Securing sensitive data in memory
First Claim
1. A method for using sensitive data, said method comprising:
- storing said sensitive data in a secure buffer;
providing a portion of said sensitive data for use, where said portion is less than all of said sensitive data.
2 Assignments
0 Petitions
Accused Products
Abstract
Sensitive data is stored in a secure buffer, and never in an unencrypted, accessible location at any time. The data is accessed only by low-level processor instructions that load only a portion of the data into processor registers. The portion of data can then be used before the next portion of data is transferred from the secure buffer into the processor registers. In some embodiments, only one portion is available at any time. In other embodiments, a number of portions may be available at one time. However, the entirety of the sensitive data is never present in the clear. Thus, the entirety of the sensitive data will never be available if an adversary gains access to the contents of memory.
11 Citations
19 Claims
-
1. A method for using sensitive data, said method comprising:
-
storing said sensitive data in a secure buffer;
providing a portion of said sensitive data for use, where said portion is less than all of said sensitive data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for storing secure data, comprising:
-
a secure buffer for storing sensitive data;
a secure buffer accessor, operably connected to said secure buffer, for accessing said sensitive data, where said secure buffer accessor allows access to only a portion of said sensitive data for use, where said portion is less than all of said sensitive data. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. An application programming interface for accessing sensitive data in a secure buffer, said application program interface for:
accessing a portion of said sensitive data, where said portion is less than all of said sensitive data. - View Dependent Claims (19)
Specification