JP4841563B2 - 暗号機能を実行するためのデータ処理システム、方法、およびコンピュータ・プログラム - Google Patents

暗号機能を実行するためのデータ処理システム、方法、およびコンピュータ・プログラム Download PDF

Info

Publication number
JP4841563B2
JP4841563B2 JP2007546014A JP2007546014A JP4841563B2 JP 4841563 B2 JP4841563 B2 JP 4841563B2 JP 2007546014 A JP2007546014 A JP 2007546014A JP 2007546014 A JP2007546014 A JP 2007546014A JP 4841563 B2 JP4841563 B2 JP 4841563B2
Authority
JP
Japan
Prior art keywords
smart key
storage medium
removable storage
hardware security
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2007546014A
Other languages
English (en)
Japanese (ja)
Other versions
JP2008524886A5 (enExample
JP2008524886A (ja
Inventor
ベイド、スティーヴン
チョア、チン−ユン
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of JP2008524886A publication Critical patent/JP2008524886A/ja
Publication of JP2008524886A5 publication Critical patent/JP2008524886A5/ja
Application granted granted Critical
Publication of JP4841563B2 publication Critical patent/JP4841563B2/ja
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
JP2007546014A 2004-12-16 2005-11-30 暗号機能を実行するためのデータ処理システム、方法、およびコンピュータ・プログラム Expired - Fee Related JP4841563B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US11/014,559 US7386736B2 (en) 2004-12-16 2004-12-16 Method and system for using a compact disk as a smart key device
US11/014,559 2004-12-16
PCT/EP2005/056360 WO2006063935A1 (en) 2004-12-16 2005-11-30 Method and system for using a compact disk as a smart key device

Publications (3)

Publication Number Publication Date
JP2008524886A JP2008524886A (ja) 2008-07-10
JP2008524886A5 JP2008524886A5 (enExample) 2008-09-18
JP4841563B2 true JP4841563B2 (ja) 2011-12-21

Family

ID=35896395

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2007546014A Expired - Fee Related JP4841563B2 (ja) 2004-12-16 2005-11-30 暗号機能を実行するためのデータ処理システム、方法、およびコンピュータ・プログラム

Country Status (4)

Country Link
US (2) US7386736B2 (enExample)
JP (1) JP4841563B2 (enExample)
CN (1) CN100478975C (enExample)
WO (1) WO2006063935A1 (enExample)

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7779039B2 (en) 2004-04-02 2010-08-17 Salesforce.Com, Inc. Custom entities and fields in a multi-tenant database system
US7849326B2 (en) * 2004-01-08 2010-12-07 International Business Machines Corporation Method and system for protecting master secrets using smart key devices
US7711951B2 (en) * 2004-01-08 2010-05-04 International Business Machines Corporation Method and system for establishing a trust framework based on smart key devices
US7475247B2 (en) * 2004-12-16 2009-01-06 International Business Machines Corporation Method for using a portable computing device as a smart key device
US20100215176A1 (en) * 2005-06-10 2010-08-26 Stephen Wilson Means and method for controlling the distribution of unsolicited electronic communications
US9009078B2 (en) * 2005-08-17 2015-04-14 Kurzweil/Intellitools, Inc. Optical character recognition technique for protected viewing of digital files
US10733308B2 (en) * 2005-08-17 2020-08-04 Cambium Learning, Inc. Tags for unlocking digital content
US10296854B2 (en) * 2005-08-17 2019-05-21 Cambium Learning, Inc. Techniques for protected viewing of digital files
US7861307B2 (en) * 2005-08-17 2010-12-28 Kurzweil Educational Systems, Inc. Unlocking digital content on remote systems
WO2007023420A1 (en) 2005-08-23 2007-03-01 Koninklijke Philips Electronics N.V. Information carrier authentication with a physical one-way function
US7949684B2 (en) 2005-09-09 2011-05-24 Salesforce.Com, Inc. Systems and methods for exporting, publishing, browsing and installing on-demand applications in a multi-tenant database environment
US7647336B2 (en) * 2006-02-09 2010-01-12 International Business Machines Corporation Creating a real-time class package to class archive file mapping index
US7624440B2 (en) * 2006-08-01 2009-11-24 Emt Llc Systems and methods for securely providing and/or accessing information
DE102007015788B3 (de) * 2007-03-30 2008-10-23 Fm Marketing Gmbh Multimedia-Einrichtung und Verfahren zur Datenübertragung bei einer Multimedia-Einrichtung
US7930554B2 (en) 2007-05-31 2011-04-19 Vasco Data Security,Inc. Remote authentication and transaction signatures
US9069990B2 (en) * 2007-11-28 2015-06-30 Nvidia Corporation Secure information storage system and method
US9158896B2 (en) * 2008-02-11 2015-10-13 Nvidia Corporation Method and system for generating a secure key
US9069706B2 (en) * 2008-02-11 2015-06-30 Nvidia Corporation Confidential information protection system and method
US8719585B2 (en) * 2008-02-11 2014-05-06 Nvidia Corporation Secure update of boot image without knowledge of secure key
US20090204801A1 (en) * 2008-02-11 2009-08-13 Nvidia Corporation Mechanism for secure download of code to a locked system
US20090204803A1 (en) * 2008-02-11 2009-08-13 Nvidia Corporation Handling of secure storage key in always on domain
US9613215B2 (en) 2008-04-10 2017-04-04 Nvidia Corporation Method and system for implementing a secure chain of trust
CN101796766A (zh) * 2008-07-01 2010-08-04 松下电器产业株式会社 驱动器装置、内容再现装置、记录装置、数据读取方法、程序、记录介质及集成电路
US8667280B2 (en) * 2010-02-24 2014-03-04 Ca, Inc. Method and apparatus for applying a partial password in a multi-factor authentication scheme
EP2365456B1 (en) * 2010-03-11 2016-07-20 CompuGroup Medical SE Data structure, method and system for predicting medical conditions
WO2011145011A1 (en) * 2010-05-19 2011-11-24 Koninklijke Philips Electronics N.V. Attribute-based digital signature system
WO2012034250A1 (en) * 2010-09-13 2012-03-22 City University Of Hong Kong Secure data in removable storage devices via encryption token(s)
US9489924B2 (en) 2012-04-19 2016-11-08 Nvidia Corporation Boot display device detection and selection techniques in multi-GPU devices
EP3054701B1 (en) * 2013-09-30 2020-04-01 Sony Corporation Receiver device, broadcast device, server device and reception method
US20150193620A1 (en) * 2014-01-07 2015-07-09 Dell Products, Lp System and Method for Managing UEFI Secure Boot Certificates
DE102014204252A1 (de) * 2014-03-07 2015-09-10 Bundesdruckerei Gmbh Sicherheitssystem mit Zugriffskontrolle
US10116446B2 (en) * 2015-08-04 2018-10-30 Ge Aviation Systems Llc Cryptographic ignition key (CIK) embedded in removable data cartridge
US10002257B2 (en) 2015-08-04 2018-06-19 Ge Aviation Systems Llc Cryptographic key loader embedded in removable data cartridge
US10972262B2 (en) 2015-12-30 2021-04-06 T-Mobile Usa, Inc. Persona and device based certificate management
US10652023B2 (en) * 2015-12-30 2020-05-12 T-Mobile Usa, Inc. Persona and device based certificate management
US10764063B2 (en) * 2016-04-13 2020-09-01 Rockwell Automation Technologies, Inc. Device specific cryptographic content protection
US10642988B2 (en) * 2016-08-04 2020-05-05 Honeywell International Inc. Removable media protected data transfer in a cyber-protected system
CN107359992A (zh) * 2017-08-23 2017-11-17 合肥中盈信息工程有限公司 一种基于密钥控制和监控请求的电源柜监管系统
EP3537323A1 (de) * 2018-03-09 2019-09-11 Siemens Aktiengesellschaft Projektbezogenes zertifikatsmanagement
US11030280B2 (en) * 2018-08-01 2021-06-08 Microsoft Technology Licensing, Llc Hardware based identities for software modules
CN110245466B (zh) * 2019-06-19 2021-08-24 苏州科达科技股份有限公司 软件完整性保护和验证方法、系统、设备及存储介质
US11601288B1 (en) * 2019-08-21 2023-03-07 Cox Communications, Inc. On-demand security certificates for improved home router security
US11341247B2 (en) 2019-08-27 2022-05-24 Red Hat, Inc. Use of a trusted execution environment as a safe build environment
CN113784343B (zh) * 2020-05-22 2023-06-20 华为技术有限公司 保护通信的方法和装置
CN116032484B (zh) * 2022-12-07 2024-12-24 四川恒湾科技有限公司 一种通信设备安全启动的方法、装置和电子设备

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002536757A (ja) * 1999-02-15 2002-10-29 ヒューレット・パッカード・カンパニー 信用コンピューティング・プラットフォーム
WO2003073688A1 (en) * 2002-02-22 2003-09-04 Emc Corporation Authenticating hardware devices incorporating digital certificates
JP2004320593A (ja) * 2003-04-18 2004-11-11 Sony Computer Entertainment Inc 通信管理システムおよび方法

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4218582A (en) * 1977-10-06 1980-08-19 The Board Of Trustees Of The Leland Stanford Junior University Public key cryptographic apparatus and method
US4817140A (en) * 1986-11-05 1989-03-28 International Business Machines Corp. Software protection system using a single-key cryptosystem, a hardware-based authorization system and a secure coprocessor
US5396558A (en) * 1992-09-18 1995-03-07 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards
US5787172A (en) * 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US5905799A (en) * 1994-07-20 1999-05-18 Bell Atlantic Network Services, Inc. Programmed computer for identity verification, forming joint signatures and session key agreement in an RSA public cryptosystem
US5604801A (en) * 1995-02-03 1997-02-18 International Business Machines Corporation Public key data communications system under control of a portable security device
US6615350B1 (en) * 1998-03-23 2003-09-02 Novell, Inc. Module authentication and binding library extensions
US6607136B1 (en) * 1998-09-16 2003-08-19 Beepcard Inc. Physical presence digital authentication system
DE60007724T3 (de) 1999-03-05 2011-06-09 Hewlett-Packard Development Co., L.P., Houston Chipkarten-benutzerschnittstelle für eine vertraute computerplattform
AU6985601A (en) * 2000-06-16 2002-01-02 Mindport Usa Methods and systems to distribute content via a network utilizing distributed conditional access agents and secure agents, and to perform digital rights management (drm)
US6832730B2 (en) * 2001-07-27 2004-12-21 Storcard, Inc. Smart card with rotating storage
US6607707B2 (en) * 2001-08-15 2003-08-19 Ovonic Battery Company, Inc. Production of hydrogen from hydrocarbons and oxygenated hydrocarbons
US20030108205A1 (en) * 2001-12-07 2003-06-12 Bryan Joyner System and method for providing encrypted data to a device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002536757A (ja) * 1999-02-15 2002-10-29 ヒューレット・パッカード・カンパニー 信用コンピューティング・プラットフォーム
WO2003073688A1 (en) * 2002-02-22 2003-09-04 Emc Corporation Authenticating hardware devices incorporating digital certificates
JP2004320593A (ja) * 2003-04-18 2004-11-11 Sony Computer Entertainment Inc 通信管理システムおよび方法

Also Published As

Publication number Publication date
US20090327763A1 (en) 2009-12-31
US7908492B2 (en) 2011-03-15
CN101044490A (zh) 2007-09-26
CN100478975C (zh) 2009-04-15
WO2006063935A1 (en) 2006-06-22
US20060136748A1 (en) 2006-06-22
JP2008524886A (ja) 2008-07-10
US7386736B2 (en) 2008-06-10

Similar Documents

Publication Publication Date Title
JP4841563B2 (ja) 暗号機能を実行するためのデータ処理システム、方法、およびコンピュータ・プログラム
US8112628B2 (en) Using a portable computing device as a smart key device
US7711951B2 (en) Method and system for establishing a trust framework based on smart key devices
US7849326B2 (en) Method and system for protecting master secrets using smart key devices
Sandhu et al. Peer-to-peer access control architecture using trusted computing technology
JP5060652B2 (ja) 呼び出しプログラムについての秘密の封印解除方法
JP4278327B2 (ja) コンピュータ・プラットフォームおよびその運用方法
JP4689945B2 (ja) リソースアクセス方法
CN101202762B (zh) 用于存储和检索身份映射信息的方法和系统
US7797544B2 (en) Attesting to establish trust between computer entities
US6335972B1 (en) Framework-based cryptographic key recovery system
US8171295B2 (en) Information processing apparatus, a server apparatus, a method of an information processing apparatus, a method of a server apparatus, and an apparatus executable process
JP4550147B2 (ja) コンポーネントをロードするための方法、システム及び記録媒体
CN1659495B (zh) 数据中心内平台的包容性确认
CN1326629A (zh) 鉴定及利用计算机系统安全资源的方法和系统
JP2002312242A (ja) コンピュータ・デバイス認証のシステムおよび方法
KR20070112432A (ko) 런타임 패키지 서명에서 트러스트된, 하드웨어 기반의 신원증명을 사용하여 모바일 통신과 고액 거래 실행을 보안처리하기 위한 방법
CN1446418A (zh) 保密任意通信业务
Leiwo et al. A security design for a wide-area distributed system
Wang Research on the Application of Engine Mechanism in Secure Communication of Internet of Vehicles
Chawla Registration and Authentication Protocol for OCEAN:(Open Computation Exchange and Auctioning Network)
Kuntur Security of DaAgent system

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20080731

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20080731

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20110531

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20110817

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20110830

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20110920

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20111004

R150 Certificate of patent or registration of utility model

Ref document number: 4841563

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

Free format text: JAPANESE INTERMEDIATE CODE: R150

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20141014

Year of fee payment: 3

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

LAPS Cancellation because of no payment of annual fees