发明申请
US20090086974A1 Support for Multiple Security Policies on a Unified Authentication Architecture 有权
支持统一认证体系结构中的多个安全策略

Support for Multiple Security Policies on a Unified Authentication Architecture
摘要:
A method, computer program product, and data processing system are disclosed for ensuring that applications executed in the data processing system originate only from trusted sources are disclosed. In a preferred embodiment, a secure operating kernel maintains a “key ring” containing keys corresponding to trusted software vendors. The secure kernel uses vendor keys to verify that a given application was signed by an approved vendor. To make it possible for independent developers to develop software for the herein-described platform, a “global key pair” is provided in which both the public and private keys of the pair are publicly known, so that anyone may sign an application with the global key. Such an application may be allowed to execute by including the global key pair's public key in the key ring as a “vendor key” or, conversely, it may be disallowed by excluding the global public key from the key ring.
信息查询
0/0