Saving and retrieving data based on symmetric key encryption
First Claim
1. One or more computer storage readable media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to perform acts comprising:
- invoking an unseal operation in order to have a bit string decrypted, passing the bit string as an input to the unseal operation, the bit string including identifiers of multiple target programs that are allowed to access at least a portion of the decrypted bit string; and
receiving, in response to invoking the unseal operation, the at least a portion of the decrypted bit string only if the plurality of instructions are one of the identified multiple target programs, wherein the data is decrypted using a symmetric cipher.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.
148 Citations
17 Claims
-
1. One or more computer storage readable media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to perform acts comprising:
-
invoking an unseal operation in order to have a bit string decrypted, passing the bit string as an input to the unseal operation, the bit string including identifiers of multiple target programs that are allowed to access at least a portion of the decrypted bit string; and receiving, in response to invoking the unseal operation, the at least a portion of the decrypted bit string only if the plurality of instructions are one of the identified multiple target programs, wherein the data is decrypted using a symmetric cipher. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. One or more computer storage media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to perform acts comprising:
-
invoking an unseal operation in order to obtain data from a sealed bit string, the sealed bit string including identifiers of multiple programs that are allowed to access the data; and receiving, in response to invoking the unseal operation, the data from the sealed bit string only if one or more conditions that are to be satisfied in order for the data to be unsealed are satisfied, the one or more conditions including the plurality of instructions being one of the identified multiple programs. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
invoking an unseal operation in order to obtain data from a sealed bit string, the sealed bit string including identifiers of multiple programs that are allowed to access the data; and receiving, in response to invoking the unseal operation, the data from the sealed bit string only if one or more conditions that are to be satisfied in order for the data to be unsealed are satisfied, the one or more conditions including the plurality of instructions being one of the identified multiple programs. - View Dependent Claims (14, 15, 16, 17)
-
Specification