Device, system, and method for protecting cryptographic keying material
First Claim
1. A method, comprising:
- at an electronic device including a plurality of components housed in an enclosure, the components comprising a data storage unit storing data and a processor configured to execute an application configured to access the data in the data storage unit;
determining a tamper state of the enclosure, the tamper state being one of a secure state in which the enclosure has not been physically tampered or an unsecure state in which the enclosure has been physically tampered;
when the tamper state is the secure state, associating a first value with the application; and
when the tamper state is the unsecure state, associating a second value with the application,wherein the first value is configured to enable access to the data in the data storage unit, andwherein the second value prevents access to the data in the data storage unit.
3 Assignments
0 Petitions
Accused Products
Abstract
A device, system, and method protects cryptographic keying material. The method is performed at an electronic device including a plurality of components housed in an enclosure. The method includes determining a tamper state of the enclosure, the tamper state being one of a secure state in which the enclosure has not been physically tampered or an unsecure state in which the enclosure has been physically tampered. When the tamper state is the secure state, the method includes associating a first value with the application. When the tamper state is the unsecure state, the method includes associating a second value with the application. The first value is configured to enable access to the data in the data storage unit. The second value prevents access to the data in the data storage unit.
-
Citations
20 Claims
-
1. A method, comprising:
-
at an electronic device including a plurality of components housed in an enclosure, the components comprising a data storage unit storing data and a processor configured to execute an application configured to access the data in the data storage unit; determining a tamper state of the enclosure, the tamper state being one of a secure state in which the enclosure has not been physically tampered or an unsecure state in which the enclosure has been physically tampered; when the tamper state is the secure state, associating a first value with the application; and when the tamper state is the unsecure state, associating a second value with the application, wherein the first value is configured to enable access to the data in the data storage unit, and wherein the second value prevents access to the data in the data storage unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An electronic device, comprising:
-
an enclosure; a data storage unit housed in the enclosure, the data storage unit storing data; and a processor configured to execute an application configured to access the data in the data storage unit, the processor further determining a tamper state of the enclosure, the tamper state being one of a secure state in which the enclosure has not been physically tampered or an unsecure state in which the enclosure has been physically tampered, when the tamper state is the secure state, the processor associating a first value with the application, and when the tamper state is the unsecure state, the processor associating a second value with the application, wherein the first value is configured to enable access to the data in the data storage unit, and wherein the second value prevents access to the data in the data storage unit. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method, comprising:
-
at an electronic device including a plurality of components housed in an enclosure, the components comprising a data storage unit storing data and a processor configured to execute an application configured to access the data in the data storage unit; receiving a value from the application, the value being one of a first value and a second value, the first value being indicative of a tamper state of the enclosure being a secure state in which the enclosure has not been physically tampered, the second value being indicative of the tamper state of the enclosure being an unsecure state in which the enclosure has been physically tampered; when the first value is received, unsealing the data storage unit for the application to access the data; and when the second value is received, preventing the application from unsealing the data storage unit.
-
Specification