SECURE ISLAND COMPUTING SYSTEM AND METHOD
First Claim
1. A method for generating an n-bit result comprising:
- receiving, by a secure containment device (SCD), a request to generate the n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier and wherein the request is sent from an application executing on a host system using a first input/output (I/O) interface;
disabling, by the SCD, all I/O interfaces on the SCD between the host system and the SCD after receiving the request from the host system;
after disabling all the I/O interfaces on the SCD between the host system and the SCD;
providing, by the SCD, the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface;
receiving, by the SCD, the n-bit result from the secured hardware token over the second I/O interface;
enabling, by the SCD, at least the first I/O interface after the n-bit result is generated; and
providing by the SCD, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for generating an n-bit result includes a secured containment device (SCD) receiving a request to generate the n-bit result. The request includes an n-bit generator input and a master secret identifier. The request is sent from an application executing on a host system using an input/output (I/O) interface. The SCD disables all I/O interfaces on the SCD between the host system and the SCD. After disabling all the I/O interfaces on the SCD between the host system and the SCD, the SCD provides the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface, receives the n-bit result from the secured hardware token over the second I/O interface, enables at least the first I/O interface after the n-bit result is generated, and provides, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.
37 Citations
15 Claims
-
1. A method for generating an n-bit result comprising:
-
receiving, by a secure containment device (SCD), a request to generate the n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier and wherein the request is sent from an application executing on a host system using a first input/output (I/O) interface; disabling, by the SCD, all I/O interfaces on the SCD between the host system and the SCD after receiving the request from the host system; after disabling all the I/O interfaces on the SCD between the host system and the SCD; providing, by the SCD, the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface; receiving, by the SCD, the n-bit result from the secured hardware token over the second I/O interface; enabling, by the SCD, at least the first I/O interface after the n-bit result is generated; and providing by the SCD, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer readable medium comprising instructions, which when executed perform a method, the method comprising:
-
receiving, by a secure containment device (SCD), a request to generate an n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier and wherein the request is sent from an application executing on a host system using a first input/output (I/O) interface; disabling, by the SCD, all I/O interfaces on the SCD between the host system and the SCD after receiving the request from the host system; after disabling all the I/O interfaces on the SCD between the host system and the SCD; providing, by the SCD, the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface; receiving, by the SCD, the n-bit result from the secured hardware token over the second I/O interface; enabling, by the SCD, at least the first I/O interface after the n-bit result is generated; and providing by the SCD, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.
-
-
8. A secure containment device (SCD), comprising:
-
a first input/out (I/O) interface connected to a host system; a second I/O interface connected to a secured hardware token; a processor; a memory connected to the processor, comprising instructions, when executed by the processor perform a method, the method comprising; receiving, from an application on the host system over the first I/O interface, a request to generate an n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier; disabling, by the SCD, the first I/O interface; after disabling the first I/O interface; providing the n-bit generator input and the master secret identifier to the secured hardware token over the second I/O interface; receiving the n-bit result from the secured hardware token over the second I/O interface; enabling the first I/O interface after the n-bit result is generated; and providing, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A secure containment device (SCD), comprising:
-
a first input/out (I/O) interface connected to a host system; a second I/O interface connected to a secured hardware token; an integrated circuit configured to; receive, from an application on the host system over the first I/O interface, a request to generate an n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier; disable, by the SCD, the first I/O interface; after disabling the first I/O interface; provide the n-bit generator input and the master secret identifier to the secured hardware token over the second I/O interface; receive the n-bit result from the secured hardware token over the second I/O interface; enable the first I/O interface after the n-bit result is generated; and
provide, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.
-
Specification