CPC G06F 21/6218 (2013.01) [G06F 16/182 (2019.01); G06F 21/602 (2013.01); H04L 9/0838 (2013.01); H04L 9/0841 (2013.01); H04L 9/0891 (2013.01); H04L 9/14 (2013.01)] | 20 Claims |
1. A system comprises a cluster of computing devices, and wherein the cluster of computing devices is associated with a cluster key comprising:
a frontend to encrypt data as it enters the system; and a backend to build failure-protected stripes in a plurality of storage devices, wherein the frontend and backend are networked devices that run a virtual frontend and virtual backend, wherein:
the plurality of storage devices are distributed such that at most an allowed number of storage devices are within any particular node of a plurality of nodes; and
the frontend registers a long-term key with a leader of the cluster when the system joins the cluster of computing devices and wherein prior to a transfer of the data, a session key is negotiated using an ephemeral key pair signed with the long-term key.
|