Trusted signature with key access permissions
First Claim
Patent Images
1. A non-transitory computer-readable medium having computer-readable instructions stored thereon that, upon execution by a processor, cause the processor to:
- determine a hash value corresponding to information;
determine, based on a permission policy, whether an application associated with the information has permission to access at least one private key of a plurality of private keys, wherein the plurality of private keys are stored in a hierarchical namespace structure, and further wherein a single permission class of the permission policy is used to control access to the plurality of private keys within different parts of the hierarchical namespace structure; and
if the application has permission to access the private key, generate a digital signature with the private key, wherein the digital signature is based at least in part on the hash value.
7 Assignments
0 Petitions
Accused Products
Abstract
Devices, methods, and computer code products are disclosed in which access to private keys required to create digital signatures for delimited information is controlled by permissions in the device. The permissions can be used to check the identity of an application to determine if the application has access to a digital key and permission to generate a digital signature.
-
Citations
17 Claims
-
1. A non-transitory computer-readable medium having computer-readable instructions stored thereon that, upon execution by a processor, cause the processor to:
-
determine a hash value corresponding to information; determine, based on a permission policy, whether an application associated with the information has permission to access at least one private key of a plurality of private keys, wherein the plurality of private keys are stored in a hierarchical namespace structure, and further wherein a single permission class of the permission policy is used to control access to the plurality of private keys within different parts of the hierarchical namespace structure; and if the application has permission to access the private key, generate a digital signature with the private key, wherein the digital signature is based at least in part on the hash value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for generating a digital signature, the method comprising:
-
calculating a hash value corresponding to information; determining, based on a permission policy, whether an application associated with the information has permission to access a private key of a plurality of private keys, wherein the plurality of private keys are stored in a hierarchical namespace structure, and further wherein a single permission class of the permission policy is used to control access to the plurality of private keys within different parts of the hierarchical namespace structure; and if the application has permission to access the private key, using the private key to generate a digital signature based at least in part on the hash value. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
Specification