System and Method for Enterprise Security Including Symmetric Key Protection
First Claim
Patent Images
1. A computer executable method for deploying a symmetric key in a software application comprising the steps of:
- installing a software application in a computer system;
generating an application-base-secret wherein the application-base-secret is accessible by all installations of the software application;
generating an application-keypair wherein the application-keypair is accessible by all installations of the software application;
generating an instance-base-secret wherein the instance-base-secret is accessible by only one installation of the software application;
encrypting the instance-base-secret using the private key from the application-keypair;
generating an instance-keypair wherein the instance-keypair is accessible by only one installation of the software application;
creating a digital certificate using the public key from the instance-keypair;
creating a digital signature of the encrypted instance-base-secret with the private key of the instance-keypair; and
removing the private key of the instance-keypair from the installation of the software application so that the encrypted instance-base-secret and the digital signatures of the instance-base-secret is read-only.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for enterprise security including symmetric key protection. In accordance with an embodiment, the system provides a higher level of protection against unauthorized key disclosure by encrypting randomly generated seed data used for key generation, and using digital signatures and asymmetric encryption.
30 Citations
5 Claims
-
1. A computer executable method for deploying a symmetric key in a software application comprising the steps of:
-
installing a software application in a computer system; generating an application-base-secret wherein the application-base-secret is accessible by all installations of the software application; generating an application-keypair wherein the application-keypair is accessible by all installations of the software application; generating an instance-base-secret wherein the instance-base-secret is accessible by only one installation of the software application; encrypting the instance-base-secret using the private key from the application-keypair; generating an instance-keypair wherein the instance-keypair is accessible by only one installation of the software application; creating a digital certificate using the public key from the instance-keypair; creating a digital signature of the encrypted instance-base-secret with the private key of the instance-keypair; and removing the private key of the instance-keypair from the installation of the software application so that the encrypted instance-base-secret and the digital signatures of the instance-base-secret is read-only. - View Dependent Claims (2, 3, 4, 5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeOracle International Corporation (Oracle Corporation)
-
Original AssigneeBEA Systems Incorporated (Oracle Corporation)
-
InventorsPilipchuk, Denis
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current380/45
-
CPC Class CodesG06F 21/12 Protecting executable softwareG06F 21/6209 to a single file or object,...H04L 9/088 Usage controlling of secret...H04L 9/3247 involving digital signaturesH04L 9/3263 involving certificates, e.g...
