System and method for secure storage of data using a key
First Claim
Patent Images
1. A method comprising:
- receiving a data structure to be encrypted, wherein the data structure includes content along with a statement of conditions under which the content may be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted; and
encrypting the content using a key.
1 Assignment
0 Petitions
Accused Products
Abstract
In one aspect, a data structure to be encrypted is received in a device, the data structure including content along with a statement of conditions under which the content may be decrypted. The data structure is encrypted using a symmetric key of a processor of the device. In another aspect, a data structure is decrypted using a processor symmetric key. A statement of conditions under which content in the data structure can be decrypted is obtained, and testing is performed as to whether the conditions are satisfied. The decrypted content is returned only if the conditions are satisfied.
-
Citations
15 Claims
-
1. A method comprising:
-
receiving a data structure to be encrypted, wherein the data structure includes content along with a statement of conditions under which the content may be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted; and
encrypting the content using a key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
means for obtaining a block of data to be encrypted, a current operating system identity, and a target operating system identity; and
means for invoking a seal operation to have the block of data encrypted by a processor of the system using a symmetric key of the processor. - View Dependent Claims (9)
-
-
10. A system comprising:
-
means for invoking an unseal operation in order to have a data block decrypted using a key; and
means for receiving, in response to invoking the unseal operation, the decrypted data block only if conditions under which content in the data block can be decrypted are satisfied. - View Dependent Claims (11, 12, 13, 14, 15)
-
Specification