公开(公告)号：US07055029B2

公开(公告)日：2006-05-30

申请号：US09949323

申请日：2001-09-07

Applicant: Thomas Collins ,  John Gregory ,  Ralph Bestock

Inventor： Thomas Collins ,  John Gregory ,  Ralph Bestock

IPC: H04L9/00

CPC classification number: G06F21/72 ,  G06F21/572 ,  G06F21/575 ,  G06F2221/2107 ,  H04L9/302 ,  H04L9/3247 ,  H04L2209/125

Abstract: Ownership of a secure process is enabled with a cryptographic system. Methods initializing and operating the cryptographic system transfer control from the loading program to the loaded program and, in essence from the cryptographic system vendor to its end-user. As a result, ownership of the secure process can be relinquished to the end-user so that it alone can subsequently use the cryptographic system to control the secure process of loading and running its user-programs. The cryptographic system and methods allow for secure operations and protect against tampering with application software. The application program is retrieved from an encrypted file in external memory and authenticated by the cryptographic system before being executed.

公开(公告)号：US06378072B1

公开(公告)日：2002-04-23

申请号：US09017759

申请日：1998-02-03

Applicant: Thomas Collins ,  John Gregory ,  Ralph Bestock

Inventor： Thomas Collins ,  John Gregory ,  Ralph Bestock

IPC: H04L900

CPC classification number: G06F21/72 ,  G06F21/572 ,  G06F21/575 ,  G06F2221/2107 ,  H04L9/302 ,  H04L9/3247 ,  H04L2209/125

Abstract: A cryptographic system and method for encrypting and decrypting data using public key cryptography. The encryption and decryption may be divided into tasks that may operate in parallel. A secure method of initializing the cryptographic system to allow for secure operations and protect against tampering with application software. The application program is retrieved from an encrypted file in external memory and authenticated before being executed.

Abstract translation: 一种使用公共密钥密码加密和解密数据的加密系统和方法。 加密和解密可以分为可以并行操作的任务。 一种初始化密码系统以实现安全操作并防止篡改应用程序软件的安全方法。 应用程序从外部存储器中的加密文件检索，并在执行之前进行认证。

公开(公告)号：US20070011736A1

公开(公告)日：2007-01-11

申请号：US11177715

申请日：2005-07-08

Applicant: Jeff Kalibjian ,  Ralph Bestock ,  Larry Hines ,  W. Hopkins ,  Vladimir Libershteyn ,  Steven Wierenga ,  Susan Langford

Inventor： Jeff Kalibjian ,  Ralph Bestock ,  Larry Hines ,  W. Hopkins ,  Vladimir Libershteyn ,  Steven Wierenga ,  Susan Langford

IPC: G06F15/16

CPC classification number: G06F21/52 ,  G06F21/602

Abstract: Systems, methods, and apparatus are provided for policy protected cryptographic Application Programming Interfaces (APIs) that are deployed in secure memory. One embodiment is a method of software execution. The method includes executing an application in a first secure memory partition; formatting a request to comply with a pre-defined secure communication protocol; transmitting the request from the application to a cryptographic application programming interface (API) of the application, the API being in a second secure memory partition that is separate and secure from the first secure memory partition; and verifying, in the second secure memory partition, that the request complies with a security policy before executing the request.

Abstract translation: 为安全存储器中部署的策略保护密码应用编程接口（API）提供了系统，方法和设备。 一个实施例是软件执行的方法。 该方法包括在第一安全存储器分区中执行应用程序; 格式化请求以符合预定义的安全通信协议; 将所述应用的请求发送到所述应用的加密应用程序编程接口（API），所述API位于与所述第一安全存储器分区分离且安全的第二安全存储器分区中; 以及在所述第二安全存储器分区中验证所述请求在执行所述请求之前符合安全策略。

公开(公告)号：US08713667B2

公开(公告)日：2014-04-29

申请号：US11177715

申请日：2005-07-08

Applicant: Jeff Kalibjian ,  Ralph Bestock ,  Larry Hines ,  W. Dale Hopkins ,  Vladimir Libershteyn ,  Steven W. Wierenga ,  Susan Langford

Inventor： Jeff Kalibjian ,  Ralph Bestock ,  Larry Hines ,  W. Dale Hopkins ,  Vladimir Libershteyn ,  Steven W. Wierenga ,  Susan Langford

IPC: G06F9/00

CPC classification number: G06F21/52 ,  G06F21/602

Abstract: Systems, methods, and apparatus are provided for policy protected cryptographic Application Programming Interfaces (APIs) that are deployed in secure memory. One embodiment is a method of software execution. The method includes executing an application in a first secure memory partition; formatting a request to comply with a pre-defined secure communication protocol; transmitting the request from the application to a cryptographic application programming interface (API) of the application, the API being in a second secure memory partition that is separate and secure from the first secure memory partition; and verifying, in the second secure memory partition, that the request complies with a security policy before executing the request.

Abstract translation: 为安全存储器中部署的策略保护密码应用编程接口（API）提供了系统，方法和设备。 一个实施例是软件执行的方法。 该方法包括在第一安全存储器分区中执行应用程序; 格式化请求以符合预定义的安全通信协议; 将所述应用的请求发送到所述应用的密码应用编程接口（API），所述API位于与所述第一安全存储器分区分离且安全的第二安全存储器分区中; 以及在所述第二安全存储器分区中验证所述请求在执行所述请求之前符合安全策略。