Computer architecture for an electronic device providing a secure file system
First Claim
Patent Images
1. A method for providing a secure file service, comprising:
- providing a computer system for operation in an unsecure environment, said computer system comprising a secure file services module and a secure user processor which is separate and distinct from said secure file services module, each configured to secure data contained therein wherein said secure file services module and said secure user processor are embodied on the same computing device;
providing first and second secure communication paths in said unsecure environment directly between said secure file services module and said secure user processor, said first secure communication path being separate from said second secure communication path and configured to physically secure data communicated thereover by employing physically secure communication path hardware, said second secure communication path configured to exclusively support user sign-on services and to only software secure data communicated thereover;
communicating an authentication request to said secure file services module over said second secure communication path, said secure file services module including a file system control interface, a client access interface, a cryptographic processor and a secure file system hosted by said cryptographic processor;
providing an authentication of said user using said file system control interface;
communicating to said client access interface over said first secure communication path a request from said secure user processor for a classified data file;
responsive to said request, accessing said secure file system containing said classified data file;
decrypting said classified data file with said cryptographic processor;
and communicating said classified data file to said secure user processor in decrypted form through said first secure communication path.
5 Assignments
0 Petitions
Accused Products
Abstract
A secure file service includes a cryptographic processor (302, 602) and a secure file system (301, 601). The cryptographic processor is comprised of a trusted microprocessor and a trusted operating system executing on the trusted cryptographic processor. The cryptographic processor includes hardware and software for accessing at least one classified data file from the secure file system, decrypting the classified data file, and serving the classified data file in decrypted form to a secure user processor (402, 502, 702) that has requested the file. The secure file system can be either a single-level secure file system (301) or a multi-level secure file system (601).
-
Citations
31 Claims
-
1. A method for providing a secure file service, comprising:
-
providing a computer system for operation in an unsecure environment, said computer system comprising a secure file services module and a secure user processor which is separate and distinct from said secure file services module, each configured to secure data contained therein wherein said secure file services module and said secure user processor are embodied on the same computing device; providing first and second secure communication paths in said unsecure environment directly between said secure file services module and said secure user processor, said first secure communication path being separate from said second secure communication path and configured to physically secure data communicated thereover by employing physically secure communication path hardware, said second secure communication path configured to exclusively support user sign-on services and to only software secure data communicated thereover; communicating an authentication request to said secure file services module over said second secure communication path, said secure file services module including a file system control interface, a client access interface, a cryptographic processor and a secure file system hosted by said cryptographic processor; providing an authentication of said user using said file system control interface; communicating to said client access interface over said first secure communication path a request from said secure user processor for a classified data file; responsive to said request, accessing said secure file system containing said classified data file; decrypting said classified data file with said cryptographic processor; and communicating said classified data file to said secure user processor in decrypted form through said first secure communication path. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for providing a secure file service, comprising:
-
a computer system comprising a secure user processor configured to secure data contained therein wherein said secure file services module and said secure user processor are embodied on the same computing device; a secure file services module communicatively coupled to said computer system and comprising; a cryptographic processor comprising means for encrypting and decrypting a classified data file; and a secure file system hosted by said cryptographic processor containing classified data files stored in a classified information storage area thereof and unclassified data files stored in an unclassified information storage area thereof, said secure file system accessible exclusively to said cryptographic processor; and
first and second secure communication paths provided directly between said secure file services module and said secure user processor, said first secure communication path being separate from said second secure communication path and configured to physically secure data communicated thereover by employing physically secure communication path hardware;
said second secure communication path configured to exclusively support user sign-on services and to only software secure data communicated thereover;wherein said cryptographic processor comprises a processing device responsive to said secure user processor distinct from said cryptographic processor for accessing at least one classified data file from said secure file system, decrypting said classified data file, communicating, from said cryptographic processor, said classified data file to said secure user processor in decrypted form, wherein said cryptographic processor is configured to prevent classified information of said classified data file from being written to said unclassified information storage area of said secure file system. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A system for providing a secure file service, comprising:
-
a secure file services module including a cryptographic processor, a cryptographic processor file system hosted by said cryptographic processor providing storage for files used exclusively by said cryptographic processor, a secure file system hosted by said cryptographic processor wherein said secure the services module and said secure user processor are embodied on the same computing device, said secure file system including a classified information storage area and an unclassified information storage area, a client access interface configured to serve classified files stored in said secure file system to a client processor after decryption by said cryptographic processor, to receive classified files from said client processor, and to store said classified files in said secure file system after encryption by said cryptographic processor, said client access interface comprising a first secure communication path directly between said secure file services module and said client processor that is configured to physically secure data communicated therethrough by employing physically secure communication path hardware, and a file system control interface communicating with said cryptographic processor and, configured for authenticating a user prior to said client access interface serving classified files to said client processor, said file system control interface comprising a second secure communication path directly between said secure file services module and said client processor that is separate from said first secure communication path, said second secure communication path configured to exclusively support user sign-on services and to only software secure data communicated thereover. - View Dependent Claims (28, 29, 30, 31)
-
Specification