System and method for interfacing a software process to secure repositories

US 7,051,200 B1
Filed: 06/27/2000
Issued: 05/23/2006
Est. Priority Date: 06/27/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method of facilitating the use of a software process with one of a plurality of secure repositories, said method comprising the acts of:

providing an interface, said interface being callable by said software process;

if said one of said plurality of secure repositories is said first of said plurality of secure repositories, providing a first set of computer-executable instructions which are invocable by said callable interface; and

if said one of said plurality of secure repositories is said second of said plurality of secure repositories, providing a second set of computer-executable instructions which are invocable by said callable interface, said second set of computer-executable instructions being different from said first set of computer-executable instructions, wherein said first of said plurality of secure repositories comprises a software module that uses a cryptographic algorithm to apply a cryptographic key to data without said cryptographic key being accessible to said cryptographic algorithm applied by said first of said plurality of secure repositories, and wherein said second of said plurality of secure repositories comprises a hardware module that uses said cryptographic algorithm to apply said cryptographic key to data, said hardware module further comprising hardware that resists or prevent divulgence of said cryptographic key outside of said hardware module.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure repository individualized for a hardware environment and a method and system for providing the same. The secure repository includes a hidden cryptographic key and code that applies the key without requiring access to a copy of the key. The code that implements the secure repository is generated in a manner that is at least partly based on a hardware ID associated with the hardware environment in which the secure repository is to be installed, and may also be based on a random number. Cryptographic functions implemented by the secure repository include decryption of encrypted information and validation of cryptographically signed information. The secure repository may be coupled to an application program, which uses cryptographic services provided by the secure repository, by way of a decoupling interface that provides a common communication and authentication interface for diverse types of secure repositories. The decoupling interface may take the form of a single application programmer interface (API) usable with multiple dynamically linkable libraries.

215 Citations

39 Claims

1. A method of facilitating the use of a software process with one of a plurality of secure repositories, said method comprising the acts of:
- providing an interface, said interface being callable by said software process;
  
  if said one of said plurality of secure repositories is said first of said plurality of secure repositories, providing a first set of computer-executable instructions which are invocable by said callable interface; and
  
  if said one of said plurality of secure repositories is said second of said plurality of secure repositories, providing a second set of computer-executable instructions which are invocable by said callable interface, said second set of computer-executable instructions being different from said first set of computer-executable instructions, wherein said first of said plurality of secure repositories comprises a software module that uses a cryptographic algorithm to apply a cryptographic key to data without said cryptographic key being accessible to said cryptographic algorithm applied by said first of said plurality of secure repositories, and wherein said second of said plurality of secure repositories comprises a hardware module that uses said cryptographic algorithm to apply said cryptographic key to data, said hardware module further comprising hardware that resists or prevent divulgence of said cryptographic key outside of said hardware module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein said one of said secure repositories converts encrypted data to decrypted data by using said cryptographic algorithm to apply said cryptographic key to said encrypted data, and wherein said software process performs an operation on said decrypted data.
  - 3. The method of claim 2, wherein said operation comprises rendering said decrypted data.
  - 4. The method of claim 1, wherein said first or said second sets of computer-executable instructions is provided in the form of an executable file dynamically linkable with said software process.
  - 5. The method of claim 1, wherein said interface comprises a first function callable by said software process, said first function being parameterized by first data representative of a type of secure repository.
  - 6. The method of claim 5, wherein said interface is callable by said software process without regard to whether said one of said plurality of secure repositories is said first of said plurality of secure repositories or said second of said plurality of secure repositories.
  - 7. The method of claim 1, wherein said interface comprises a second function callable by said software process, said second function requesting that said secure repository perform at least one action.
  - 8. The method of claim 1, wherein said first of said plurality of secure repositories executes on a closed-platform device, and wherein said second of said plurality of secure repositories executes on an open-platform device.

9. A method of communicating between a software process and a one of a plurality of secure repositories, said method comprising the acts of:
- said software process issuing a first interface call which authenticates said software process to said one of said plurality of secure repositories; and
  
  said software process issuing a second interface call which requests performance of an action by said secure repository for said software process;
  
  wherein said software process issues said first and second interface calls without regard to whether said one of said plurality of secure repositories is a first of said plurality of secure repositories or a second of said plurality of secure repositories, wherein said first of said plurality of secure repositories comprises a software module that uses a cryptographic algorithm to apply a cryptographic key to data without said cryptographic key being stored in a memory accessible to said cryptographic algorithm.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 10. The method of claim 9, wherein said secure repository converts encrypted data to decrypted data using said cryptographic algorithm to apply a cryptographic key to said encrypted data, and wherein said software process performs an operation on said decrypted data.
  - 11. The method of claim 10, wherein said operation comprises rendering said decrypted data.
  - 12. The method of claim 9, wherein said first secure repository comprises a software-based secure repository, and wherein said second secure repository comprises at least some isolated hardware that uses said cryptographic algorithm to apply said cryptographic key to data and that resists or prevent divulgence of said cryptographic key outside of said second secure repository.
  - 13. The method of claim 9, wherein each of said first and second secure repositories are software-based repositories, said first secure repository having at least one feature not present in said second secure repository.
  - 14. The method of claim 9, wherein said one of said plurality of secure repositories is said first of said plurality of secure repositories, and wherein said software process issues said first and second interface calls without regard to whether said second repository exists.
  - 15. The method of claim 9, wherein said first interface call is parameterized by first data representing a first type of secure repository, and wherein said first and said second of said plurality of secure repositories are each of said first type.
  - 16. The method of claim 15, wherein said software process performs a second action if said one of said plurality of repositories is either said first or said second of said plurality of secure repositories, and wherein said software process does not perform said second action if said one of said plurality of secure repositories is a third of said plurality of secure repositories, said third of said plurality of secure repositories being of a second type different from said first type.
  - 17. The method of claim 9, farther comprising the acts of:
    - dynamically linking to said software process a first set of computer-executable instructions, if said one of said plurality of repositories is said first of said plurality of secure repositories; and
      
      dynamically linking to said software process a second set of computer-executable instructions different from said first set of computer-executable instructions, if said one of said plurality of secure repositories is said second of said plurality of secure repositories.
  - 18. The method of claim 9, further comprising the act of said software process receiving second data in response to said second interface call, said second data being generated by said one of said plurality of secure repositories, wherein said second data does not expose to said software process whether said data was generated by said first secure repository or said second secure repository.
  - 19. A computer-readable medium encoded with computer-executable instructions to perform the method of claim 9.

20. A secure repository comprising:
- a first set of computer-executable instructions which converts encrypted data into decrypted data by applying a cryptographic key to said encrypted data without said cryptographic key being accessible to said first set of computer-executable instructions during the time that said first set of computer-executable instructions applies said cryptographic key; and
  
  a second set of computer-executable instructions which provides said decrypted data to a software process if said secure repository trusts said software process;
  
  wherein said secure repository establishes trust of said software process at least in part by establishing trust with an intermediate object, said intermediate object comprising a third set of computer-executable instructions dynamically linked to said software process.
- View Dependent Claims (21, 22, 23, 24)
- - 21. The secure repository of claim 20, wherein said software process renders said decrypted data.
  - 22. The secure repository of claim 20, further comprising a fourth set of computer-executable instructions which establishes trust with said intermediate object, said fourth set of computer-executable instructions including instructions to perform acts comprising:
    - receiving from said intermediate object first data comprising;
      
      second data based at least in part on at least some code contained in said intermediate object; and
      
      a signature of said second data; and
      
      validating said signature.
  - 23. The secure repository of claim 22, wherein said second data comprises a hash of said at least some code.
  - 24. The secure repository of claim 22, wherein said fourth set of computer-executable instructions further performs acts comprising:
    - receiving from said intermediate object second data based at least in part on code contained in said software process.

25. A method of communicating with one of a plurality of secure repositories, said method comprising the acts of:
- issuing a first interface call without regard to whether said one of said plurality of secure repositories is a first of said plurality of secure repositories or a second of said plurality of secure repositories;
  
  if said one of said plurality of secure repositories is said first of said plurality of secure repositories, dynamically linking with a first set of computer-executable instructions invocable by said first interface call; and
  
  if said one of said plurality of secure repositories is said second of said plurality of secure repositories, dynamically linking with a second set of computer-executable instructions invocable by said first interface call, said second said of computer-executable instructions being different from said first set of computer-executable instructions, wherein said first of said plurality of secure repositories comprises a software module that uses a cryptographic algorithm to apply a cryptographic key to data without said cryptographic key being accessible to said cryptographic algorithm.
- View Dependent Claims (26, 27, 28, 29)
- - 26. The method of claim 25, wherein each of said plurality of secure repositories converts encrypted data to decrypted data using said cryptographic algorithm to apply said cryptographic key to said encrypted data.
  - 27. The method of claim 25, wherein said first secure repository comprises a software-based secure repository, and wherein said second secure repository comprises at least some isolated hardware.
  - 28. The method of claim 25, wherein each of said first and second secure repositories are software-based repositories, said first secure repository having at least one feature not present in said second secure repository.
  - 29. A computer-readable medium encoded with a second set of computer-executable instructions to perform the method of claim 25.

30. A method of authenticating a first software process to a second software process, said method comprising the acts of:
- establishing to said second software process the authenticity of an intermediary object; and
  
  using said intermediary object to establish to said second software process the authenticity of said first software process;
  
  wherein said second software process converts encrypted data to decrypted data by using a cryptographic algorithm to apply a cryptographic key to said encrypted data without said cryptographic key being accessible to said second software process during a time that said second software process is applying said cryptographic key, and wherein said first software process performs an operation on said decrypted data.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39)
- - 31. The method of claim 30, wherein said operation comprises rendering said decrypted data.
  - 32. The method of claim 31, wherein said first software process is a text-rendering application, and wherein said decrypted data comprises text.
  - 33. The method of claim 30, wherein said intermediary object comprises a set of computer-executable instructions having a first function callable from said first software process, and wherein the act of establishing to said second software process the authenticity of said intermediary object includes, or is actuated by, the act of said first software process calling said first function.
  - 34. The method of claim 33, wherein said act of establishing to said second software process the authenticity of said intermediary object includes the act of providing said second software process with a certificate based at least in part on said set of computer-executable instructions.
  - 35. The method of claim 34, wherein said certificate comprises a signed hash of at least some of said computer-executable instructions.
  - 36. The method of claim 33, wherein said intermediary object is in the address space of said first software process, and wherein said first function is referenceable by an address within said address space.
  - 37. The method of claim 33, wherein said set of computer-executable instructions is dynamically linkable with said first software process, and wherein said method further comprises the act of linking said set of computer-executable instructions with said first software process.
  - 38. The method of claim 30, wherein said intermediary object comprises a set of computer-executable instructions having a first function callable from said first software process, and wherein said act of using said intermediary object to establish to said second software process the authenticity of said first software process includes, or is actuated by, the act of said first software process issuing a call to said first function.
  - 39. A computer-readable medium encoded with a second set of computer-executable instructions to perform the method of claim 30.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Krishnaswamy, Vinay, Jakubowski, Mariusz H., Marr, Michael David, Manferdelli, John L.
Primary Examiner(s)
Arani, Taghi T.

Application Number

US09/604,518
Time in Patent Office

2,156 Days
Field of Search

705/57, 717/162, 717/163, 713/153, 713/193, 713/194
US Class Current

713/153
CPC Class Codes

G06F 21/1011 to devices

G06F 21/6218 to a system of files or obj...

System and method for interfacing a software process to secure repositories

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

215 Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for interfacing a software process to secure repositories

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

215 Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links