Cryptographic policy filters and policy control method and apparatus
First Claim
1. A policy filter for configuring an application program to use allowable cryptographic capabilities of a cryptographic module, comprising:
- means for receiving an indication of a plurality of cryptographic capability of a cryptographic module;
means responsive to a policy file for determining cryptographic capabilities allowable to be used by the application program; and
means for providing an indication of the allowable cryptographic capabilities to a location accessible by the application program.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus for an integrated dynamic encryption and/or decryption for use in an application includes a policy filter, a policy filter module coupled to said policy filter, a service module coupled to said policy filter, and a cryptographic module, where the apparatus retrieves the cryptographic module and configures the policy filter in accordance with the cryptographic module and the policy filter module performs a plurality of verification upon the cryptographic module, and further where the service module is configured to generate a plurality of cipher suites and the policy filter is configured to filter the plurality of cipher suites in accordance with a predetermined policy filter parameters to generate a plurality of filtered cipher suites.
Moreover, an apparatus for an integrated dynamic encryption and/or decryption for use in an application includes storage means for storing a plurality of predetermined attributes and corresponding values, and a digital signature, a controller for controlling selective retrieval of said plurality of attributes and values, and said digital signature from said storage means, processing means for selectively processing said plurality of predetermined attributes and values, and said digital signature and in accordance thereto, providing a supportable encryption and/or decryption level to said application, compression means for compressing said plurality of attributes and values and in accordance thereto generating a compressed plurality of attributes and values for storing in said storage means, and decompressing means for decompressing said compressed plurality of attributes and values in accordance to said controller retrieving said compressed plurality of attributes and values.
-
Citations
3 Claims
-
1. A policy filter for configuring an application program to use allowable cryptographic capabilities of a cryptographic module, comprising:
-
means for receiving an indication of a plurality of cryptographic capability of a cryptographic module;
means responsive to a policy file for determining cryptographic capabilities allowable to be used by the application program; and
means for providing an indication of the allowable cryptographic capabilities to a location accessible by the application program.
-
-
2. The system of
claim 2 wherein said allowable capabilities to be used by the application program includes a plurality of cipher suites.
-
3. The system of
claim 3 wherein said plurality of cipher suites include encryption algorithms, key sizes, and parameters indicative of the type and the strength of a plurality of cryptographic operations.
Specification