Apparatus for control of cryptography implementations in third party applications
First Claim
1. An apparatus, implemented in a computer-readable medium, having modules for executing controlled modular cryptography in a processor of a computer, the apparatus comprising:
- a base executable programmed to be executable on the processor, the base executable manufactured under the control of a trusted authority and comprising a loader module for dynamically linking one or more modules with the base executable to operate as an integrated portion of the base executable;
a third party vendor engine module dynamically linkable with the base executable to be executable on the processor to operate selected cryptographic executables for an application operably associated with the computer; and
the loader which utilizes a verification mechanism to verify that the engine module'"'"'s use of cryptographic capability is within a predetermined scope.
8 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method provide a controlled, dynamically loaded, modular, cryptographic implementation for integration of flexible policy implementations on policy engines, and the like, into a base executable having at least one slot. The base executable may rely on an integrated loader to control loading and linking of fillers and submodules. A policy module may be included for use in limiting each module'"'"'s function, access, and potential for modification or substitution. The policy may be implemented organically within a manager layer or may be modularized further in an underlying engine layer as an independent policy, or as a policy created by a policy engine existing in an engine layer. The policy module is subordinate to the manager module in the manager layer in that the manager module calls the policy module when it is needed by the manager module. The policy module is preferably dynamically linkable, providing flexibility, and is layered deeper within the filler module than the manager module.
80 Citations
14 Claims
-
1. An apparatus, implemented in a computer-readable medium, having modules for executing controlled modular cryptography in a processor of a computer, the apparatus comprising:
-
a base executable programmed to be executable on the processor, the base executable manufactured under the control of a trusted authority and comprising a loader module for dynamically linking one or more modules with the base executable to operate as an integrated portion of the base executable;
a third party vendor engine module dynamically linkable with the base executable to be executable on the processor to operate selected cryptographic executables for an application operably associated with the computer; and
the loader which utilizes a verification mechanism to verify that the engine module'"'"'s use of cryptographic capability is within a predetermined scope. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus, implemented in a computer-readable medium, having modules for executing controlled modular cryptography in a processor of a computer, the apparatus comprising:
-
a base executable programmed to be executable on the processor, the base executable manufactured under the control of a trusted authority and comprising a loader module for dynamically linking one or more modules with the base executable to operate as an integrated portion of the base executable;
a third party vendor engine module dynamically linkable with the base executable to be executable on the processor to operate selected cryptographic executables for an application operably associated with the computer; and
the loader which utilizes a hierarchal chain of certificates to verify that the engine module'"'"'s use of cryptographic capability is within a predetermined scope.
-
-
14. An apparatus, implemented in a computer-readable medium, having modules for executing controlled modular cryptography in a processor of a computer, the apparatus comprising:
-
a base executable programmed to be executable on the processor, the base executable manufactured under the control of a trusted authority and comprising a loader module for dynamically linking one or more modules with the base executable to operate as an integrated portion of the base executable;
a third party vendor engine module dynamically linkable with the base executable to be executable on the processor to operate selected cryptographic executables for an application operably associated with the computer; and
the loader which utilizes a policy to verify that the engine module'"'"'s use of cryptographic capability is within a predetermined scope.
-
Specification