System and method for security of computing devices
First Claim
1. A method of sending a secure message between a first application program and a second application program by restricting the use of a cryptographic key to the first application program and the second application program, said first application program and the second application program running on a device, comprising:
- providing a first key known to a cryptographic processing module;
providing an application container data structure that contains a cryptographically sealed form of the data for the first application program and second application program to access;
performing a cryptographic gatekeeping function that computes a cryptographic digest of a portion of an in-memory image of at least one of the first application program and second application program;
performing an integrity-check by the cryptographic processing module by examining the application container data structure, the cryptographic digest, and the first key to determine if at least one of the first application program and second application program is allowed to unseal the cryptographically sealed form of the data; and
authenticating, by the first application program, the secure message sent by the second application using the application container data structure.
2 Assignments
0 Petitions
Accused Products
Abstract
System and method for securing a computing device using a master cryptographic key that is bound to the device. The master key is used to derive sensitive data that is transferred to storage that is only accessible in a restricted mode of operation. The master key is used to derive one or more application keys that are used to secure data that is specific to an application/device pair. Non-privileged programs can request functions that run in a more restricted mode to use these application keys. The restricted mode program checks the integrity of the non-privileged calling program to insure that it has the authority and/or integrity to perform each requested operation. One or more device authority servers may be used to issue and manage both master and application keys.
358 Citations
20 Claims
-
1. A method of sending a secure message between a first application program and a second application program by restricting the use of a cryptographic key to the first application program and the second application program, said first application program and the second application program running on a device, comprising:
-
providing a first key known to a cryptographic processing module;
providing an application container data structure that contains a cryptographically sealed form of the data for the first application program and second application program to access;
performing a cryptographic gatekeeping function that computes a cryptographic digest of a portion of an in-memory image of at least one of the first application program and second application program;
performing an integrity-check by the cryptographic processing module by examining the application container data structure, the cryptographic digest, and the first key to determine if at least one of the first application program and second application program is allowed to unseal the cryptographically sealed form of the data; and
authenticating, by the first application program, the secure message sent by the second application using the application container data structure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for sending a secure message between a first application program and a second application program by restricting the use of a cryptographic key to the first application program and the second application program running on a device of said system, comprising:
-
a memory containing instruction sequences, a first key that is known to a cryptographic processing module, and an application container data structure that contains a cryptographically sealed form of the data for the first application program and second application program to access; and
,a processor, coupled to the memory, said processor to execute the cryptographic processing module, said instruction sequences to cause the processor to;
compute a cryptographic digest of a portion of an in-memory image of at least one of the first application program and second application program;
perform an integrity-check by the cryptographic processing module by examining the application container data structure, the cryptographic digest, and the first key to determine if at least one of the first application program and second application program is allowed to unseal the cryptographically sealed form of the data; and
authenticate, by the first application program, the secure message sent by the second application using the application container data structure. - View Dependent Claims (10, 11, 12)
-
-
13. A system of authenticating a device and an application program that is running on the device, said system comprising:
-
a hidden storage containing a first key;
a memory for storing instruction sequences; and
a processor, coupled to the hidden storage and the memory, said instruction sequences to cause the processor to;
execute a cryptographic gatekeeper module that runs in a restricted mode and computes a cryptographic digest of a portion of the application program; and
authenticate the device and the application program using the first key and the cryptographic digest. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification