Booting a multi-node computer system from a primary node dynamically selected based on security setting criteria
Abstract
A computer program product including a computer readable storage medium having program instructions embodied therewith. The program instructions are executable by a processor to cause the processor to perform a method including identifying, from among nodes within a multi-node system, a node that has a security setting satisfying a security setting criteria, booting the multi-node system with the identified node as the primary node; and operating the multi-node system using the security setting of the identified node. Accordingly, the method may provide dynamic selection of a primary node based upon the security setting criteria and the security settings of the nodes within the multi-node system. In non-limiting examples, the security setting criteria may be the highest security setting among all nodes within the multi-node system or a predetermined minimum security setting, such as a trusted execution technology setting.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to perform a method comprising:
identifying, from among nodes within a multi-node system, a node that has a security setting satisfying a security setting criteria; booting the multi-node system with the identified node as the primary node; and operating the multi-node system using the security setting of the identified node.
2 . The computer program product of claim 1 , wherein the multi-node system includes more than two nodes.
3 . The computer program product of claim 2 , wherein the more than two nodes are fully meshed.
4 . The computer program product of claim 1 , wherein the security setting of the identified node is stored in a trusted platform module.
5 . The computer program product of claim 1 , wherein each node within the multi-node system stores a security setting in a trusted platform module within the node.
6 . The computer program product of claim 1 , wherein each node within the multi-node system stores a security setting in non-volatile memory directly accessible to a trusted platform module within the node.
7 . The computer program product of claim 1 , wherein the security setting criteria is the highest security setting among all nodes within the multi-node system.
8 . The computer program product of claim 1 , wherein the security setting criteria includes a predetermined minimum security setting.
9 . The computer program product of claim 8 , wherein the predetermined minimum security setting is a trusted execution technology setting.
10 . The computer program product of claim 8 , wherein the predetermined minimum security setting has trusted execution technology enabled.
11 . The computer program product of claim 8 , wherein the predetermined minimum security setting authenticates the node and an operating system of the node.
12 . The computer program product of claim 1 , the method further comprising:
establishing a default primary node; and booting the multi-node system with the default primary node in response to none of the nodes having a security setting satisfying the security setting criteria.
13 . The computer program product of claim 12 , wherein establishing a default primary node includes receiving user input identifying the default primary node.
14 . The computer program product of claim 1 , the method further comprising:
setting a field-programmable gate array in each compute node to point to the basic input output system of the compute node identified as the primary node.
15 . The computer program product of claim 14 , wherein each field-programmable gate array is set by an integrated management module within the same compute node as the field-programmable gate array.
16 . The computer program product of claim 15 , wherein each compute node has an integrated management module, and wherein each of the integrated management modules in the multi-node system coordinate control of the field-programmable gate arrays to point to one of the compute nodes as the primary node.
17 . The computer program product of claim 1 , wherein identifying, from among nodes within a multi-node system, a node that has a security setting satisfying a security setting criteria, includes sequentially designating the nodes as the primary node until reaching a node that has a security setting satisfying the securing setting criteria.
18 . The computer program product of claim 17 , the method further comprising:
establishing a default primary node; and booting the multi-node system with the default primary node in response to none of the nodes having a security setting satisfying the security setting criteria.Join the waitlist — get patent alerts
Track US2015294119A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.