Dynamic classes of service for an international cryptography framework
First Claim
1. A method for validating that an application rightfully executes a certain class of service, comprising the steps of:
- either defining classes of service with an application domain authority or creating classes of service with a security domain authority;
wherein said classes of service are validated by said security domain authority which has policies defined to meet said security domain authorities'"'"' security interests and requirements, where said class of service has a unique identification that is not reused by said security domain authority;
granting said level of authority from said application domain authority in the form of a certificate containing valid classes of services; and
tightly binding said application to said certificate.
1 Assignment
0 Petitions
Accused Products
Abstract
An international cryptography framework (ICF) allows manufacturers to comply with varying national laws governing the distribution of cryptographic capabilities. The invention is concerned primarily with the application certification aspects of the framework where an application that requests cryptographic services from the ICF service elements is identified through some form of certificate to protect against the misuse of a granted level of cryptography. The levels of cryptography granted are described via security policies and expressed as classes of service. A cryptographic unit, one of the ICF core elements, can be used to build several certification schemes for application objects. The invention provides various methods that determine the strength of binding between an application code image and the issued certificates within the context of the ICF elements. A key element with regard to the exercise of a cryptographic function concerns the special requirements for the trust relation that an authority specifies for the cryptographic unit. Any function exercised by the cryptographic unit must be controllable by the associated class of service which represents the security policy. Touchpointing, both in the application and the firmware elements inside the cryptographic unit, plays a key role in exercising control over the functioning of these modules. Another fundamental requirement of the ICF architecture is that the application is assured of the integrity of the cryptographic unit from which it is receiving services. Thus, the invention also provides methods that allow a determination of whether or not the cryptographic unit has been replaced or tampered with.
-
Citations
60 Claims
-
1. A method for validating that an application rightfully executes a certain class of service, comprising the steps of:
-
either defining classes of service with an application domain authority or creating classes of service with a security domain authority; wherein said classes of service are validated by said security domain authority which has policies defined to meet said security domain authorities'"'"' security interests and requirements, where said class of service has a unique identification that is not reused by said security domain authority; granting said level of authority from said application domain authority in the form of a certificate containing valid classes of services; and tightly binding said application to said certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. An apparatus for validating that an application rightfully executes a certain class of service, comprising:
-
an application domain authority for granting a level of authority in the form of a certificate containing valid classes of service; means for either creating classes of service with a security domain authority or for defining classes of service with said application domain authority, where said classes of service are validated by said security domain authority which has policies defined to meet said security domain authorities'"'"' security interests and requirements, where said class of service has a unique identification that is not reused by said security domain authority; and means for tightly binding said application to said certificate. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
-
Specification