Apparatus and method for secure distribution of data
First Claim
Patent Images
1. A method for securely controlling the configuration of a computer system so that features of the system may be enabled or disabled, said method including the steps of:
- providing memory which is located within a secured area, said memory being protected from physical and direct electrical access said memory storing basic information;
encrypting data, said data including a program and software updates as specific features at another computer system under the private key of a public key encryption system; and
digitally signing said data;
decrypting the data and verifying the digital signature of said data within the secured area with a public key of the public key encryption system, wherein said public key is stored within said secured area;
executing said program within said secured area, said program interacting with the basic information stored in said memory and installing in said memory in the secured area, as result of said interaction, said specific features which are the software updates; and
changing said basic information stored in the memory of the secured area, which change results as part of the interaction of said program with the basic information existing before said interaction.
0 Assignments
0 Petitions
Accused Products
Abstract
Data, including a program and software updates, is encrypted by a public key encryption system using the private key of the data sender. The data is also digitally signed by the sender. The receiver decrypts the encrypted data, using the public key of the sender, and verifies the digital signature on the transmitted data. The program interacts with basic information stored within the confines of the receiver. As result of the interaction, the software updates are installed within the confines of the user, and the basic information stored within the confines of the user are changed.
291 Citations
1 Claim
-
1. A method for securely controlling the configuration of a computer system so that features of the system may be enabled or disabled, said method including the steps of:
-
providing memory which is located within a secured area, said memory being protected from physical and direct electrical access said memory storing basic information; encrypting data, said data including a program and software updates as specific features at another computer system under the private key of a public key encryption system; and
digitally signing said data;decrypting the data and verifying the digital signature of said data within the secured area with a public key of the public key encryption system, wherein said public key is stored within said secured area; executing said program within said secured area, said program interacting with the basic information stored in said memory and installing in said memory in the secured area, as result of said interaction, said specific features which are the software updates; and changing said basic information stored in the memory of the secured area, which change results as part of the interaction of said program with the basic information existing before said interaction.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsArnold, Todd Weston
-
Primary Examiner(s)Hayes, Gail O.
-
Assistant Examiner(s)SAYADIAN, HRAYR
-
Application NumberUS09/022,650Time in Patent Office586 DaysField of Search380/4, 380/49, 380/25, 380/50US Class Current713/189CPC Class CodesG06F 21/1011 to devicesG06F 21/125 by manipulating the program...G06F 21/44 Program or device authentic...G06F 21/51 at application loading time...G06F 21/57 Certifying or maintaining t...G06F 21/72 in cryptographic circuitsG06F 2211/008 Public Key, Asymmetric Key,...G06F 2221/2129 Authenticate client device ...G06F 2221/2151 Time stampG06F 2221/2153 Using hardware token as a s...H04L 2209/56 Financial cryptography, e.g...H04L 9/302 involving the integer facto...H04L 9/3249 using RSA or related signat...
