Cryptographic file security for multiple domain networks
First Claim
1. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain, a first host system arrangement for creating said data file comprising:
- means providing a file recovery key for said data file for subsequent recovery at said second host system representing a primary file key enciphered under a file cross domain key for cross domain file communication between said first and second host systems,means providing first host system plaintext, andmeans performing a cryptographic operation to encipher said first host system plaintext under said primary file key to obtain first host system ciphertext for said data file.
0 Assignments
0 Petitions
Accused Products
Abstract
A file security system for data files created at a first host system in one domain and recovered at a second host system in another domain of a multiple domain network. Each of said host systems contain a data security device provided with multiple host keys capable of performing a variety of cryptographic operations. Creation and recovery of a secure data file is accomplished without revealing the keys of either of the host systems to the other of the host systems. When the data file is to be created at the first host system, the first host system data security device provides a file recovery key for subsequent recovery of the data file at the second host system and enciphers first host system plaintext under a primary file key, which is related to the file recovery key, to obtain first host system ciphertext as the data file. The file recovery key is used as header information for the data file or maintained as a private file recovery key. When the data file is to be recovered at the second host system, the file recovery key is provided at the second host system and the second host system data security device performs a cryptographic operation to transform the file recovery key into a form which is usable to decipher the data file. The second host system data security device then uses the transformed file recovery key to perform a cryptographic operation to obtain the first host system ciphertext in clear form at the second host system.
259 Citations
43 Claims
-
1. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain, a first host system arrangement for creating said data file comprising:
-
means providing a file recovery key for said data file for subsequent recovery at said second host system representing a primary file key enciphered under a file cross domain key for cross domain file communication between said first and second host systems, means providing first host system plaintext, and means performing a cryptographic operation to encipher said first host system plaintext under said primary file key to obtain first host system ciphertext for said data file. - View Dependent Claims (2, 3, 4)
-
-
5. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain, a first host system arrangement for creating said data file comprising:
-
means providing a primary file key enciphered under a first key encrypting key of said first host system, means providing a file cross domain key for cross domain file communication between said first and second host systems enciphered under a second key encrypting key of said first host system, means operably responsive to said enciphered cross domain key and said enciphered primary file key to perform a cryptographic operation providing a file recovery key for subsequent recovery of said data file at said second host system, means providing first host system plaintext, and means operably responsive to said primary file key enciphered under said first key encrypting key and said first host system plaintext to perform a cryptographic operation providing first host system ciphertext for said data file. - View Dependent Claims (6, 7, 14, 15, 16, 17, 18)
-
-
8. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain, a first host system arrangement for creating said data file comprising:
-
means providing a primary file key enciphered under a first key encrypting key of said first host system, means providing a file cross domain key for cross domain file communication between said first and second host systems enciphered under a second key encrypting key of said first host system, means operably responsive to said enciphered cross domain key and said enciphered primary file key to perform a cryptographic operation providing said primary file key enciphered under said cross domain key as a file recovery key for subsequent recovery of said data file at said second host system, means providing first host system plaintext, and means operably responsive to said primary file key enciphered under said first key encrypting key and said first host system plaintext to perform a cryptographic operation providing said first host system plaintext enciphered under said primary file key as first host system ciphertext for said data file. - View Dependent Claims (9, 10, 11, 12)
-
-
13. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain, a first host system arrangement for creating said data file comprising:
-
means providing a primary file key enciphered under a first host system master key, means providing a file cross domain key for cross domain file communication between said first and second host systems enciphered under a variant of said first host system master key, means operably responsive to said enciphered cross domain key and said enciphered primary file key to perform a cryptographic operation providing said primary file key enciphered under said cross domain key as a file recovery key for subsequent recovery of said data file at said second host system, means providing first host system plaintext, and means operably responsive to said primary file key enciphered under said first host system master key and said first host system plaintext to perform a cryptographic operation providing said first host system plaintext enciphered under said primary file key as first host system ciphertext for said data file.
-
-
19. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain wherein said data file consists of header information comprising a primary file key enciphered under a cross domain key provided by said first host system and first host system plaintext enciphered under said primary file key, a second host system arrangement for recovery of said data file comprising:
-
means providing said cross domain key enciphered under a first key encrypting key of said second host system, means providing said primary file key enciphered under said cross domain key at said second host system, means operably responsive to said cross domain key enciphered under said first key encrypting key of said second host system and said primary file key enciphered under said cross domain key to perform a cryptographic operation providing said primary file key enciphered under a second key encrypting key of said second host system, means providing said data file of first host system plaintext enciphered under said primary file key at said second host system, and means operably responsive to said primary file key enciphered under said second key encrypting key of said second host system and said data file of first host system plaintext enciphered under said primary file key to perform a cryptographic operation providing said first host system plaintext at said second host system.
-
-
20. In a data processing system providing file security for a data file created by a first host system in one domain for recovery at said first system wherein said data file consists of header information comprising a primary file key enciphered under a secondary file key and first host system plaintext enciphered under said primary file key, a first host system arrangement for replacing said header information with a file recovery key for recovery of said data file at a second host system in another domain comprising:
-
means providing said secondary file enciphered under a first key encrypting key of said first host system, means providing said header information at said first host system, means operably responsive to said enciphered secondary file key and said header information to perform a cryptographic operation providing said primary file key enciphered under a second key encrypting key of said second host system, means providing a cross domain key for cross domain communication between said first and second host systems enciphered under a third key encrypting key of said first host system, and means operably responsive to said enciphered cross domain key and said primary file key enciphered under said second key encrypting key of said first host system to perform a cryptographic operation providing said primary file key enciphered under said cross domain key as said file recovery key. - View Dependent Claims (21)
-
-
22. In a multiple domain data processing system providing file security for a private data file created by a first host system in one domain and recovered by a second host system in another domain, a first host system arrangement for creating said data file comprising:
-
means providing a primary file key enciphered under a private cross domain key as a private file recovery key, means providing said private cross domain key enciphered under a first key encrypting key of said first host system, means operably responsive to said enciphered private cross domain key and said private recovery key to perform a cryptographic operation providing said primary file key enciphered under a second key encrypting key of said first host system, means providing first host system plaintext, and means operably responsive to said primary file key enciphered under said second key encrypting key of said first host system and said first host system plaintext to perform a cryptographic operation providing first host system ciphertext for said data file. - View Dependent Claims (23)
-
-
24. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain, the method of creating said data file at said first host system comprising the steps of:
-
providing a file recovery key for said data file for subsequent recovery at said second host system representing a primary file key enciphered under a file cross domain key for cross domain file communication between said first and second host systems, providing first host systems plaintext, and carrying out a cryptographic operation to encipher said first host system plaintext under said primary file key to obtain first host system ciphertext for said data file. - View Dependent Claims (25, 26, 27)
-
-
28. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain, the method of creating said data file at said first host system comprising the steps of:
-
providing a primary file key enciphered under a first key encrypting key of said first host system, providing a file cross domain key for cross domain file communication between said first and second host systems enciphered under a second key encrypting key of said first host system, carrying out a cryptographic operation in accordance with said enciphered cross domain key and said enciphered primary file key to provide a file recovery key for subsequent recovery of said data file at said second host system, providing first host system plaintext and, carrying out a cryptographic operation in accordance with said primary file key enciphered under said first key encrypting key and said first host system plaintext to provide first host system ciphertext for said data file. - View Dependent Claims (29, 30, 34)
-
-
31. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain, the method of creating said data file at said first host system comprising the steps of:
-
providing a primary file key enciphered under a first key encrypting key of said first host system, providing a file cross domain key for cross domain file communication between said first and second host systems enciphered under a second key encrypting key of said first host system, carrying out a cryptographic operation in accordance with said enciphered cross domain key and said enciphered primary file key to provide said primary file key enciphered under said cross domain key as a file recovery key for subsequent recovey of said data file at said second host system, providing first host system plaintext, and carrying out a cryptographic operation in accordance with said primary file key enciphered under said first key encrypting key and said first host system plaintext to provide said first host system plaintext enciphered under said primary file key as first host system ciphertext for said data file. - View Dependent Claims (32, 33)
-
-
35. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain and recovered by a second host system in another domain wherein said data file consists of header information comprising a primary file key enciphered under a cross domain key provided by said first host system and first host system plaintext enciphered under said primary file key, the method of recovery of said data file comprising the steps of:
-
providing said cross domain key enciphered under a first key encrypting key of said second host system, providing said primary file key enciphered under said cross domain key at said second host system, carrying out a cryptographic operation in accordance with said cross domain key enciphered under said first key encrypting key of said second host system and said primary file key enciphered under said cross domain key to provide said primary file key enciphered under a second key encrypting key of said second host system, providing said data file of first host system plaintext enciphered under said primary file key at said second host system, and carrying out a cryptographic operation in accordance with said primary file key enciphered under said second key encyrpting key of said second host system and said data file of first host system plaintext enciphered under said primary file key to provide said first host system plaintext at said second host system.
-
-
36. In a data processing system providing file security for a data file created by a first host system in one domain for recovery at said first system wherein said data file consists of header information comprising a primary file key enciphered under a secondary file key and first host system plaintext enciphered under said primary file key, the method of replacing said header information with a file recovery key for recovery of said data file at a second host system in another domain comprising the steps of:
-
providing said secondary file key enciphered under a first key encrypting key of said first host system, providing said header information at said first host system, carrying out a cryptographic operation in accordance with said enciphered secondary file key and said header information to provide said primary file key enciphered under a second key encrypting key of said second host system, providing a cross domain key for cross domain communication between said first and second host systems enciphered under a third key encrypting key of said first host system, and carrying out a cryptographic operation in accordance with enciphered cross domain key and said primary file key enciphered under said second key encrypting key of said first host system to provide said primary file key enciphered under said cross domain key as said file recovery key. - View Dependent Claims (37, 39)
-
-
38. In a multiple domain data processing system providing file security for a private data file created by a first host system in one domain and recovered by a second host system in another domain, the method of creating said data file comprising the steps of:
-
providing a primary file key enciphered under a private cross domain key as a private file recovery key, providing said private cross domain key enciphered under a first key encrypting key of said first host system, carrying out a cryptographic operation in accordance with said enciphered private cross domain key and said private recovery key to provide said primary file key enciphered under a second key encrypting key of said first host system, providing first host system plaintext, and carrying out a cryptographic operation in accordance with said primary file key enciphered under said second key encrypting key of said first host system and said first host system plaintext to provide first host system ciphertext for said data file.
-
-
40. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain having cryptographic apparatus provided with multiple keys and recovered by a second host system in another domain having crytopgraphic apparatus provided with multiple keys, an arrangement for creating said data file at one of said host systems using a protected file key and recovering said data file at the other of said host systems without revealing the multiple keys of either of said host systems to the other of said host systems comprising:
-
means providing a file recovery key for said data file at said first host system for subsequent recovery at said second host system representing a file key enciphered under a file cross domain key for cross domain file communication between said first and second host systems, means providing first host system plaintext, means performing a cryptographic operation for enciphering said first host system plaintext under control of said protected file key to obtain first host system ciphertext for said data file, means providing said file recovery key at said second host system, means operably responsive to said file recovery key to perform a cryptographic operation for reenicphering said file key from encipherment under said cross domain file key to encipherment under a first key encrypting key of said second host system, means providing said data file of first host system ciphertext at said second host system, and means operably responsive to said file key enciphered under said first key encrypting key of said second host system and said data file of first host system ciphertext for performing a cryptographic operation to provide said first host system ciphertext in clear form at said second host system.
-
-
41. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain having cryptographic apparatus provided with multiple keys and recovered by a second host system in another domain having cryptograhic apparatus provided with multiple keys, an arrangement for creating said data file at one of said host systems using a protected file key and recovering said data file at the other of said host systems without revealing the multiple keys of either of said host systems to the other of said host systems comprising:
-
means providing a file key enciphered under a first key encrypting key of said first host system, means providing a file cross domain key for cross domain file communication between said first and second host systems enciphered under a second key encrypting key of said first host system, means operably responsive to said enciphered cross domain key and said enciphered file key to perform a cryptographic operation providing a file recovery key for subsequent recovery of said data file at said second host system, means providing first host system plaintext, means operably responsive to said file key enciphered under said first key encrypting key and said first host system plaintext to perform a cryptographic operation providing first host system ciphertext for said data file, means providing said cross domain key enciphered under a first key encrypting key of said second host system, means providing said file recovery key at said second host system, means operably responsive to said cross domain key enciphered under said first key encrypting key of said second host system and said file recovery key to perform a cryptographic operation providing said file key enciphered under a second key encrypting key of said second host system, means providing said data file of first host system ciphertext at said second host system, and means operably responsive to said file key enciphered under said second key encrypting key of said second host system and said data file of first host system ciphertext to perform a cryptographic operation providing said first host system ciphertext in clear form at said second host system.
-
-
42. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain having cryptographic apparatus provided with multiple keys and recovered by a second host system in another domain having cryptographic apparatus provided with multiple keys, the method of creating said data file at one of said host systems using a protected file key and recovering said data file at the other of said host systems without revealing the multiple keys of either of said host systems to the other of said host systems comprising the steps of:
-
providing a file recovery key for said data file at said first host system for subsequent recovery at said second host system representing a file key enciphered under a file cross domain key for cross domain file communication between said first and second host systems, providing first host system plaintext, carrying out a cryptographic operation to encipher said first host system plaintext under control of said protected file key to obtain first host system ciphertext for said data file, providing said file recovery key at said second host system, carrying out a cryptographic operation in accordance with said file recovery key for reenciphering said file key from encipherment under said cross domain file key to encipherment under a first key encrypting key of said second host system, providing said data file of first host system ciphertext at said second host system, and carrying out a crytographic operation in accordance with said file key enciphered under said first key encrypting key of said second host system and said data file of first host system ciphertext to provide said first host system ciphertext in clear form at said second host system.
-
-
43. In a multiple domain data processing system providing file security for a data file created by a first host system in one domain having cryptographic apparatus provided with multiple keys and recovered by a second host system in another domain having cryptographic apparatus provided with multiple keys, the method of creating said data file at one of said host systems using a protected file key and recovering said data file at the other of said host systems without revealing the multiple keys of either of said host systems to the other of said host systems comprising:
-
providing a file key enciphered under a first key encrypting key of said first host system, providing a file cross domain key for cross domain file communication between said first and second host systems enciphered under a second key encrypting key of said first host system, carrying out a cryptographic operation in accordance with said enciphered cross domain key and said enciphered file key to provide a file recovery key for subsequent recovery of said data file at said second host system, providing first host system plaintext, carrying out a cryptographic operation in accordance with said file key enciphered under said first key encrypting key and said first host system plaintext to provide first host system ciphertext for said data file, providing said cross domain key enciphered under a first key encrypting key of said second host system, providing said file recovery key at said second host system, carrying out a cryptographic operation in accordance with said cross domain key enciphered under said first key encrypting key of said second host system and said file recovery key to provide said file key enciphered under a second key encrypting key of said second host system, providing said data file of first host system ciphertext at said second host system, and carrying out a cryptographic operation in accordance with said file key enciphered under said second key encrypting key of said second host system and said data file of first host system ciphertext to provide said first host system ciphertext in clear form at said second host system.
-
Specification