System and Method for Enterprise Security Including Symmetric Key Protection
First Claim
Patent Images
1. A computer executable method for deploying a symmetric key in a software application comprising the steps of:
- installing a software application in a computer system;
generating an application-base-secret wherein the application-base-secret is accessible by all installations of the software application;
generating an application-keypair wherein the application-keypair is accessible by all installations of the software application;
generating an instance-base-secret wherein the instance-base-secret is accessible by only one installation of the software application;
encrypting the instance-base-secret using the private key from the application-keypair;
generating an instance-keypair wherein the instance-keypair is accessible by only one installation of the software application;
creating a digital certificate using the public key from the instance-keypair;
creating a digital signature of the encrypted instance-base-secret with the private key of the instance-keypair; and
removing the private key of the instance-keypair from the installation of the software application so that the encrypted instance-base-secret and the digital signatures of the instance-base-secret is read-only.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for enterprise security including symmetric key protection. In accordance with an embodiment, the system provides a higher level of protection against unauthorized key disclosure by encrypting randomly generated seed data used for key generation, and using digital signatures and asymmetric encryption.
30 Citations
5 Claims
-
1. A computer executable method for deploying a symmetric key in a software application comprising the steps of:
-
installing a software application in a computer system; generating an application-base-secret wherein the application-base-secret is accessible by all installations of the software application; generating an application-keypair wherein the application-keypair is accessible by all installations of the software application; generating an instance-base-secret wherein the instance-base-secret is accessible by only one installation of the software application; encrypting the instance-base-secret using the private key from the application-keypair; generating an instance-keypair wherein the instance-keypair is accessible by only one installation of the software application; creating a digital certificate using the public key from the instance-keypair; creating a digital signature of the encrypted instance-base-secret with the private key of the instance-keypair; and removing the private key of the instance-keypair from the installation of the software application so that the encrypted instance-base-secret and the digital signatures of the instance-base-secret is read-only. - View Dependent Claims (2, 3, 4, 5)
-
Specification