Kernel cryptographic module signature verification system and method
First Claim
Patent Images
1. A computer system comprising:
- a processor;
a memory storage unit;
an operating system comprising a kernel, said kernel comprising a plurality of kernel modules, said kernel modules comprising signature information; and
a kernel module signature verification system for verifying said kernel module signature information of each of said plurality of kernel modules as said plurality of kernel modules are loaded into said kernel.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer operating system having a kernel with a kernel module signature verification unit is described herein. The kernel module signature verification unit automatically monitors kernel module signature path and extracts the signature information provided by each module attempting to load to the kernel. The signature information captured from the kernel module path is retrieved by a kernel cryptographic framework to verify the signature information provided by a kernel cryptographic framework daemon when the same kernel module attempts to register its routines and mechanisms with the kernel cryptographic framework.
53 Citations
36 Claims
-
1. A computer system comprising:
-
a processor;
a memory storage unit;
an operating system comprising a kernel, said kernel comprising a plurality of kernel modules, said kernel modules comprising signature information; and
a kernel module signature verification system for verifying said kernel module signature information of each of said plurality of kernel modules as said plurality of kernel modules are loaded into said kernel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer operating system comprising:
-
a memory storage unit;
a kernel, said kernel comprising a plurality of kernel modules; and
a kernel module signature verification system for verifying signature information of said plurality of kernel modules. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. In a computer system, a computer software implemented kernel module signature verification system, comprising:
-
kernel cryptographic framework for verifying signatures uniquely defining each of a plurality of kernel cryptographic modules; and
kernel cryptographic framework daemon for performing module verification for each of said plurality of kernel cryptographic modules. - View Dependent Claims (26, 27, 28, 29, 30)
-
-
31. A method of verifying and authenticating kernel cryptographic modules, said method comprising:
-
providing a kernel cryptographic framework for verifying signature data in each of a plurality of kernel cryptographic modules; and
providing a kernel cryptographic framework for communicating with said kernel cryptographic framework for performing module verification of said plurality of kernel cryptographic modules. - View Dependent Claims (32, 33, 34, 35, 36)
-
Specification