发明申请
- 专利标题: Support for Multiple Security Policies on a Unified Authentication Architecture
- 专利标题(中): 支持统一认证体系结构中的多个安全策略
-
申请号: US11866020申请日: 2007-10-02
-
公开(公告)号: US20090086974A1公开(公告)日: 2009-04-02
- 发明人: Masana Murase , Wilfred E. Plouffe, JR. , Kanna Shimizu , Vladimir Zbarsky
- 申请人: Masana Murase , Wilfred E. Plouffe, JR. , Kanna Shimizu , Vladimir Zbarsky
- 主分类号: H04L9/30
- IPC分类号: H04L9/30 ; H04L9/32
摘要:
A method, computer program product, and data processing system are disclosed for ensuring that applications executed in the data processing system originate only from trusted sources are disclosed. In a preferred embodiment, a secure operating kernel maintains a “key ring” containing keys corresponding to trusted software vendors. The secure kernel uses vendor keys to verify that a given application was signed by an approved vendor. To make it possible for independent developers to develop software for the herein-described platform, a “global key pair” is provided in which both the public and private keys of the pair are publicly known, so that anyone may sign an application with the global key. Such an application may be allowed to execute by including the global key pair's public key in the key ring as a “vendor key” or, conversely, it may be disallowed by excluding the global public key from the key ring.
公开/授权文献
信息查询