Methods, apparatus and computer readable medium are described for sealing objects to two or more tokens. Further, methods, apparatus and computer readable medium are described for unsealing objects that have been sealed to two or more tokens.
대표청구항▼
What is claimed is: 1. A method comprising requesting a first token to unseal a sealed first portion of a multi-token sealed object to obtain a first portion of the multi-token sealed object, receiving the first portion in response to the first token unsealing the sealed first portion only if the f
What is claimed is: 1. A method comprising requesting a first token to unseal a sealed first portion of a multi-token sealed object to obtain a first portion of the multi-token sealed object, receiving the first portion in response to the first token unsealing the sealed first portion only if the first token determines that a current device environment satisfies environment criteria specified for the sealed first portion, requesting a second token to unseal a sealed second portion of a multi-token sealed object to obtain a second portion of the multi-token sealed object, and using the first portion and the second portion to obtain an object from the multi-token sealed object. 2. The method of claim 1 further comprising obtaining the object of the multi-token sealed object by using the first portion as a key to decrypt the second portion. 3. The method of claim 1 further comprising receiving a key in response to the first token unseating the sealed first portion, receiving an encrypted object in response to the second token unsealing the second portion, and obtaining the object of the multi-token sealed object by using the key to decrypt the encrypted object. 4. The method of claim 1 further comprising generating a key based upon the first portion and the second portion of the multi-token sealed object, and obtaining the object of the multi-token sealed object by using the generated key to decrypt an encrypted object of the multi-token sealed object. 5. The method of claim 1 further comprising generating a key from the first portion and the second portion of the multi-token sealed object, and obtaining the object of the multi-token sealed object by using the generated key and an asymmetric cryptographic algorithm to decrypt an encrypted object of the multi-token sealed object. 6. The method of claim 1 further comprising receiving a first key in response to the first token unsealing the sealed first portion, receiving a second key in response to the second token unsealing the second portion, generating a third key from the first key and the second key, and obtaining the object of the multi-token sealed by using the third key to decrypt an encrypted object of the multi-token sealed object. 7. The method of claim 1 further comprising receiving a first key in response to the first token unsealing the sealed first portion only if the first token determines that a current device environment satisfies environment criteria specified for the sealed first portion, receiving a second key in response to the second token unsealing the second portion only if the second token determines that the current device environment satisfies environment criteria specified for the sealed second portion, generating a third key from the first key and the second key, and obtaining the object of the multi-token sealed by using the third key to decrypt an encrypted object of the multi-token sealed object. 8. The method of claim 7 further comprising receiving the first key in response to the first token unsealing the sealed first portion only if a first value computed from the first portion and a first seal record of the sealed first portion has a predetermined relationship with a first digest value of the sealed first portion, and receiving the second key in response to the second token unsealing the sealed second portion only if a second value computed from the second portion and a second seal record of the sealed second portion has a predetermined relationship with a second digest value of the sealed second portion. 9. The method of claim 1 further comprising receiving a first key in response to the first token unsealing the sealed first portion only if the first token generated the sealed first portion, receiving a second key in response to the second token unsealing the second portion only if the second token generated the sealed second portion, generating a third key from the first key and the second key, and obtaining the object of the multi-token sealed by using the third key to decrypt an encrypted object of the multi-token sealed object. 10. A method comprising requesting a plurality of tokens to unseal a plurality sealed portions of a multi-token sealed object, receiving a plurality of unsealed portions of the multi-token sealed object only if a current device environment satisfies device criteria specified for the plurality of sealed portions, and obtaining an object that has been sealed to the plurality of tokens using the plurality of unsealed portions of the multi-token sealed object. 11. The method of claim 10 wherein obtaining comprises generating a key from the plurality of unsealed portions of the multi-token sealed object, and decrypting an encrypted object using the key to obtain the object. 12. The method of claim 10 wherein obtaining comprises generating a key from the plurality of unsealed portions of the multi-token sealed object, and decrypting an encrypted object using the key and a symmetric cryptographic algorithm to obtain the object. 13. The method of claim 12 further comprising unsealing the plurality of sealed portions only if the plurality of tokens generated the plurality of sealed portions. 14. A method comprising requesting a first token of a computing device to seal a first portion of a multi-token sealed object to first environment criteria, and requesting a second token of a computing device to seal a second portion of the multi-token sealed object to second environment criteria. 15. The method of claim 14 further comprising encrypting an object using a symmetric cryptographic algorithm and a key to obtain an encrypted object, and receiving a scaled encrypted object in response to the first token sealing the first portion that comprises the encrypted object, receiving a sealed key in response to the second token sealing the second portion that comprises the key. 16. The method of claim 14 further comprising encrypting the object using an asymmetric cryptographic algorithm and an encryption key of an asymmetric key pair to obtain an encrypted object, receiving a sealed encrypted object in response to the first token sealing the first portion that comprises the encrypted object, receiving a sealed decryption key in response to the second token sealing the second portion that comprises a decryption key of the asymmetric key pair. 17. The method of claim 14 further comprising receiving a sealed first portion encrypted by the first token using a first key of the first token, the sealed first portion comprising the first key, a first seal record comprising one or more metrics specified by the first environment criteria, and a first digest value that attests to the integrity of the first key and the first seal record, and receiving a sealed second portion encrypted by the second token using a second key of the second token, the sealed second portion comprising the second key, a second seal record comprising one or more metrics specified by the second environment criteria, and a second digest value that attests to the integrity of the second key and the second seal record. 18. The method of claim 17 wherein the first seal record comprises a unique first identifier for the first token, and the second seal record comprises a unique second identifier for the second token. 19. The method of claim 14 further comprising encrypting the object using key that was generated based upon a first key and a second key, receiving a sealed first key in response to the first token sealing the first portion that comprises the first key, receiving a scaled second key in response to the second token sealing the second portion that comprises the second key. 20. The method of claim 19 further comprising generating a sealed first portion by encrypting the first portion and metrics specified by the first environment criteria using a first key of the first token, and generating a sealed second portion by encrypting the second portion and metrics specified by the second environment criteria using a second key of the second token. 21. The method of claim 20 wherein the first token comprises a virtual token, and the second token comprises a physical token. 22. The method of claim 21 further comprising specifying the second environment criteria by identifying at least one configuration register of the physical token that comprises a metric of the virtual token. 23. The method of claim 14 further comprising specifying the first environment criteria by identifying one or more configuration registers of the first token that record metrics of the computing device, and specifying the second environment criteria by identifying one or more configuration registers of the second token that record metrics of the computing device. 24. The method of claim 23 wherein specifying the second environment criteria comprises identifying at least one configuration register of the second token that comprises a metric of the first token. 25. The method of claim 24 wherein the first token comprises a virtual token, and the second token comprises a physical token. 26. A device comprising a virtual token comprising one or more configuration registers that record metrics of a device environment and one or more processing units to generate a sealed first key that comprises a first key sealed to first environment criteria, a physical token comprising one or more configuration registers that record metrics of the device environment, and one or more processing units to generate a sealed second key that comprises a second key sealed to second environment criteria, and a sealing component to generate a third key based upon the first key and the second key, encrypt an object using the third key to obtain an encrypted object, request the virtual token to seal the first key to obtain the sealed first key, and request the physical token to seal the second key to obtain the sealed second key. 27. The device of claim 26 wherein the sealing component specifies the first environment criteria by identifying one or more configuration registers of the virtual token to which to seal the first key, and specifies the second environment criteria by identifying one or more configuration registers of the physical token to which to seal the second key. 28. The device of claim 27 wherein the sealing component specifies a first public key of the virtual token with which to seal the first key, and specifies a second public key of the physical token with which to seal the second key. 29. The device of claim 28 wherein the virtual token generates the sealed first key by using the first public key to encrypt the first key, a first seal record comprising metrics specified by the first environment criteria, and a first digest value that attests to the integrity of the first key and the first seal record, and the physical token generates the sealed second key by using the second public key to encrypt the second key, a second seal record comprising metrics specified by the second environment criteria, and a second digest value that attests to the integrity of the second key and the second seal record. 30. The device of claim 26 further comprising an unsealing component to request the virtual token to unseal the sealed first key to obtain the first key, to request the physical token to unseal the sealed second key to obtain the second key, to generate a third key based upon the first key and the second key, and to decrypt the encrypted object using the third key. 31. The device of claim 30 wherein the processing units of the virtual token further unseal the sealed first key and provide the unsealing component with the first key only if the metrics of the one or more configuration registers of the virtual token satisfy the first environment criteria, and the processing units of the physical token further unseal the sealed key and provide the unsealing with the key used to decrypt the encrypted object only if the metrics of the one or more configuration registers of the physical token satisfy the second environment criteria. 32. The device of claim 31 wherein the virtual token unseals the sealed object by decrypting the sealed object using a first private key of the virtual token to obtain the encrypted object, a first seal record, and a first digest value that attests to the integrity of the encrypted object and the first seal record, and the physical token unseals the sealed key by decrypting the sealed key using a second private key of the physical token to obtain the key, a second seal record, and a second digest value that attests to the integrity of the key and the second seal record. 33. The device of claim 30 wherein the processing units of the virtual token provide the unsealing component with the encrypted object only if the first digest value obtained from the sealed first key has a predetermined relationship with a value computed from the first key and the first seal record of the sealed first key, and the processing units of the physical token provide the unsealing component with the second key only if the second digest value obtained from the sealed second key has a predetermined relationship with a value computed from the second key and the second seal record of the sealed second key. 34. A machine readable medium comprising a plurality of instructions that, in response to being executed, result in a computing device sealing a first portion of a multi-token sealed object to first environment criteria using a first public key of a first token to obtain a sealed first portion, and sealing a second portion of the multi-token sealed object to second environment criteria using a second public key of a second token to obtain a sealed second portion. 35. The machine readable medium of claim 34 wherein the plurality of instructions further result in the computing device specifying the first environment criteria by identifying one or more configuration registers of the first token that record metrics of the computing device, and specifying the second environment criteria by identifying one or more configuration registers of the second token that record metrics of the computing device. 36. The machine readable medium of claim 35 wherein the plurality of instructions further result in the computing device generating the sealed first portion such that the sealed first portion comprises the first portion, a first seal record comprising the metrics of the one or more configuration registers specified by the first environment criteria, and a first digest value of the encrypted object and the seal record, and generating the sealed second portion such that the sealed second portion comprises the second portion, a second seal record comprising the metrics of the one or more configuration registers specified by the second environment criteria, and a second digest value of the key and the second seal record. 37. The machine readable medium of claim 36 wherein the plurality of instructions further result in the computing device unsealing the sealed first portion using a first private key of the first token and providing the first portion only if the metrics recorded by the first token have a predetermined relationship with the metrics of the first seal record, and unsealing the sealed second portion using a second private key of the second token and providing the second portion only if the metrics recorded by the second token have a predetermined relationship with the metrics of the second seal record. 38. The machine readable medium of claim 37 wherein the plurality of instructions further result in the computing device providing the first portion only if the first digest value obtained from the sealed encrypted object has a predetermined relationship to a first value computed from the encrypted object and the first seal record, and providing the second portion only if the second digest value obtained from the sealed key has a predetermined relationship to a second value computed from the key and the second seal record. 39. The machine readable medium of claim 34 wherein the plurality of instructions further result in the computing device unsealing the sealed first portion using a first private key of the first token and providing the first portion object only if a current device environment satisfies the first environment criteria, and unsealing the sealed second portion using a second private key of the second token and providing the second portion only if the current device environment satisfies the second environment criteria. 40. A device comprising a chipset, a processor coupled to the chipset, memory coupled to the chipset, the memory comprising a plurality of instructions that, when executed by the processor, result in the processor implementing a virtual token that records metrics of a device environment, that receives a first key used to generate a decryption key, and that seals the first key to one or more metrics recorded by the virtual token in response to receiving a seal operation request, and a physical token coupled to the chipset, the physical token to record metrics of the device environment, to receive a second key used to generate the decryption key, and to seal the second key to one or more metrics recorded by the physical token in response to receiving a seal operation request. 41. The device of claim 40 wherein the one or more metrics recorded by the physical token comprises a virtual token metric and the physical token seals the key to at least the virtual token metric. 42. The device of claim 40 wherein the one or more metrics recorded by the physical token comprises a metric of the plurality of instructions that result in the processor implementing the virtual token and the physical token seals the key to at least the metric of the plurality of instructions. 43. The device of claim 40 wherein the plurality of instructions, in response to execution, result in the processor generating a scaled first key that comprises the first key and a unique first identifier for the virtual token, and the physical token generates a sealed second key that comprises the second key and a unique second identifier for the physical token.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (193)
Ryba Edward G. (Milpitas CA) Lipman Peter H. (Cupertino CA) Connell Jefferson J. (Cupertino CA) Weiss David (Palo Alto CA), Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB).
Gannon Patrick M. (Poughkeepsie NY) Gum Peter H. (Poughkeepsie NY) Hough Roger E. (Highland NY) Murray Robert E. (Woodstock NY), Apparatus and method for TLB purge reduction in a multi-level machine system.
Bealkowski Richard (Delray Beach FL) Blackledge ; Jr. John W. (Boca Raton FL) Cronk Doyle S. (Boca Raton FL) Dayan Richard A. (Boca Raton FL) Dixon Jerry D. (Boca Raton FL) Kinnear Scott G. (Boca Rat, Apparatus and method for preventing unauthorized access to BIOS in a personal computer system.
Brelsford David P. (Hyde Park NY) Cutler Melvin M. (Los Angeles CA) Lafitte Jean-Louis (Moens NY FRX) Gdaniec Joseph M. (Hyde Park NY) Osisek Damian L. (Vestal NY) Plambeck Kenneth E. (Poughkeepsie N, Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virt.
Heller Andrew R. (Morgan Hill CA) Worley ; Jr. William S. (Endicott NY), Authorization mechanism for transfer of program control or data between different address spaces having different storag.
Ermolovich Thomas R. (Lexington MA) Stewart Robert E. (Stow MA) Leonard Judson S. (Acton MA) Cutler David N. (Nashua NH), Communications device for data processing system.
Satou Mitsugu,JPX ; Iwata Shunichi,JPX, Computer system and semiconductor device on one chip including a memory and central processing unit for making interlock access to the memory.
Ellison, Carl M.; Golliver, Roger A.; Herbert, Howard C.; Lin, Derrick C.; McKeen, Francis X.; Neiger, Gilbert; Reneris, Ken; Sutton, James A.; Thakkar, Shreekant S.; Mittal, Millind, Controlling access to multiple isolated memories in an isolated execution environment.
Ellison, Carl M.; Golliver, Roger A.; Herbert, Howard C.; Lin, Derrick C.; McKeen, Francis X.; Neiger, Gilbert; Reneris, Ken; Sutton, James A.; Thakkar, Shreekant S.; Mittal, Millind, Controlling access to multiple memory zones in an isolated execution environment.
Curtis, Bryce Allen, Cross-platform program, system, and method having a global registry object for mapping registry equivalent functions in an OS/2 operating system environment.
Morley Richard E. (Greenville NH), Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and met.
Ellison, Carl M.; Golliver, Roger A.; Herbert, Howard C.; Lin, Derrick C.; McKeen, Francis X.; Neiger, Gilbert; Reneris, Ken; Sutton, James A.; Thakkar, Shreekant S.; Mittal, Millind, Executing isolated mode instructions in a secure system running in privilege rings.
Nakamura Kouji,JPX, Exposure apparatus, output control method for energy source, laser device using the control method, and method of producing microdevice.
Adams Phillip M. (Parowan UT) Holmstron Larry W. (Salt Lake City UT) Jacob Steve A. (South Weber UT) Powell Steven H. (Ogden UT) Condie Robert F. (Tuscon AZ) Culley Martin L. (Tuscon AZ), Kernels, description tables, and device drivers.
Johnson James Scott (Fort Worth TX) Short Tim (Duncanville TX) Intrater Gideon (Sunnyvale CA), Memory management circuit which provides simulated privilege levels.
Barnett Philip C.,GBX, Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges.
Chemin Francois (Plaisir FRX) Ugon Michel (Maurepas FRX), Method and apparatus for certifying services obtained using a portable carrier such as a memory card.
Harold L. McFarland ; David R. Stiles ; Korbin S. Van Dyke ; Shrenik Mehta ; John Gregory Favor ; Dale R. Greenley ; Robert A. Cargnoni, Method and apparatus for debugging an integrated circuit.
Miller David A. ; Jansen Kenneth A. ; Culley Paul R. ; Taylor Mark ; Izquierdo Javier F., Method and apparatus for independently resetting processors and cache controllers in multiple processor systems.
Cotichini Christian,CAX ; Cain Fraser,CAX ; Ashworth David G.,CAX ; Livingston Peter Michael Bruce,CAX ; Solymar Gabor,CAX ; Gardner Philip B.,CAX ; Woinoski Timothy S.,CAX, Method and apparatus to monitor and locate an electronic device using a secured intelligent agent.
Luiz Fernando A. (Monte Sereno CA) Snyder Harlan C. (Saratoga CA) Sorg ; Jr. John H. (Los Gatos CA), Method and means for path independent device reservation and reconnection in a multi-CPU and shared device access system.
Kahle James Allan ; Loper Albert J. ; Mallick Soummya ; Ogden Aubrey Deene ; Sell John Victor, Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions w.
Hazard Michel (Mareil/Mauldre FRX) Ugon Michel (Maurepas FRX), Method for authenticating an external authorizing datum by a portable object, such as a memory card.
Melo Michael D. (Billerica MA), Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 8048.
Hazard Michel (Mareil/Mauldre FRX), Method for certifying the authenticity of a datum exchanged between two devices connected locally or remotely by a trans.
Ugon Michel (Maurepas FRX) Oisel Andr (Elancourt FRX), Method for checking the integrity of a program or data, and apparatus for implementing this method.
Greenstein Paul Gregory ; Guyette Richard Roland ; Rodell John Ted, Method for managing I/O buffers in shared storage by structuring buffer table having entries including storage keys for.
Panwar Ramesh ; Chamdani Joseph I., Method of executing coded instructions in a multiprocessor having shared execution resources including active, nap, and sleep states in accordance with cache miss latency.
Scalzi Casper A. (Poughkeepsie NY) Starke William J. (Austin TX), Method of using a target processor to execute programs of a source architecture that uses multiple address spaces.
Ganapathy Narayanan ; Stevens Luis F. ; Schimmel Curt F., Method, system and computer program product for dynamically allocating large memory pages of different sizes.
Eugene Feng ; Gary Phillips, Microcontroller system having allocation circuitry to selectively allocate and/or hide portions of a program memory address space.
Grimmer ; Jr. George G. ; Rhoades Michael W., Microcontroller with security logic circuit which prevents reading of internal memory by external program.
Goetz John W. ; Mahin Stephen W. ; Bergkvist John J., Microprocessor with an architecture mode control capable of supporting extensions of two distinct instruction-set archi.
Blomgren James S. (San Jose CA) Bracking Jimmy (San Jose CA) Richter David (San Jose CA) Spahn Francis (El Cerrito CA), Microprocessor with operation capture facility.
Hough Roger E. (Austin TX) Murray Robert E. (Kingston NY), Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals.
McDonald, Michael F.; Arora, Sumeet; Chu, Mark, Mutual exclusion at the record level with priority inheritance for embedded systems using one semaphore.
Reardon David C., Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place.
Neufeld E. David (Tomball TX), Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data trans.
Provanzano Salvatore R. (Melrose MA) Aldrich Wilbert H. (Winchester MA) D\Angelo Robert A. (Windham NH) Drottar Emil P. (Ipswich MA) Finnegan ; Jr. John J. (Hudson NH) Heom James (Bedford MA) Hill La, Programmable controller.
Robinson Paul T. (Arlington MA) Mason Andrew H. (Hollis NH) Hall Judith S. (Sudbury MA), Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces.
John K. Gee ; David A. Greve ; David S. Hardin ; Allen P. Mass ; Michael H. Masters ; Nick M. Mykris ; Matthew M. Wilding, Real time processor capable of concurrently running multiple independent JAVA machines.
Goire Christian (Les Clayes Sous Bois FRX) Sigaud Alain (Elancourt FRX) Moyal Eric (Paris FRX), Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal.
Browne Hendrik A., Secure computer system and method of providing secure access to a computer system including a stand alone switch operable to inhibit data corruption on a storage device.
Mark J. Foster ; Saifuddin T. Fakhruddin ; James L. Walker ; Matthew B. Mendelow ; Jiming Sun ; Rodman S. Brahman ; Michael P. Krau ; Brian D. Willoughby ; Michael D. Maddix ; Steven L. Belt, Suspend/resume capability for a protected mode microprocesser.
Hudson Jerome D. ; Champagne Jean-Paul,FRX ; Galindo Mary A. ; Hickerson Cynthia M. K. ; Hickman Donna R. ; Lockhart Robert P. ; Saddler Nancy B. ; Stange Patricia A., System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential.
Angelo Michael F. ; Olarig Sompong P. ; Wooten David R. ; Driscoll Dan J., System and method for performing secure device communications in a peer-to-peer bus architecture.
Inoue Taro (Sagamihara JPX) Umeno Hidenori (Kanagawa JPX) Tanaka Shunji (Sagamihara JPX) Yamamoto Tadashi (Kanagawa JPX) Ohtsuki Toru (Hadano JPX), System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode.
Nardone Joseph M. ; Mangold Richard P. ; Pfotenhauer Jody L. ; Shippy Keith L. ; Aucsmith David W. ; Maliszewski Richard L. ; Graunke Gary L., Tamper resistant methods and apparatus.
Nardone Joseph M. ; Mangold Richard T. ; Pfotenhauer Jody L. ; Shippy Keith L. ; Aucsmith David W. ; Maliszewski Richard L. ; Graunke Gary L., Tamper resistant methods and apparatus.
Nardone Joseph M. ; Mangold Richard P. ; Pfotenhauer Jody L. ; Shippy Keith L. ; Aucsmith David W. ; Maliszewski Richard L. ; Graunke Gary L., Tamper resistant player for scrambled contents.
Mason Andrew H. (Hollis NH) Hall Judith S. (Sudbury MA) Robinson Paul T. (Arlington MA) Witek Richard T. (Littleton MA), Translation buffer for virtual machines with address space match.
Scott W. Devine ; Edouard Bugnion ; Mendel Rosenblum, Virtualization system including a virtual machine monitor for a computer with a segmented architecture.
Fresko, Nedim; Tuck, Richard D.; Long, Dean R. E., Hybrid system implementing distinct and co-existing application execution environments and methods for implementing the same.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.