US2015294119A1PendingUtilityA1

Booting a multi-node computer system from a primary node dynamically selected based on security setting criteria

Assignee: IBMPriority: Apr 10, 2014Filed: Apr 10, 2014Published: Oct 15, 2015
Est. expiryApr 10, 2034(~7.7 yrs left)· nominal 20-yr term from priority
G06F 21/629G06F 9/4405G06F 21/72G06F 9/441G06F 21/6218H04L 41/0803G06F 21/575
53
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A computer program product including a computer readable storage medium having program instructions embodied therewith. The program instructions are executable by a processor to cause the processor to perform a method including identifying, from among nodes within a multi-node system, a node that has a security setting satisfying a security setting criteria, booting the multi-node system with the identified node as the primary node; and operating the multi-node system using the security setting of the identified node. Accordingly, the method may provide dynamic selection of a primary node based upon the security setting criteria and the security settings of the nodes within the multi-node system. In non-limiting examples, the security setting criteria may be the highest security setting among all nodes within the multi-node system or a predetermined minimum security setting, such as a trusted execution technology setting.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to perform a method comprising:
 identifying, from among nodes within a multi-node system, a node that has a security setting satisfying a security setting criteria;   booting the multi-node system with the identified node as the primary node; and   operating the multi-node system using the security setting of the identified node.   
     
     
         2 . The computer program product of  claim 1 , wherein the multi-node system includes more than two nodes. 
     
     
         3 . The computer program product of  claim 2 , wherein the more than two nodes are fully meshed. 
     
     
         4 . The computer program product of  claim 1 , wherein the security setting of the identified node is stored in a trusted platform module. 
     
     
         5 . The computer program product of  claim 1 , wherein each node within the multi-node system stores a security setting in a trusted platform module within the node. 
     
     
         6 . The computer program product of  claim 1 , wherein each node within the multi-node system stores a security setting in non-volatile memory directly accessible to a trusted platform module within the node. 
     
     
         7 . The computer program product of  claim 1 , wherein the security setting criteria is the highest security setting among all nodes within the multi-node system. 
     
     
         8 . The computer program product of  claim 1 , wherein the security setting criteria includes a predetermined minimum security setting. 
     
     
         9 . The computer program product of  claim 8 , wherein the predetermined minimum security setting is a trusted execution technology setting. 
     
     
         10 . The computer program product of  claim 8 , wherein the predetermined minimum security setting has trusted execution technology enabled. 
     
     
         11 . The computer program product of  claim 8 , wherein the predetermined minimum security setting authenticates the node and an operating system of the node. 
     
     
         12 . The computer program product of  claim 1 , the method further comprising:
 establishing a default primary node; and   booting the multi-node system with the default primary node in response to none of the nodes having a security setting satisfying the security setting criteria.   
     
     
         13 . The computer program product of  claim 12 , wherein establishing a default primary node includes receiving user input identifying the default primary node. 
     
     
         14 . The computer program product of  claim 1 , the method further comprising:
 setting a field-programmable gate array in each compute node to point to the basic input output system of the compute node identified as the primary node.   
     
     
         15 . The computer program product of  claim 14 , wherein each field-programmable gate array is set by an integrated management module within the same compute node as the field-programmable gate array. 
     
     
         16 . The computer program product of  claim 15 , wherein each compute node has an integrated management module, and wherein each of the integrated management modules in the multi-node system coordinate control of the field-programmable gate arrays to point to one of the compute nodes as the primary node. 
     
     
         17 . The computer program product of  claim 1 , wherein identifying, from among nodes within a multi-node system, a node that has a security setting satisfying a security setting criteria, includes sequentially designating the nodes as the primary node until reaching a node that has a security setting satisfying the securing setting criteria. 
     
     
         18 . The computer program product of  claim 17 , the method further comprising:
 establishing a default primary node; and   booting the multi-node system with the default primary node in response to none of the nodes having a security setting satisfying the security setting criteria.

Join the waitlist — get patent alerts

Track US2015294119A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.