-
公开(公告)号:US09264230B2
公开(公告)日:2016-02-16
申请号:US13047344
申请日:2011-03-14
申请人: Todd W. Arnold , Elizabeth A. Dames , Thomas J. Dewkett , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Thomas J. Dewkett , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
CPC分类号: H04L9/0897
摘要: A system for implementing computer security is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method that includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information. A structure of the key control information in the token is independent of the wrapping method. Implementing computer security also includes wrapping the key material and binding key control information to the key material in the token. The key control information includes information relating to usage and management of the key material.
摘要翻译: 提供了一种实现计算机安全的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行的应用程序,该应用程序实现一种方法,该方法包括使用密钥材料创建令牌和填充令牌的有效载荷部分,并且选择包装方法,该方法指定密钥材料 安全地绑定到关键控制信息。 令牌中的关键控制信息的结构与包装方法无关。 实施计算机安全还包括将密钥材料和密钥控制信息绑定到令牌中的密钥材料。 关键控制信息包括与密钥材料的使用和管理有关的信息。
-
公开(公告)号:US20120237023A1
公开(公告)日:2012-09-20
申请号:US13047344
申请日:2011-03-14
申请人: Todd W. Arnold , Elizabeth A. Dames , Thomas J. Dewkett , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Thomas J. Dewkett , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
IPC分类号: H04L9/00
CPC分类号: H04L9/0897
摘要: A system for implementing computer security is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method that includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information. A structure of the key control information in the token is independent of the wrapping method. Implementing computer security also includes wrapping the key material and binding key control information to the key material in the token. The key control information includes information relating to usage and management of the key material.
摘要翻译: 提供了一种实现计算机安全的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行的应用程序,该应用程序实现一种方法,该方法包括使用密钥材料创建令牌和填充令牌的有效载荷部分,并且选择包装方法,该方法指定密钥材料 安全地绑定到关键控制信息。 令牌中的关键控制信息的结构与包装方法无关。 实施计算机安全还包括将密钥材料和密钥控制信息绑定到令牌中的密钥材料。 关键控制信息包括与密钥材料的使用和管理有关的信息。
-
公开(公告)号:US08566913B2
公开(公告)日:2013-10-22
申请号:US13100357
申请日:2011-05-04
申请人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Kenneth B. Kerr , Richard V. Kisley , Michael J. Kelly , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Kenneth B. Kerr , Richard V. Kisley , Michael J. Kelly , Eric D. Rossman , Eric B. Smith
IPC分类号: H04L29/06
CPC分类号: H04L9/088 , H04L9/0897 , H04L2209/56
摘要: A system for secure key management is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method. The method includes populating a section of information associated with a key, the section of information being populated with information relating to a level of protection of the key accumulated over time. Secure key management further includes securely binding the section of information to the key, wherein the key is encrypted.
摘要翻译: 提供了一种用于安全密钥管理的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行实施方法的应用的应用。 该方法包括填充与密钥相关联的一部分信息,该部分的信息被填充有与随时间累积的密钥的保护级别相关的信息。 安全密钥管理还包括将该部分信息安全地绑定到密钥,其中密钥被加密。
-
公开(公告)号:US20120281836A1
公开(公告)日:2012-11-08
申请号:US13100354
申请日:2011-05-04
申请人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
IPC分类号: H04L9/00
CPC分类号: H04L9/088 , H04L9/0897 , H04L2209/56
摘要: A system for implementing secure key management is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method. The method includes populating a section of information associated with a key, the section being populated with information relating to how the key was created. The method also includes populating the section with information relating to how the key was acquired by a secure module; and binding the section to the key, wherein the key is encrypted.
摘要翻译: 提供了一种实现安全密钥管理的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行实施方法的应用的应用。 该方法包括填充与密钥相关联的一部分信息,该部分填充与如何创建密钥相关的信息。 该方法还包括使用与安全模块如何获取密钥有关的信息来填充该部分; 以及将所述部分绑定到所述密钥,其中所述密钥被加密。
-
公开(公告)号:US08789210B2
公开(公告)日:2014-07-22
申请号:US13100693
申请日:2011-05-04
申请人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
IPC分类号: G06F11/00
CPC分类号: G06F21/602 , H04L9/088 , H04L9/0897
摘要: A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to usage of the key material populating one or more key usage fields that define attributes that limit actions that may be performed with the key material.
摘要翻译: 提供了一种用于安全密钥管理的计算机程序产品。 计算机程序产品包括可由处理电路读取的有形存储介质,并且存储用于由处理电路执行的用于创建令牌并用密钥材料填充令牌的指令,以及将密钥控制信息绑定到密钥材料的指令。 密钥控制信息包括关于填充一个或多个密钥使用字段的密钥材料的使用的信息,所述密钥使用字段定义限制可以用密钥材料执行的动作的属性。
-
公开(公告)号:US20120281839A1
公开(公告)日:2012-11-08
申请号:US13100693
申请日:2011-05-04
申请人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
IPC分类号: H04L9/00
CPC分类号: G06F21/602 , H04L9/088 , H04L9/0897
摘要: A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to usage of the key material populating one or more key usage fields that define attributes that limit actions that may be performed with the key material.
摘要翻译: 提供了一种用于安全密钥管理的计算机程序产品。 计算机程序产品包括可由处理电路读取的有形存储介质,并且存储用于由处理电路执行的用于创建令牌并用密钥材料填充令牌的指令,以及将密钥控制信息绑定到密钥材料的指令。 密钥控制信息包括关于填充一个或多个密钥使用字段的密钥材料的使用的信息,所述密钥使用字段定义限制可以用密钥材料执行的动作的属性。
-
公开(公告)号:US08755527B2
公开(公告)日:2014-06-17
申请号:US13100639
申请日:2011-05-04
申请人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
IPC分类号: H04L9/08
CPC分类号: H04L9/0822 , H04L9/088 , H04L9/0897
摘要: A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to management of the key material populating one or more key management fields that define attributes that limit distribution of the key material.
摘要翻译: 提供了用于安全密钥管理的计算机程序产品。 计算机程序产品包括可由处理电路读取的有形存储介质,并且存储用于由处理电路执行的用于创建令牌并用密钥材料填充令牌的指令,以及将密钥控制信息绑定到密钥材料的指令。 密钥控制信息包括关于填充一个或多个密钥管理字段的密钥材料的管理的信息,所述密钥管理字段定义限制密钥资料分发的属性。
-
公开(公告)号:US08634561B2
公开(公告)日:2014-01-21
申请号:US13100354
申请日:2011-05-04
申请人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Kenneth B. Kerr , Richard V. Kisley , Michael J. Kelly , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Kenneth B. Kerr , Richard V. Kisley , Michael J. Kelly , Eric D. Rossman , Eric B. Smith
IPC分类号: G06F21/00
CPC分类号: H04L9/088 , H04L9/0897 , H04L2209/56
摘要: A system for implementing secure key management is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method. The method includes populating a section of information associated with a key, the section being populated with information relating to how the key was created. The method also includes populating the section with information relating to how the key was acquired by a secure module; and binding the section to the key, wherein the key is encrypted.
摘要翻译: 提供了一种实现安全密钥管理的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行实施方法的应用的应用。 该方法包括填充与密钥相关联的一部分信息,该部分填充与如何创建密钥相关的信息。 该方法还包括使用与安全模块如何获取密钥有关的信息来填充该部分; 以及将所述部分绑定到所述密钥,其中所述密钥被加密。
-
公开(公告)号:US20120281838A1
公开(公告)日:2012-11-08
申请号:US13100639
申请日:2011-05-04
申请人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
IPC分类号: H04L9/00
CPC分类号: H04L9/0822 , H04L9/088 , H04L9/0897
摘要: A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to management of the key material populating one or more key management fields that define attributes that limit distribution of the key material.
摘要翻译: 提供了一种用于安全密钥管理的计算机程序产品。 计算机程序产品包括可由处理电路读取的有形存储介质,并且存储用于由处理电路执行的用于创建令牌并用密钥材料填充令牌的指令,以及将密钥控制信息绑定到密钥材料的指令。 密钥控制信息包括关于填充一个或多个密钥管理字段的密钥材料的管理的信息,所述密钥管理字段定义限制密钥资料分发的属性。
-
公开(公告)号:US20120281837A1
公开(公告)日:2012-11-08
申请号:US13100357
申请日:2011-05-04
申请人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
IPC分类号: H04L9/00
CPC分类号: H04L9/088 , H04L9/0897 , H04L2209/56
摘要: A system for secure key management is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method. The method includes populating a section of information associated with a key, the section of information being populated with information relating to a level of protection of the key accumulated over time. Secure key management further includes securely binding the section of information to the key, wherein the key is encrypted.
摘要翻译: 提供了一种用于安全密钥管理的系统。 该系统包括计算机处理器和被配置为在计算机处理器上执行实施方法的应用的应用。 该方法包括填充与密钥相关联的一部分信息,该部分的信息被填充有与随时间累积的密钥的保护级别相关的信息。 安全密钥管理还包括将该部分信息安全地绑定到密钥,其中密钥被加密。
-
-
-
-
-
-
-
-
-