Method and system for establishing a trust framework based on smart key devices

US 7,711,951 B2
Filed: 01/08/2004
Issued: 05/04/2010
Est. Priority Date: 01/08/2004
Status: Active Grant

First Claim

Patent Images

1. A data processing system comprising:

a system unit including;

a processor for executing instructions in software modules; and

a first hardware security unit including;

means for storing a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;

means for authenticating a software module; and

means for acting as a certificate authority to issue digital certificates to the software modules; and

a first software module executable on the system unit including;

means for storing a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair; and

means for authenticating the hardware security unit;

means for receiving a digital certificate corresponding to a private key possessed by a second hardware security unit that is not included in the system unit; and

means for storing the received digital certificate.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mechanism is provided for securing cryptographic functionality within a host system such that it may only be used when a system administrator physically allows it via a hardware security token. In addition, a hardware security unit is integrated into a data processing system, and the hardware security unit acts as a hardware certificate authority. The hardware security unit may be viewed as supporting a trust hierarchy or trust framework within a distributed data processing system. The hardware security unit can sign software that is installed on the machine that contains the hardware security unit. Server processes that use the signed software that is run on the machine can establish mutual trust relationships with the hardware security unit and amongst the other server processes based on their common trust of the hardware security unit.

76 Citations

View as Search Results

43 Claims

1. A data processing system comprising:
- a system unit including;
  
  a processor for executing instructions in software modules; and
  
  a first hardware security unit including;
  
  means for storing a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  means for authenticating a software module; and
  
  means for acting as a certificate authority to issue digital certificates to the software modules; and
  
  a first software module executable on the system unit including;
  
  means for storing a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair; and
  
  means for authenticating the hardware security unit;
  
  means for receiving a digital certificate corresponding to a private key possessed by a second hardware security unit that is not included in the system unit; and
  
  means for storing the received digital certificate.
- View Dependent Claims (2, 3, 4)
- - 2. The data processing system of claim 1 further comprising:
    - a removable hardware device including;
      
      means for storing a private key of a third asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
      
      a first hardware interface for electrically engaging the system unit; and
      
      means for authenticating the hardware security unit; and
      
      the system unit further including;
      
      a second hardware interface for electrically engaging a removable hardware device.
  - 3. The data processing system of claim 2 wherein the hardware security unit further comprises:
    - means for enabling the hardware security unit to act as a certificate authority to issue digital certificates to software modules based on whether the removable hardware device remains electrically engaged with the system unit after the removable hardware device and the hardware security unit have been mutually authenticated.
  - 4. The data processing system of claim 1 further comprising:
    - means for receiving a digital certificate for the second software module;
      
      means for retrieving a set of digital certificates from the hardware security unit; and
      
      means for verifying the digital certificate for the second software module based on a certificate in the set of digital certificates from the hardware security unit.

5. A data processing system comprising:
- a system unit including;
  
  a processor for executing instructions in software modules; and
  
  a first hardware security unit including;
  
  means for storing a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  means for authenticating a software module; and
  
  means for acting as a certificate authority to issue digital certificates to the software modules;
  
  a first software module executable on the system unit including;
  
  means for storing a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair; and
  
  means for authenticating the hardware security unit; and
  
  a software smart key module that is signed by the first hardware security unit, wherein the first hardware security unit includes means for acting as a certificate authority.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The data processing system of claim 5 further comprising:
    - means for requiring software modules executable on the system unit to have been signed either by the software smart key module or by the first hardware security unit before execution.
  - 7. The data processing system of claim 5 further comprising:
    - means for requiring all software modules executable on the system unit to be able to authenticate either to the software smart key module or to the first hardware security unit before execution.
  - 8. The data processing system of claim 5 further comprising:
    - means for secondary software certificate authority modules to derive trust authority from the first hardware security unit in an inverted pyramid form of a trust hierarchy.
  - 9. The data processing system of claim 5 further comprising:
    - means for allowing software certificate authority modules to sign subordinate software certificate authority modules.
  - 10. The data processing system of claim 5 further comprising:
    - means for asserting a digital certificate of a software certificate authority trusted on a different data processing system into a list of trusted certificate authorities in the first hardware security unit.

11. A data processing system comprising:
- a system unit including;
  
  a processor for executing instructions in software modules; and
  
  a first hardware security unit including;
  
  means for storing a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  means for authenticating a software module; and
  
  means for acting as a certificate authority to issue digital certificates to the software modules;
  
  a first software module executable on the system unit including;
  
  means for storing a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair; and
  
  means for authenticating the hardware security unit; and
  
  means for requiring all interacting software applications that are installed on the system unit to be able to mutually authenticate to one another.
- View Dependent Claims (12)
- - 12. The data processing system of claim 11 further comprising:
    - means for allowing interacting software applications to verify each other as signed by a trusted software certificate authority or by the first hardware security unit.

13. A data processing system comprising:
- a system unit including;
  
  a processor for executing instructions in software modules; and
  
  a first hardware security unit including;
  
  means for storing a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  means for authenticating a software module; and
  
  means for acting as a certificate authority to issue digital certificates to the software modules;
  
  a first software module executable on the system unit including;
  
  means for storing a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair; and
  
  means for authenticating the hardware security unit; and
  
  means for asserting a digital certificate of a hardware security unit on a different system unit into a list of trusted certificate authorities in the first hardware security unit.

14. A method for performing cryptographic functions in a data processing system, the method comprising:
- executing a software module on a system unit including a hardware security unit, wherein the hardware security unit contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  performing a mutual authentication operation between the hardware security unit and the software module, wherein the software module contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  issuing digital certificates by the hardware security unit to software modules;
  
  receiving at the hardware security unit a digital certificate corresponding to a private key possessed by a second hardware security unit that is not included in the system unit; and
  
  storing the received digital certificate.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The method of claim 14 further comprising:
    - receiving a request from the software module to retrieve the received digital certificate; and
      
      providing the received digital certificate to the software module.
  - 16. The method of claim 14 further comprising:
    - electrically engaging a removable hardware device with the system unit, wherein the removable hardware device contains a private key of a third asymmetric cryptographic key pair and a public key of a fourth asymmetric cryptographic key pair, and wherein the hardware security unit contains a private key of the fourth asymmetric cryptographic key pair and a public key of the third asymmetric cryptographic key pair; and
      
      performing a mutual authentication operation between the removable hardware device and the hardware security unit.
  - 17. The method of claim 16 further comprising:
    - in response to successfully performing the mutual authentication operation between the removable hardware device and the hardware security unit, enabling the hardware security unit to act as a certificate authority to issue digital certificates while the removable hardware device remains electrically engaged with the system unit.
  - 18. The method of claim 16 further comprising:
    - in response to successfully performing the mutual authentication operation between the removable hardware device and the hardware security unit, enabling the hardware security unit to receive and store at the hardware security unit a digital certificate corresponding to a private key possessed by a second hardware security unit that is not included in the system unit.
  - 19. The method of claim 14 further comprising:
    - receiving a digital certificate for the second software module;
      
      retrieving a set of digital certificates from the hardware security unit; and
      
      verifying the digital certificate for the second software module based on a certificate in the set of digital certificates from the hardware security unit.

20. A method for performing cryptographic functions in a data processing system, the method comprising:
- executing a software module on a system unit including a hardware security unit, wherein the hardware security unit contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  performing a mutual authentication operation between the hardware security unit and the software module, wherein the software module contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  issuing digital certificates by the hardware security unit to software modules; and
  
  signing a software smart key module by the hardware security unit, wherein the hardware security unit includes means for acting as a certificate authority.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The method of claim 20 further comprising:
    - requiring software modules executable on the system unit to have been signed either by the software smart key module or by the hardware security unit before execution.
  - 22. The method of claim 20 further comprising:
    - requiring all software modules executable on the system unit to be able to authenticate either to the software smart key module or to the hardware security unit before execution.
  - 23. The method of claim 20 further comprising:
    - allowing secondary software certificate authority modules to derive trust authority from the hardware security unit in an inverted pyramid form of a trust hierarchy.
  - 24. The method of claim 20 further comprising:
    - allowing software certificate authority modules to sign subordinate software certificate authority modules.
  - 25. The method of claim 20 further comprising:
    - asserting a digital certificate of a hardware security unit on a different system unit into a list of trusted certificate authorities in the hardware security unit.

26. A method for performing cryptographic functions in a data processing system, the method comprising:
- executing a software module on a system unit including a hardware security unit, wherein the hardware security unit contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  performing a mutual authentication operation between the hardware security unit and the software module, wherein the software module contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  issuing digital certificates by the hardware security unit to software modules; and
  
  requiring all interacting software applications that are installed on the system unit to be able to mutually authenticate to one another.
- View Dependent Claims (27)
- - 27. The method of claim 26 further comprising:
    - allowing interacting software applications to verify each other as signed by a trusted software certificate authority or by the hardware security unit.

28. A method for performing cryptographic functions in a data processing system, the method comprising:
- executing a software module on a system unit including a hardware security unit, wherein the hardware security unit contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  performing a mutual authentication operation between the hardware security unit and the software module, wherein the software module contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  issuing digital certificates by the hardware security unit to software modules; and
  
  asserting a digital certificate of a software certificate authority trusted on a different data processing system into a list of trusted certificate authorities in the hardware security unit.

29. A computer program product stored on a storage computer readable medium for use in a data processing system for performing cryptographic functions, the computer program product comprising:
- means for executing a software module on a system unit including a hardware security unit, wherein the hardware security unit contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  means for performing a mutual authentication operation between the hardware security unit and the software module, wherein the software module contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  means for issuing digital certificates by the hardware security unit to software modules;
  
  means for receiving at the hardware security unit a digital certificate corresponding to a private key possessed by a second hardware security unit that is not included in the system unit; and
  
  means for storing the received digital certificate.
- View Dependent Claims (30, 31, 32, 33, 34, 35)
- - 30. The computer program product of claim 29 further comprising:
    - means for receiving a request from the software module to retrieve the received digital certificate; and
      
      means for providing the received digital certificate to the software module.
  - 31. The computer program product of claim 29 further comprising:
    - means for electrically engaging a removable hardware device with the system unit, wherein the removable hardware device contains a private key of a third asymmetric cryptographic key pair and a public key of a fourth asymmetric cryptographic key pair, and wherein the hardware security unit contains a private key of the fourth asymmetric cryptographic key pair and a public key of the third asymmetric cryptographic key pair;
      
      means for performing a mutual authentication operation between the removable hardware device and the hardware security unit.
  - 32. The computer program product of claim 31 further comprising:
    - means for enabling, in response to successfully performing the mutual authentication operation between the removable hardware device and the hardware security unit, the hardware security unit to act as a certificate authority to issue digital certificates while the removable hardware device remains electrically engaged with the system unit.
  - 33. The computer program product of claim 31 further comprising:
    - means for enabling, in response to successfully performing the mutual authentication operation between the removable hardware device and the hardware security unit, the hardware security unit to receive and store at the hardware security unit a digital certificate corresponding to a private key possessed by a second hardware security unit that is not included in the system unit.
  - 34. The computer program product of claim 29 further comprising:
    - means for receiving a digital certificate for the second software module;
      
      means for retrieving a set of digital certificates from the hardware security unit; and
      
      means for verifying the digital certificate for the second software module based on a certificate in the set of digital certificates from the hardware security unit.
  - 35. The computer program product of claim 29 further comprising:
    - means for asserting a digital certificate of a software certificate authority trusted on a different data processing system into a list of trusted certificate authorities in the hardware security unit.

36. A computer program product stored on a storage computer readable medium for use in a data processing system for performing cryptographic functions, the computer program product comprising:
- means for executing a software module on a system unit including a hardware security unit, wherein the hardware security unit contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  means for performing a mutual authentication operation between the hardware security unit and the software module, wherein the software module contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  means for issuing digital certificates by the hardware security unit to software modules; and
  
  means for signing a software smart key module by the hardware security unit, wherein the hardware security unit includes means for acting as a certificate authority.
- View Dependent Claims (37, 38, 39, 40)
- - 37. The computer program product of claim 36 further comprising:
    - means for requiring software modules executable on the system unit to have been signed either by the software smart key module or by the hardware security unit before execution.
  - 38. The computer program product of claim 36 further comprising:
    - means for requiring all software modules executable on the system unit to be able to authenticate either to the software smart key module or to the hardware security unit before execution.
  - 39. The computer program product of claim 36 further comprising:
    - means for allowing secondary software certificate authority modules to derive trust authority from the hardware security unit in an inverted pyramid form of a trust hierarchy.
  - 40. The computer program product of claim 36 further comprising:
    - means for allowing software certificate authority modules to sign subordinate software certificate authority modules.

41. A computer program product stored on a storage computer readable medium for use in a data processing system for performing cryptographic functions, the computer program product comprising:
- means for executing a software module on a system unit including a hardware security unit, wherein the hardware security unit contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  means for performing a mutual authentication operation between the hardware security unit and the software module, wherein the software module contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  means for issuing digital certificates by the hardware security unit to software modules; and
  
  means for requiring all interacting software applications that are installed on the system unit to be able to mutually authenticate to one another.
- View Dependent Claims (42)
- - 42. The computer program product of claim 41 further comprising:
    - means for allowing interacting software applications to verify each other as signed by a trusted software certificate authority or by the hardware security unit.

43. A computer program product stored on a storage computer readable medium for use in a data processing system for performing cryptographic functions, the computer program product comprising:
- means for executing a software module on a system unit including a hardware security unit, wherein the hardware security unit contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  means for performing a mutual authentication operation between the hardware security unit and the software module, wherein the software module contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  means for issuing digital certificates by the hardware security unit to software modules; and
  
  means for asserting a digital certificate of a hardware security unit on a different system unit into a list of trusted certificate authorities in the hardware security unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Chao, Ching-Yun
Primary Examiner(s)
Cervetti; David García

Application Number

US10/753,820
Publication Number

US 20050154875A1
Time in Patent Office

2,308 Days
Field of Search

713/156, 713/155, 713/169, 713/192, 713/194, 713/189
US Class Current

713/156
CPC Class Codes

G06F 21/445   by mutual authentication, e...

G06F 21/602   Providing cryptographic fac...

G06F 2221/2149   Restricted operating enviro...

G06F 2221/2153   Using hardware token as a s...

Method and system for establishing a trust framework based on smart key devices

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

76 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for establishing a trust framework based on smart key devices

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

76 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links