide area network (WAN).

[0052] The I / O interface 306 includes any system for exchanging information with external sources. The I / O device 310 includes any known type of external device, including displays, keyboards, etc. The bus 308 provides communication links between each of the components within the computer 102 and may include any type of transmission link, including electrical, optical, wireless, etc.

[0053] The I / O interface 306 also allows the computer 102 to store information (e.g., data, or program instructions such as program code 314) in the computer data storage unit 312 or another computer data storage unit (not shown), or to retrieve information from those computer data storage units. The computer data storage unit 312 includes one or more known computer-readable storage media, which are described below. In one embodiment, the computer data storage unit 312 is a non-volatile data storage device, such as a solid-state drive (SSD), a network-attached storage (NAS) array, a storage area network (SAN) array, a magnetic disk drive (i.e., a hard disk drive), or an optical disk drive (e.g., a CD-ROM drive that accepts CD-ROM disks or a DVD drive that accepts DVD disks).

[0054] Memory 304 or storage unit 312 or both may store computer program code 314, which includes instructions, executed by the CPU 302 via memory 304 to securely distribute root keys to HSMs in the HSM cluster. Figure 3 shows memory 304 containing program code, but the present invention intends an embodiment in which memory 304 does not contain all of the code 314 at once, but rather contains only a portion of the code 314 at a time.

[0055] Furthermore, memory 304 may include an operating system (not shown), or other systems not shown in Figure 3.

[0056] As will be understood by those skilled in the art, in the first embodiment the present invention may be a method, in the second embodiment the present invention may be a system, and in the third embodiment the present invention may be a computer program product.

[0057] Any component of an embodiment of the present invention may be deployed, managed, serviced, etc., by a service provider that provides deployment or integration of a computing infrastructure relating to securely distributing root keys to HSMs in an HSM cluster. Accordingly, an embodiment of the present invention discloses a process for supporting a computer infrastructure, which includes providing at least one support service for at least one of integrating, hosting, maintaining, and deploying computer-readable code (e.g., program code 314) in a computer system (e.g., computer 102) including one or more processors (e.g., CPU 302), the processors executing instructions contained in the code, causing the computer system to securely distribute root keys to HSMs in an HSM cluster. Another embodiment discloses a process for supporting a computer infrastructure, which includes integrating computer-readable program code into a computer system including a processor. This integration step includes storing the program code in a computer-readable storage device of the computer system by using the processor. When executed by the processor, the program code implements a method for securely distributing root keys to HSMs in an HSM cluster.

[0058] It is understood that program code 314 for securely distributing root keys to HSMs in an HSM cluster may be deployed by manually reading it directly to client computers, server computers, and proxy computers (not shown) via reading a computer-readable storage medium (e.g., a computer data storage unit 312). However, program code 314 may also be deployed automatically or semi-automatically to computer 102 by sending program code 314 to a central server or a group of central servers. Program code 314 is then downloaded to a client computer (e.g., computer 102) that will run program code 314. Alternatively, program code 314 may be sent directly to the client computer by email. Program code 314 is then isolated to a directory on the client computer or read into a directory on the client computer by a button in the email that runs a program that isolates program code 314 to a directory. Another alternative is to send program code 314 directly to a directory on the client computer's hard drive. If a proxy server exists, the process selects the proxy server code, determines which computer to place the proxy server code on, sends the proxy server code, and then installs the proxy server code on the proxy computer. Program code 314 is sent to the proxy server and then stored on the proxy server.

[0059] Another embodiment of the present invention provides a method for performing steps of a process based on subscription, advertising, or fees, or a combination thereof. Specifically, a service provider may provide, create, maintain, and support a process for securely distributing root keys to HSMs within an HSM cluster. In this case, the service provider may create, maintain, and support a computer infrastructure for performing steps of the process for one or more customers. In return, the service provider may receive payments from customers pursuant to a subscription, a paid contract, or both, or the service provider may receive payments from the sale of advertising content to one or more third parties, or both.

[0060] The present invention may be a system, method, or computer program product, or a combination thereof, at any possible level of integration of technical details. The computer program product may include one or more computer-readable storage media (i.e., memory 304 and computer data storage unit 312) having computer-readable program instructions 314 for causing a processor (e.g., CPU 302) to perform an aspect of the present invention.

[0061] A computer-readable storage medium can be a tangible device capable of holding and storing instructions (e.g., program code 314) for use by an instruction execution device (e.g., computer 102). The computer-readable storage medium may be, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination thereof. A non-exclusive list of further specific examples of computer-readable storage media includes portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM) or flash memory, static random access memory (SRAM), compact disc read-only memory (CD-ROM), digital versatile disk (DVD), memory sticks, floppy disks, mechanically encoded devices such as punch cards or grooved structures on which instructions are recorded, and any appropriate combination thereof. When used herein, computer-readable storage media should not be interpreted as transient signals in themselves, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmitting media (e.g., light pulses passing through fiber optic cables), or electrical signals transmitted through wires.

[0062] The computer-readable program instructions described herein (e.g., program code 314) may be downloaded from a computer-readable storage medium to each computing device / processing device (e.g., computer 102) or to an external computer or external storage device (e.g., computer data storage unit 312) via a network (not shown) (e.g., the Internet, a local area network, a wide area network, or a wireless network, or a combination thereof). This network may include copper transmission cables, optical transmission fibers, wireless transmitters, routers, firewalls, switches, gateway computers, or edge servers, or a combination thereof. A network adapter card (not shown) or network interface (not shown) within each computing device / processing device receives computer-readable program instructions from the network and transfers those computer-readable program instructions for storage on a computer-readable storage medium within each computing device / processing device.

[0063] The computer-readable program instructions (e.g., program code 314) for performing the operation of the present invention may be assembler instructions, instruction-set-architecture (ISA) instructions, machine instructions, machine-dependent instructions, microcode, firmware instructions, state-setting data, configuration data for integrated circuits, or source code or object code written in any combination of one or more programming languages, including object-oriented programming languages ​​such as Smalltalk(R) and C++, and procedural programming languages ​​such as the C programming language or similar programming languages. The computer-readable program instructions can be executed as a whole on the user's computer, partially as a standalone software package on the user's computer, partially on the user's computer and on a remote computer, respectively, or entirely on a remote computer or on a server. In the latter scenario, the remote computer may be connected to the user's computer via any type of network, including a local area network (LAN) or wide area network (WAN), or the connection may be to an external computer (e.g., via the Internet using an Internet service provider). In some embodiments, to carry out aspects of the present invention, an electronic circuit including, for example, a programmable logic circuit, a field-programmable gate array (FPGA), or a programmable logic array (PLA) may be customized by executing computer-readable program instructions using state information of computer-readable program instructions.

[0064] Aspects of the present invention will be described herein by reference to flowcharts (e.g., Figures 2A-2C) or block diagrams (e.g., Figures 1 and 3), or both, of methods, apparatus (systems), and computer program products, according to embodiments of the present invention. It will be understood that each block in the flowchart or block diagram, or both, and any combination of blocks in the flowchart or block diagram, or both, can be implemented by computer-readable program instructions (e.g., program code 314).

[0065] These computer-readable program instructions may also be provided to the processor (e.g., CPU 302) of a general-purpose computer, a dedicated computer, or another programmable data processing device (e.g., computer 102) to create a machine, such that instructions executed via the processor of a computer or other programmable data processing device create means to perform functions / operations specified in one or more blocks of a flowchart or block diagram, or both. These computer-readable program instructions may also be stored in a computer-readable storage medium (e.g., computer data storage unit 312) so that the computer-readable storage medium containing the instructions has a product containing instructions that perform modes of functions / operations specified in one or more blocks of a flowchart or block diagram, or both, and can instruct a computer, a programmable data processing device, or other device, or a combination thereof, to function in a particular manner.

[0066] Computer-readable program instructions (e.g., program code 314) may be read into a computer (e.g., computer 102), another programmable data processing device, or other device so that instructions executed on the computer, on another programmable device, or on other devices perform functions / operations specified in one or more blocks of a flowchart or block diagram, or both, thereby creating a process performed on the computer by executing a series of operable steps on the computer, on another programmable device, or on other devices.

[0067] The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagram may represent a module, segment, or portion of instructions comprising one or more executable instructions for performing a specified logical function. In some alternative implementations, the functions described in the blocks may occur in an order different from the order shown in the diagram. For example, two consecutively shown blocks may, depending on the functions they contain, be performed as a single step, executed simultaneously, executed substantially simultaneously in a way that partially or completely overlaps in time, or possibly in reverse order. It should also be noted that each block in the block diagram or flowchart diagram, or both, and any combination of blocks in the block diagram or flowchart diagram, or both, may be implemented by a dedicated hardware-based system that performs a specified function or operation, or a combination of dedicated hardware and computer instructions.

[0068] Embodiments of the present invention are described herein for illustrative purposes, but many modifications and changes will become apparent to those skilled in the art. Accordingly, the appended claims are intended to encompass all such modifications and changes as being in the true spirit and scope of the invention.

[0069] Cloud computing environment While this disclosure includes a detailed description of cloud computing, it should be understood that the implementation of the teachings enumerated herein is not limited to cloud computing environments. Rather, embodiments of the present invention may be implemented in combination with any other type of computing environment that is currently known or may be developed in the future.

[0070] Cloud computing is a service delivery model that enables convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, network bandwidth, servers, processing, memory, storage, applications, virtual machines, and services), allowing these resources to be provisioned and released quickly with minimal administrative effort or interaction with service providers. This cloud model may include at least five features, at least three service models, and at least four deployment models.

[0071] The features are as follows:

[0072] On-demand self-service: Cloud users can unilaterally and automatically provision computing power, such as server time and network storage, as needed, without requiring human interaction with service providers.

[0073] Broad network access: The capability is available over the network and accessible through standard mechanisms, facilitating use by heterogeneous thin-client or thick-client platforms (e.g., mobile phones, laptops, and PDAs).

[0074] Resource Pooling: A provider's computing resources are pooled and delivered to multiple users using a multi-tenant model, with various physical and virtual resources dynamically allocated and reallocated as needed. There is a sense of location independence, and users typically have neither control nor knowledge of the exact location of the resources provided, although at a higher level of abstraction, they may be able to specify a location (e.g., country, state, or data center).

[0075] Rapid Adaptability: Capabilities can be provisioned quickly and flexibly, sometimes automatically, scale out rapidly, and be released quickly to scale in rapidly. The capacity available for provisioning often appears unlimited to the user, and any amount can be purchased at any time.

[0076] Measured Services: Cloud systems leverage metering capabilities to automatically control and optimize resource usage at a level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency to both service providers and users of the services being utilized.

[0077] The service model is as follows:

[0078] Software as a Service: The capability provided to the user is the use of the provider's applications running on a cloud infrastructure. These applications can be accessed from various client devices via thin client interfaces such as web browsers (e.g., web-based email). The user does not manage or control the underlying cloud infrastructure, including the network, servers, operating system, storage, or even individual application capabilities, except for the possibility of making limited user-specific application configuration settings.

[0079] Platform as a Service: The ability provided to the user is to deploy applications created or acquired by the user, written using programming languages ​​and tools supported by the provider, onto a cloud infrastructure. The user does not manage or control the underlying cloud infrastructure, including the network, servers, operating system, or storage, but controls the configuration of the deployed application and, where possible, the application hosting environment.

[0080] Infrastructure as a Service: The capabilities provided to users are the provisioning of processing, storage, networking, and other basic computing resources, allowing users to deploy and run any software, including operating systems and applications. Users do not manage or control the underlying cloud infrastructure, but they do control the operating system, storage, and deployed applications, and, where possible, have limited control over selected network components (e.g., host firewalls).

[0081] The deployment model is as follows:

[0082] Private Cloud: This cloud infrastructure is operated solely for the organization. It can be managed by this organization or a third party and can reside on-premises or off-premises.

[0083] Community Cloud: This cloud infrastructure is shared by multiple organizations and supports specific communities that share common interests (e.g., missions, security requirements, policies, and compliance considerations). It can be managed by these organizations or third parties and can reside on-premises or off-premises.

[0084] Public Cloud: This cloud infrastructure is available for use by general users or large industry groups and is owned by the organization that sells the cloud service.

[0085] Hybrid Cloud: This cloud infrastructure is a combination of two or more clouds (private, community, or public) that are joined together while retaining their individual entities, through standardized or proprietary technologies (e.g., cloud bursting for load balancing between clouds) that enable data and application portability.

[0086] Cloud computing environments are service-oriented environments that emphasize statelessness, low coupling, modularity, and semantic interoperability. At the heart of cloud computing is the infrastructure, which includes a network of interconnected nodes.

[0087] Referring here to Figure 4, an exemplary cloud computing environment 50 is shown. As illustrated, the cloud computing environment 50 includes one or more cloud computing nodes 10 on which local computing devices used by cloud users (e.g., a personal digital assistant (PDA) or mobile phone 54A, a desktop computer 54B, a laptop computer 54C, or an automotive computer system 54N, or a combination thereof) can communicate. The nodes 10 may communicate with each other. The nodes 10 may be physically or virtually grouped within one or more networks into a private cloud, community cloud, public cloud, or hybrid cloud, or a combination thereof, as described herein. This allows the cloud computing environment 50 to provide infrastructure, a platform, or software as a service, or a combination thereof, that cloud users do not need to maintain resources on their local computing devices. The types of computing devices 54A, 54B, 54C, and 54N shown in Figure 4 are intended for illustrative purposes only, and it is understood that the computing node 10 and the cloud computing environment 50 can communicate with any type of computer-controlled device via any type of network or network-addressable connection (e.g., a connection using a web browser) or both.

[0088] Referring now to Figure 5, a set of functional abstraction layers provided by the cloud computing environment 50 (see Figure 4) is shown. It should be understood in advance that the components, layers, and functions shown in Figure 5 are intended for illustrative purposes only, and embodiments of the present invention are not limited thereto. The following layers and corresponding functions are provided as illustrated:

[0089] The hardware and software layer 60 includes hardware components and software components. Examples of hardware components include a mainframe 61, RISC (Reduced Instruction Set Computer) architecture-based servers 62, 63, blade servers 64, storage devices 65, and networks and network components 66. In some embodiments, software components include network application server software 67 and database software 68.

[0090] The virtualization layer 70 provides an abstraction layer that can provide examples of virtual entities such as virtual servers 71, virtual storage 72, virtual networks 73 including virtual private networks, virtual applications and operating systems 74, and virtual clients 75.

[0091] In one example, the management layer 80 may provide the functions described below: Resource provisioning 81 dynamically procures computing and other resources used to perform tasks within the cloud computing environment. Measurement and pricing 82 tracks the costs of using resources within the cloud computing environment and sends invoices or bills for the use of these resources. In one example, these resources may include application software licenses. Security verifies the identities of cloud users and tasks and protects data and other resources. The user portal 83 provides users and system administrators with access to the cloud computing environment. Service level management 84 allocates and manages cloud computing resources to meet required service levels. Service Level Agreement (SLA) planning and execution 85 prepares and procures cloud computing resources in advance of anticipated future demands in accordance with the SLA.

[0092] Workload Layer 90 provides examples of capabilities available in a cloud computing environment. Examples of workloads and capabilities that may be provided from this layer include mapping and navigation 91, software development and lifecycle management 92, delivery of virtual classroom education 93, data analysis processing 94, transaction processing 95, and secure root key distribution to HSMs in an HSM cluster 96.

Claims

1. The central processing unit (CPU) and The memory connected to the CPU, A computer system comprising one or more computer-readable storage media coupled to the CPU, wherein the one or more computer-readable storage media collectively include instructions executed by the CPU via memory to carry out a method of distributing root keys to hardware security modules (HSMs) of an HSM cluster, and the method The computer system sends a first command to the source HSM for creating a master key, wherein the first command is signed by the administrator of the HSM in the HSM cluster. The computer system receives the fingerprint of the master key from the source HSM in a response signed by the source HSM using a module signing key hardcoded into the source HSM at the time of the source HSM's manufacture, The computer system transmits a second command to the first HSM in the HSM cluster, wherein the second command generates an importer key pair including an importer private key and an importer public key. The computer system, in response to transmitting the second command, receives the importer public key from the first HSM, The computer system sends a request to the source HSM to export the master key and the exporter public key, The computer system, in response to sending the request, receives from the source HSM (i) the master key wrapped with a transport key and (ii) the exporter public key, wherein the transport key is derived from the importer public key and the exporter private key. The computer system transmits to the first HSM (i) the master key wrapped using the transport key and (ii) the exporter public key, The computer system activates the master key in the first HSM. A computer system that includes [a certain feature].

2. The method described above is After transmitting the master key and the exporter public key, the first HSM derives the transport key from the exporter public key and the importer private key stored by the first HSM, The first HSM unwraps the master key using the transport key, The first HSM registers the unwrapped master key as a new master key in the registers of the first HSM in an uncommitted state. The computer system according to claim 1, further comprising:

3. The method described above is The computer system according to claim 2, further comprising the first HSM discarding the importer private key, the exporter public key, and the transport key.

4. The method described above is The computer system according to claim 2, further comprising changing the master key registered in the register of the first HSM from the uncommitted state to the committed state.

5. The method described above is The computer system according to claim 1, further comprising: in a key management service, using the activated master key as a root key; the key management service providing the customer with complete control over the cryptographic keys protecting data in a cloud computing environment, without requiring the management of the root key outside of the key management service; and preventing the cloud service provider from accessing the data.

6. The method further comprises a second HSM, The computer system sends a command to the second HSM in the HSM cluster for generating a second importer key pair, which includes a second importer private key and a second importer public key, wherein the second importer key pair is different from the importer key pair. The computer system receives the second importer public key from the second HSM, The computer system sends a request to the source HSM to export the master key and the second exporter public key, The computer system receives from the source HSM (i) the master key wrapped with a second transport key and (ii) the second exporter public key, wherein the second transport key is different from the transport key and is derived from the second importer public key and the second exporter private key. The computer system transmits to the second HSM (i) the master key wrapped using the second transport key and (ii) the second exporter public key, wherein the second HSM derives the second transport key from the second exporter public key and the second importer private key stored by the second HSM, unwraps the master key using the second transport key, and registers the master key in the registers of the second HSM in an uncommitted state; The computer system sets the master key registered in the second HSM to a committed state and activates the master key stored by the second HSM. The computer system according to claim 1, further comprising:

7. The method described above is The source HSM receives the request to export the master key and the exporter public key, The source HSM, in response to receiving the request to export the master key and the exporter public key, generates an exporter key pair including the exporter private key and the exporter public key, The source HSM derives the transport key from the importer public key and the exporter private key, The source HSM wraps the master key using the transport key, The source HSM generates a response to the request, wherein the response includes (i) the master key wrapped with the transport key and (ii) the exporter public key, The source HSM discards the importer public key, the exporter private key, and the transport key. The computer system according to claim 1, further comprising:

8. The method described above is In response to sending the first command, the source HSM verifies the validity of the signature of the first command by using its signature public key, The source HSM generates the master key, The source HSM generates a response to the first command using the module signing key and signs the response. The computer system according to claim 7, further comprising:

9. The method described above is The computer system establishes the administrator of the HSM within the HSM cluster, The computer system uploads a certificate from a private key and public key pair to the HSM, and the upload is performed after each HSM in the HSM cluster has been removed from imprint mode, and the certificate authorizes the command. The computer system according to claim 1, further comprising:

10. A method implemented in a computer, Sending a first command to a source HSM for creating a master key using one or more processors of the computer, wherein the first command is signed by the administrator of the HSM in the HSM cluster, The one or more processors receive from the source HSM the fingerprint of the master key in a response signed by the source HSM using a module signing key hardcoded into the source HSM at the time of manufacturing the source HSM. The one or more processors transmit a second command to the first HSM in the HSM cluster, wherein the second command generates an importer key pair including an importer private key and an importer public key; In response to transmitting the second command by one or more processors, the importer public key is received from the first HSM. The one or more processors send a request to the source HSM to export the master key and the exporter public key, The one or more processors, in response to sending the request, receive from the source HSM (i) the master key wrapped with a transport key and (ii) the exporter public key, wherein the transport key is derived from the importer public key and the exporter private key. The one or more processors transmit to the first HSM (i) the master key wrapped with the transport key and (ii) the exporter public key, The one or more processors enable the master key in the first HSM. Methods that include...

11. After transmitting the master key and the exporter public key, one or more processors derive the transport key from the exporter public key and the importer private key stored by the first HSM, The one or more processors unwrap the master key using the transport key, The one or more processors register the unwrapped master key as a new master key in the register of the first HSM in an uncommitted state. The method according to claim 10, further comprising:

12. The method according to claim 11, further comprising destroying the importer private key, the exporter public key, and the transport key by the one or more processors.

13. The method according to claim 11, further comprising changing the master key registered in the register of the first HSM from the uncommitted state to the committed state by one or more processors.

14. The method according to claim 10, further comprising using one or more processors in a key management service to use the activated master key as a root key, providing the customer with complete control over the cryptographic keys protecting data in a cloud computing environment, without requiring the key management service to manage the root key outside of the key management service, and preventing the cloud service provider from accessing the data.

15. Sending a command to a second HSM in the HSM cluster by one or more processors to generate a second importer key pair including a second importer secret key and a second importer public key, wherein the second importer key pair is different from the importer key pair, and the transmission is performed. The one or more processors receive the second importer public key from the second HSM, Sending a request to the source HSM to export the master key and the second exporter public key by one or more processors, The receiving of the following by one or more processors from the source HSM: (i) the master key wrapped with a second transport key and (ii) the second exporter public key, wherein the second transport key is different from the transport key and is derived from the second importer public key and the second exporter private key. The one or more processors transmit to the second HSM (i) the master key wrapped with the second transport key and (ii) the second exporter public key, wherein the second HSM derives the second transport key from the second exporter public key and the second importer private key stored in the second HSM, unwraps the master key using the second transport key, and registers the master key in the second HSM's registers in an uncommitted state; The one or more processors set the master key registered in the second HSM to a committed state, and the master key stored by the second HSM is activated. The method according to claim 10, further comprising:

16. The one or more processors receive the request to export the master key and the exporter public key, One or more processors generate an exporter key pair, including the exporter private key and the exporter public key, in response to receiving the request to export the master key and the exporter public key. The transport key is derived from the importer public key and the exporter private key by one or more of the aforementioned processors, The one or more processors wrap the master key using the transport key, The one or more processors generate a response to the request, wherein the response includes (i) the master key wrapped with the transport key and (ii) the exporter public key, The one or more processors discard the importer public key, the exporter private key, and the transport key. The method according to claim 10, further comprising:

17. In response to sending the first command, one or more processors verify the validity of the signature of the first command by using a signature public key, The master key is generated by one or more of the aforementioned processors, The one or more processors generate a response to the first command using the module signing key and sign the response. The method according to claim 16, further comprising:

18. The method of claim 10, further comprising providing software as a service in a cloud environment, wherein the software is executed by a hardware processor in the cloud environment and performs the following: sending the first command; receiving the fingerprint of the master key; sending the second command; receiving the importer public key; sending the request to export the master key and the exporter public key; receiving the master key and the exporter public key wrapped with the transport key; sending the master key and the exporter public key wrapped with the transport key; and activating the master key in the first HSM.

19. The method of claim 10, further comprising providing at least one support service for at least one of creating, integrating, hosting, maintaining, and deploying computer-readable program code within a computer, wherein the program code is executed by the processor of the computer to perform the following: sending the first command; receiving the fingerprint of the master key; sending the second command; receiving the importer public key; sending the request to export the master key and the exporter public key; receiving the master key and the exporter public key wrapped with the transport key; sending the master key and the exporter public key wrapped with the transport key; and activating the master key in the first HSM.

20. A computer program for causing a computer to perform each step of the method described in any one of claims 10 to 17.