SECURE ASYMMETRIC KEY APPLICATION DATA SHARING
First Claim
1. A method for secure data sharing between applications, comprising:
- retrieving an encrypted master key from a shared memory, the shared memory comprising a memory area for secure data sharing among a plurality of single sign on applications;
decrypting the encrypted master key using an access interval key to provide a master key, the access interval key being encrypted by at least one public key of at least one of the plurality of single sign on applications and stored in the shared memory during a current sign on session;
retrieving at least one encrypted shared data element from the shared memory; and
decrypting the at least one encrypted shared data element using the master key, wherein the at least one encrypted shared data element comprises a data element shared between the plurality of single sign on applications.
4 Assignments
0 Petitions
Accused Products
Abstract
To establish a sign on session among single sign on (SSO)-enabled applications, a user can be prompted by an application for an access code. An access interval key can be generated using a key derivative function based on the access code. The access interval key can be considered a session key, and it can be used during a valid SSO session to decrypt a master key stored in a shared memory. In turn, the master key can be used to encrypt and decrypt the contents of the shared memory. To securely distribute the access interval key among the SSO-enabled applications during a current session, individual SSO-enabled applications can each store a public key in the shared memory. The access interval key can then be encrypted, respectively, by the public keys of the SSO-enabled applications and stored in the shared memory to be retrieved securely by the SSO-enabled applications.
-
Citations
20 Claims
-
1. A method for secure data sharing between applications, comprising:
-
retrieving an encrypted master key from a shared memory, the shared memory comprising a memory area for secure data sharing among a plurality of single sign on applications; decrypting the encrypted master key using an access interval key to provide a master key, the access interval key being encrypted by at least one public key of at least one of the plurality of single sign on applications and stored in the shared memory during a current sign on session; retrieving at least one encrypted shared data element from the shared memory; and decrypting the at least one encrypted shared data element using the master key, wherein the at least one encrypted shared data element comprises a data element shared between the plurality of single sign on applications. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium embodying program code executable in at least one computing device for secure data sharing between applications that, when executed by the at least one computing device, directs the at least one computing device to at least:
-
retrieve an encrypted master key from a shared memory, the shared memory comprising a memory area for secure data sharing among a plurality of single sign on applications; decrypt the encrypted master key using an access interval key to provide a master key, the access interval key being encrypted by at least one public key of at least one of the plurality of single sign on applications and stored in the shared memory during a current sign on session; retrieve at least one encrypted shared data element from the shared memory; and decrypt the at least one encrypted shared data element using the master key, wherein the at least one encrypted shared data element comprises a data element shared between the plurality of single sign on applications. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for secure data sharing between applications, comprising:
-
a memory device configured to store computer-readable instructions thereon; and at least one processing device configured, through execution of the computer-readable instructions, to; retrieve an encrypted master key from a shared memory, the shared memory comprising a memory area for secure data sharing among a plurality of single sign on applications; decrypt the encrypted master key using an access interval key to provide a master key, the access interval key being encrypted by at least one public key of at least one of the plurality of single sign on applications and stored in the shared memory during a current sign on session; retrieve at least one encrypted shared data element from the shared memory; and decrypt the at least one encrypted shared data element using the master key, wherein the at least one encrypted shared data element comprises a data element shared between the plurality of single sign on applications. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification