Method and apparatus for enforcing the separation of computer operations and business management roles in a cryptographic system
First Claim
Patent Images
1. A cryptographic system in a computer system, said cryptographic system comprising:
- at least one server;
a database, said database constructed and arranged to contain sensitive information, said database responsive to signals from one of said at least one server;
a key repository process on one of said at least one server, said key repository having two master keys, said two master keys constructed and arranged to manage information in said database, said key repository further constructed and arranged to authorize access to said sensitive information in said database;
at least one operator, said at least one operator having access to a first of said master keys; and
at least two owners, each of said owners having a portion of a second of said master keys;
wherein said at least operator and at least one of said owners are required to start said key repository process.
3 Assignments
0 Petitions
Accused Products
Abstract
In enterprise computer environments involving sensitive data, it is important that security policy decisions be made and be approved by the appropriate individuals owning the particular policy decision, rather than relegating this function to computer operators. These policy decisions often include the approval of specific programs to act on behalf of the enterprise, exposure of cryptographic secrets, and others affecting risk. The present invention enforces the separation of the functions of computer operator and policy decision owners.
-
Citations
44 Claims
-
1. A cryptographic system in a computer system, said cryptographic system comprising:
-
at least one server;
a database, said database constructed and arranged to contain sensitive information, said database responsive to signals from one of said at least one server;
a key repository process on one of said at least one server, said key repository having two master keys, said two master keys constructed and arranged to manage information in said database, said key repository further constructed and arranged to authorize access to said sensitive information in said database;
at least one operator, said at least one operator having access to a first of said master keys; and
at least two owners, each of said owners having a portion of a second of said master keys;
wherein said at least operator and at least one of said owners are required to start said key repository process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A cryptographic system in a computer system, said cryptographic system comprising:
-
at least one server;
a database, said database constructed and arranged to contain sensitive information, said sensitive information including authentication information for at least one operator and at least two owners, said database responsive to signals from one of said at least one server;
a key repository process on one of said at least one server, said key repository having two master keys, said two master keys constructed and arranged to manage said sensitive information in said database, said key repository further constructed and arranged to retrieve said authentication information from said database;
wherein one of said operators authenticates himself, and at least one owner authenticates himself in order for said key repository process to restart. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 39, 40, 41, 42, 43, 44)
-
-
38. A cryptographic system in a computer system, said cryptographic system comprising:
-
at least one server;
a database, said database constructed and arranged to contain sensitive information, said database responsive to signals from one of said at least one server;
a key repository process on one of said at least one server, said key repository having at least one master key, said at least one master key being constructed and arranged to manage information in said database, said key repository further constructed and arranged to authorize access to said sensitive information in said database;
at least one operator, said at least one operator having access to said at least one master key; and
at least two owners, each of said owners having a portion of a at least one master key;
wherein said at least operator and at least one of said owners are required to start said key repository process.
-
Specification