Computer architecture for an electronic device providing a secure file system
First Claim
1. A method for providing a secure file service, comprising:
- receiving at a cryptographic processor a request from a secure user processor for a classified data file;
responsive to said request, accessing with said cryptographic processor a secure file system containing said classified data file;
decrypting said classified data file with said cryptographic processor; and
serving said classified data file to said secure user processor in decrypted form.
5 Assignments
0 Petitions
Accused Products
Abstract
A secure file service includes a cryptographic processor (302, 602) and a secure file system (301, 601). The cryptographic processor is comprised of a trusted microprocessor and a trusted operating system executing on the trusted cryptographic processor. The cryptographic processor includes hardware and software for accessing at least one classified data file from the secure file system, decrypting the classified data file, and serving the classified data file in decrypted form to a secure user processor (402, 502, 702) that has requested the file. The secure file system can be either a single-level secure file system (301) or a multi-level secure file system (601).
76 Citations
28 Claims
-
1. A method for providing a secure file service, comprising:
-
receiving at a cryptographic processor a request from a secure user processor for a classified data file;
responsive to said request, accessing with said cryptographic processor a secure file system containing said classified data file;
decrypting said classified data file with said cryptographic processor; and
serving said classified data file to said secure user processor in decrypted form. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 24)
-
-
15. A system for providing a secure file service, comprising:
-
a cryptographic processor comprising means for encrypting and decrypting a classified data file;
a secure file system hosted by said cryptographic processor containing classified data files and accessible exclusively to said cryptographic processor; and
wherein said cryptographic processor comprises processing means responsive to a secure user processor distinct from said cryptographic processor for accessing at least one classified data file from said secure file system, decrypting said classified data file, and serving said classified data file to said secure user processor in decrypted form. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 25, 26, 27, 28)
-
Specification