US20090034734A1 - Multi-Level Key Manager - Google Patents

Multi-Level Key Manager Download PDF

Info

Publication number
US20090034734A1
US20090034734A1 US12184062 US18406208A US2009034734A1 US 20090034734 A1 US20090034734 A1 US 20090034734A1 US 12184062 US12184062 US 12184062 US 18406208 A US18406208 A US 18406208A US 2009034734 A1 US2009034734 A1 US 2009034734A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
key
classification
cryptographic
processor
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12184062
Inventor
John R. Owens
John C. Andolina
Stuart N. Shanken
Richard L. Quintana
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ViaSat Inc
Original Assignee
ViaSat Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up

Abstract

A cryptographic device and method are disclosed for processing different levels of classified information. A memory caches keys for use in a cryptographic processor. The cryptographic processor requests a key associated with a particular classification level when processing a packet of the particular classification level. The cryptographic device confirms that the key and the packet are of the same classification level in a high-assurance manner. Checking header information of the keys one or more times is performed in one embodiment. Some embodiments authenticate the stored key in a high-assurance manner prior to providing the key to the cryptographic device.

Description

  • [0001]
    This application claims the benefit of and is a non-provisional of co-pending: U.S. Provisional Application Ser. No. 60/962,848 filed on Jul. 31, 2007; U.S. Provisional Application Ser. No. 61/026,438 filed on Feb. 5, 2008; U.S. Provisional Application Ser. No. 60/962,821 filed on Jul. 31, 2007; and U.S. Provisional Application Ser. No. 60/962,822 filed on Jul. 31, 2007; which are all hereby expressly incorporated by reference in their entirety for all purposes.
  • [0002]
    This application expressly incorporates by reference: U.S. Application Ser. No. ______, filed on an even day herewith, entitled “INPUT OUTPUT ACCESS CONTROLLER” (temporarily referenced by Attorney Docket No. 017018-017210US/VS-0245); and, U.S. Application Ser. No. ______, filed on an even day herewith, entitled “TRUSTED LABELER” (temporarily referenced by Attorney Docket No. 017018-014610US/VS-0246); in their entirety for all purposes.
  • BACKGROUND
  • [0003]
    This disclosure relates in general to secure computing systems and, more specifically to high-assurance access to keys at different classification levels amongst other things.
  • [0004]
    Governments classify information at different levels generally according to their sensitivity, for example, SECRET versus TOP SECRET. Users of the information are also classified by what level they are able to get access to. For example, someone with a SECRET clearance is not given access to TOP SECRET information. Procedures are put in place to avoid exposure to persons without the proper classification level.
  • [0005]
    In processing systems, physical security is used to prevent information of different classification levels from bleeding over to a different classification level. To process at multiple classification levels, there may be several devices running in parallel for each classification level. Devices that may be capable of running at multiple classification levels are run at one classification level, cleared out and then run at a different classification level. Intermixing of different classified information is generally taboo in these systems.
  • [0006]
    There are situations that require smaller cryptographic devices that can process different classification levels. Switching between classification levels takes time and slows down processing. Some have proposed trusted operating systems that can process information with more flexibility, but these solutions are avoided due to a lack of trust.
  • [0007]
    Different keys are required for each classification level to maintain the security of information in each classification level. The keys may be simply different values or could be used with different algorithms. Even if security is breached for one classification level, the unique keys and algorithms can keep information protected in the other classification levels safe.
  • SUMMARY
  • [0008]
    In an embodiment, a cryptographic device and method are disclosed for processing different levels of classified information. A memory caches keys for use in a cryptographic processor. The cryptographic processor requests a key associated with a particular classification level when processing a packet of the particular classification level. The cryptographic device confirms that the key and the packet are of the same classification level in a high-assurance manner. Checking header information of the keys one or more times is performed in one embodiment. Some embodiments authenticate the stored key in a high-assurance manner prior to providing the key to the cryptographic device.
  • [0009]
    In one embodiment, a cryptographic device for processing classified information having a number of different classification levels is disclosed. The cryptographic device includes a memory, a cryptographic processor and a key manager. The memory holds a number of keys outside of an integrated circuit. The plurality of keys are for the plurality of different classification levels. The cryptographic processor is part of the integrated circuit and uses the plurality of keys to process packets of information that are categorized according to the number of different classification levels. The key manager can access a plurality of rules associated with the plurality of different classification levels that regulate interaction with the plurality of keys. A first rule of the number of rules is used by the key manager in a first classification level of the number of different classification levels. A second rule of the number of rules is used by the key manager in a second classification level of the number of different classification levels.
  • [0010]
    In another embodiment, a method for processing classified information in a high-assurance manner is disclosed. In one step, a request is received for a first key by a cryptographic processor. A first rule from a number of rules is applied to a first sterile key retrieved from a memory. The first sterile key is decrypted with a first protection key to produce the first key. The first key is also checked with the first rule. The first key is provided to the cryptographic processor if the checking the first sterile key step and the checking the first key step are completed successfully. A request is received for a second key by the cryptographic processor. A second rule from the number of rules is applied to a second sterile key retrieved from the memory. The second sterile key is decrypted with a second protection key to produce the second key. The second key is also checked with the second rule. The second key is provided to the cryptographic processor if the checking the second sterile key step and the checking the second key step are completed successfully.
  • [0011]
    In yet another embodiment, a cryptographic device for processing information with a plurality of classification levels is disclosed. The cryptographic device includes a memory, a cryptographic processor and a key manager. The memory holds a number of keys that are used by a cryptographic processor to process packets of information that are correlated to the plurality of classification levels. The key manager includes a rule enforcement circuit and a key decryption circuit. The key manager retrieves a first key for a first packet being processed by the cryptographic processor. The first packet and the first key are of a first classification level. The rule enforcement circuit checks that the first key is designated for the first classification level before providing the first key to the cryptographic processor for processing the first packet. The key manager retrieves a second key for a second packet being processed by the cryptographic processor. The second packet and the second key are of a second classification level. The rule enforcement circuit checks that the second key is designated for the second classification level before providing the second key to the cryptographic processor for processing the second packet.
  • [0012]
    Further areas of applicability of the present disclosure will become apparent from the detailed description provided hereinafter. It should be understood that the detailed description and specific examples, while indicating various embodiments, are intended for purposes of illustration only and are not intended to necessarily limit the scope of the disclosure.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0013]
    The present disclosure is described in conjunction with the appended figures:
  • [0014]
    FIG. 1 depicts a block diagram of an embodiment of a cryptographic device;
  • [0015]
    FIG. 2 depicts a block diagram of an embodiment of a partitioned key cache;
  • [0016]
    FIG. 3 depicts a block diagram of an embodiment of a key manager;
  • [0017]
    FIG. 4 depicts a diagram of an embodiment of a key unscrambling process; and
  • [0018]
    FIG. 5 illustrates a flowchart of an embodiment of a process for operating the cryptographic device.
  • [0019]
    In the appended figures, similar components and/or features may have the same reference label. Further, various components of the same type may be distinguished by following the reference label by a dash and a second label that distinguishes among the similar components. If only the first reference label is used in the specification, the description is applicable to any one of the similar components having the same first reference label irrespective of the second reference label.
  • DETAILED DESCRIPTION
  • [0020]
    The ensuing description provides preferred exemplary embodiment(s) only, and is not intended to limit the scope, applicability or configuration of the disclosure. Rather, the ensuing description of the preferred exemplary embodiment(s) will provide those skilled in the art with an enabling description for implementing a preferred exemplary embodiment. It being understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope as set forth in the appended claims.
  • [0021]
    Referring first to FIG. 1, a block diagram of an embodiment of a cryptographic device 100 is shown. The cryptographic device 100 processes information of different classifications. Information in each classification level is kept separate or partitioned from information of other classification levels throughout the cryptographic device 100. Additionally, each classification level can use different cryptographic algorithms and/or keys. Several integrated circuits could be used to implement the cryptographic device 100 where at least a cryptographic processor 120 is in one integrated circuit and the partitioned key cache 116 is in another. Other embodiments could have the partitioned key cache 116 and cryptographic processor 120 as part of the same integrated circuit.
  • [0022]
    A cryptographic processor 120 is the circuit that performs encryption, decryption and/or bypass for the information that passes through it. Information may be a stream or packetized in cryptographic processor 120. The packets or streams are of different classification levels. The cryptographic processor 120 can reconfigure itself for the appropriate processing on a packet-by-packet basis. Different processing steps are set up for each classification level in a pipeline fashion by the cryptographic processor 120. The processing steps perform formatting and cryptographic processing with a number of different algorithms and/or keys. Some of these processing steps can be common to multiple classification levels such that the cryptographic processor 120 can potentially reuse the sub-circuits performing processing steps for the multiple classification levels.
  • [0023]
    A system bus 124 allows the processor 108 to communicate with a key manager 104, a partitioned key cache 116, an input/output (IO) access controller 112, and other peripherals that are not shown in the figure. The processor 108 communicates with the key manager 104, via the IO access controller 112, to access the partitioned key cache 116. Keys are loaded into the partitioned key cache 116 by the processor 104 in this embodiment and read by the cryptographic processor 120. Other embodiments could load the keys from an external source, for example.
  • [0024]
    The IO access controller 112 checks that the processor 108 or anything else using the system bus 124 is operating as expected. The processor 108 writes a state to the IO access controller 112. Each state is able to access peripherals defined by addresses or ranges of addresses. The IO access controller 112 checks that only the designated addresses are accessed by the processor 108 in a given state to assure that the interaction with the key manager 104 and partitioned key cache 116 to write keys is authorized. Each address or range of addresses can be designated for read only, write only or read and write accessible. The IO access controller 112 further understands how states transition through the state machine such that state transitions are also checked when the processor 108 is using the system bus 124.
  • [0025]
    There are states defined exclusive to the various classification levels. The cryptographic processor 120 performs certain key operations in certain states. The IO access controller 112 checks if an address range of a partitioned key cache 116 has been properly written by the processor based upon the current state. Table I gives an example of the states used for various classification levels. Additionally, the algorithm and key address is given in the table. These entries in the table serve as rules. For example, states four, seven and nine operate in a CONFIDENTIAL classification level using a DES cryptographic algorithm and the key at address forty-three in the partitioned key cache. The IO access controller 112 in this example would make sure the current states were one of states four, seven or nine when the processor 108 writes the key at address forty-three in the partitioned key cache 116. Where a violation were determined the IO access controller 112, the key could be zeroized and/or other remedial action could be taken.
  • [0000]
    TABLE I
    State Enforcement Rules
    State(s) Classification Algorithm Key Address
    1 TS AES 256 11
    2, 19 S AES 196 5
    3, 21 NC Triple DES 21
    4, 7, 9 C DES 43
  • [0026]
    As a packet passes through the cryptographic processor 120 certain algorithms use keys to perform the desired processing for that packet. The partitioned key cache 116 holds keys in a sterile or encrypted form. Sterilization puts the keys in a form that protects the encapsulated key even if recovered improperly. Various encryption algorithms could be used for sterilizing the keys. A key manager 104 is capable of deriving the key from the sterilized version. The partitioned key cache 116 could use dynamic random access memory (DRAM) or static random access memory (SRAM). This embodiment uses volatile RAM for the partitioned key cache 116 that is in a separate integrated circuit, but could be integral with the integrated circuit of the key manager 104 and/or cryptographic processor 120. The partitioned key cache 116 could be a segment of a larger memory used for other purposes in other embodiments.
  • [0027]
    A key manager 104 receives requests from the cryptographic processor 120 for keys used to process the various packets. The key manager 104 checks the requests, retrieves the sterilized key, reconstitutes the key, performs checks, and returns the key to the cryptographic processor 120. The key manager 104 is implemented in logic that is not reprogrammable during normal operation. To load keys into the partition key cache 116, the processor 108 interacts with the key manager 104 under the supervision of the IO access controller 112.
  • [0028]
    With reference to FIG. 2, a block diagram of an embodiment of a partitioned key cache 116 is shown. The partitioned key cache 116 has a number of partitions 204 defined. Those partitions map to peripherals or address ranges used by the IO access controller 112. A given classification level stores its keys in one partition 204 and is prevented from accessing other partitions 204. Although the partitioned key cache 116 is a single integrated circuit with a common interface in this embodiment, the partitioning enforces a logical separation in a high-assurance manner. Table II gives an example of the mapping between state, classification and partition 204. These mappings serve as rules. For example, state one operates at a TOP SECRET classification level and has access to partition B 204-2, which includes addresses eleven through twenty.
  • [0000]
    TABLE II
    State to Partition Mapping
    State(s) Classification Partition Addresses
    1 TS 11-20
    2, 19 S  1-10
    3, 21 NC 21-30
    4, 7, 9 C 31-45
  • [0029]
    Referring next to FIG. 3, a block diagram of an embodiment of a key manager 104 is shown. In a high-assurance manner, the key manager enforces logical separation of the partitioned key cache 116 where no physical separation of the interface to the partitioned key cache 116 exists. A key request interface 332 is coupled to the cryptographic processor 120 to receive requests for one or more particular key located at specified addresses in the partitioned key cache 116.
  • [0030]
    This embodiment includes a request validator 336 that checks the request to make sure the request is formatted correctly. Other embodiments of the request validator 336 could check that the classification level of the requesting packet matches the classification level of the partition 204 of the requested key. With a specified key location, a key memory interface 132 couples to the partitioned key cache 116 to retrieve the requested key. The sterile key is returned to a key buffer 308.
  • [0031]
    A rule enforcement circuit 336 includes a sterile key validator 304, a key decoder 324 and a reconstituted key validator 328. Multiple levels of checks are performed on the key before the key is provided to the cryptographic processor 120.
  • [0032]
    The sterile key validator 304 checks the classification level of the sterile key against the classification level of the packet that precipitated the request of the key. Essentially, the sterile key is checked to make sure it matches the type of processing being performed in the cryptographic processor 120 to provide high-assurance. The sterile key validator 304 could also match the algorithm and/or state as further rule checks in some embodiments.
  • [0033]
    A CRC, checksum or other validity value is appended to the sterile key in this embodiment when stored in the partitioned key cache 116. The software determines the validity value when writing the sterile key into the partitioned key cache 116. A check of the validity value allows conformation that information stored by the processor 108 was delivered accurately to the sterile key validator 304.
  • [0034]
    A key map database 316 holds information to validate the keys in their sterile or reconstituted form. The state, classification, address, algorithm, key length, header information, and/or other information could be stored in the key map database 316. A look-up table is used in one embodiment of the key map database 316. Where several keys are used for a given classification level, the finer granularity of state can confirm that the key is the correct one for a particular situation. For example, there could be a different state for each key. Other embodiments could provide granularity using two or more partitions 204 for a particular classification level.
  • [0035]
    A key decoder 324 converts the sterilized key from the partitioned key cache 116 into a reconstituted key that is ready for use by the cryptographic processor 120. A payload of the sterilized key is decrypted to produce a reconstituted key. A cache protection key store 320 holds a cache protection key for each classification level. Table III shows an example of the information stored in the cache protection key store 320. Other embodiments could have a different cache protection key for each sterilized key or one cache protection key for all keys.
  • [0000]
    TABLE III
    Cache Protection Keys
    State(s) Classification Random Key
    1 TS 19A5E9F45609DC90h
    2, 19 S AA5119A456870190h
    3, 21 N 78A5E49B56A093D0h
    4, 7, 9 C 15E456894309AE9F0h
  • [0036]
    Within the decrypted payload of the sterilized key is information that is checked by a reconstituted key validator 328. Additionally, a CRC, checksum or other validity value is embedded in the decrypted payload as a second validity value. The reconstituted key validator 328 also checks the second validity value. This additional check provides a further layer of high-assurance. Should the process pass all of its checks, the decrypted key is provide to the cryptographic processor 120 for use in processing the particular packet that requested the key.
  • [0037]
    With reference to FIG. 4, a diagram demonstrating an embodiment of a key unscrambling process 400 is shown. A sterile key 416 includes a sterile key header, a sterile key payload and a sterile key CRC, which serves as a validity value. All this information is stored in the partitioned key cache 116 by the processor 108. The sterile key header holds the classification level, the applicable encryption algorithm(s), and any additional key identifiers. Some embodiments may also include the memory address of the sterile key. The sterile key CRC is a validity value that is calculated on the whole sterile key header and sterile key payload such that any corruption can be discerned.
  • [0038]
    The sterile key payload is exclusive-ORed 324 with a cache protection key 420 from the cache protection key store 320 to decrypt the reconstituted key header, reconstituted key payload and reconstituted key CRC. Those items along with the sterile key header and sterile key CRC form the reconstituted key 404. The reconstituted key payload is the actual key that will be used by the cryptographic processor 120. The reconstituted key CRC is a validity value that allows checking that the fields of the reconstituted key 404 has not changed. The exclusive-OR key decoder 324 is just one example of a simple decryption function. Other embodiments may use any type of decryption function(s).
  • [0039]
    Referring next to FIG. 5, a flowchart of an embodiment of a process 500 for operating the cryptographic device 100 is shown. The depicted portion of the process is initiated in block 504 where the cryptographic processor 120 has a packet that uses a particular key, which is requested from the key manager 104. Some embodiments check the key request. In any event, the key is requested from the partitioned key cache 116 by the key manager 104. The address of the key requested falls within a particular partition 204.
  • [0040]
    The sterile key 416 is retrieved in block 516 from the partitioned key cache 116 in block 516. The sterile key header is checked in block 520 to determine if the classification matches the classification of the packet requesting the key. Additional checks are possible, for example, the sterile key CRC or validity value could be checked. Presuming the check in block 520 is successful, processing continues to block 524 where the sterile key payload is decrypted.
  • [0041]
    In the reconstituted key 404, the reconstituted key header is checked in block 528. Prior to the decoding block 524, the reconstituted key header was scrambled. Additionally, a reconstituted key CRC or validity value can be checked in some embodiments. If the check in block 528 passes, processing continues to block 532 where the key is returned the cryptographic processor 120.
  • [0042]
    Should any of the checks fail in blocks 520 or 528, the partitioned key cache 116 is erased and/or the cache protection key store 320 in block 536. Without the cache protection keys, the keys remain in a sterile form. Erasure of the cache protection keys can typically be performed much more quickly than the partitioned key cache 116. Further remedial action can be taken in block 540.
  • [0043]
    The above embodiments discuss processing at different classification levels. These classification levels could be government classification levels, but need not be necessarily so. A classification level is just a logical partition in the information passed. Any information that needs to be kept separate from other information could be in a separate classification level or logical partition.
  • [0044]
    While the principles of the disclosure have been described above in connection with specific apparatuses and methods, it is to be clearly understood that this description is made only by way of example and not as limitation on the scope of the disclosure.

Claims (20)

  1. 1. A cryptographic device for processing classified information having a plurality of different classification levels, the cryptographic device comprising:
    a memory holding a plurality of keys outside of an integrated circuit, wherein the plurality of keys are for the plurality of different classification levels;
    a cryptographic processor that is part of the integrated circuit, wherein the cryptographic processor uses the plurality of keys to process packets of information that are categorized according to the plurality of different classification levels; and
    a key manager, wherein:
    the key manager can access a plurality of rules associated with the plurality of different classification levels,
    the plurality of rules regulate interaction with the plurality of keys,
    a first rule of the plurality of rules is used by the key manager in a first classification level of the plurality of different classification levels, and
    a second rule of the plurality of rules is used by the key manager in a second classification level of the plurality of different classification levels.
  2. 2. The cryptographic device for processing classified information having the plurality of different classification levels as recited in claim 1, wherein:
    a first key accessed in the first classification level includes a header that is checked against the first rule, and
    the first key includes a coded header that is checked against the first rule.
  3. 3. The cryptographic device for processing classified information having the plurality of different classification levels as recited in claim 1, wherein the first and second keys are encrypted in the memory.
  4. 4. The cryptographic device for processing classified information having the plurality of different classification levels as recited in claim 1, wherein the plurality of keys are stored in an encrypted state.
  5. 5. The cryptographic device for processing classified information having the plurality of different classification levels as recited in claim 1, wherein the key manager further comprises a key decoder, which decrypts the plurality of keys before passing them to the cryptographic processor.
  6. 6. The cryptographic device for processing classified information having the plurality of different classification levels as recited in claim 1, further comprising an access controller, wherein the access controller checks that a predetermined state of operation is active while writing the first key to a partition of the memory.
  7. 7. A method for processing classified information in a high-assurance manner, the method comprising steps of:
    receiving a request for a first key by a cryptographic processor;
    choosing a first rule from a plurality of rules;
    retrieving a first sterile key from a memory;
    checking the first sterile key with the first rule;
    decrypting the first sterile key with a first protection key to produce the first key;
    checking the first key with the first rule;
    providing the first key to the cryptographic processor if the checking the first sterile key step and the checking the first key step are completed successfully;
    receiving a request for a second key by a cryptographic processor;
    choosing a second rule from the plurality of rules;
    retrieving the second sterile key from the memory;
    checking the second sterile key with the second rule;
    decrypting the second sterile key with a second protection key to produce a second key;
    checking the second key with the second rule; and
    providing the second key to the cryptographic processor if the checking the second sterile key step and the checking the second key step are completed successfully.
  8. 8. The method for processing classified information in the high-assurance manner as recited in claim 7, further comprising a step of erasing the first and second protection keys to zeroize utility of the first and second keys.
  9. 9. The method for processing classified information in the high-assurance manner as recited in claim 7, wherein the cryptographic processor is capable of processing multiple classification levels simultaneously in different packets.
  10. 10. The method for processing classified information in the high-assurance manner as recited in claim 7, wherein the first rule requires a classification level of a packet being processed with the cryptographic processor to match the classification level of the first key.
  11. 11. The method for processing classified information in the high-assurance manner as recited in claim 7, wherein:
    the first and second sterile keys are stored in a second integrated circuit, and
    the decrypting steps are performed in a first integrated circuit.
  12. 12. A cryptographic device for processing information with a plurality of classification levels, the cryptographic device comprising:
    a memory holding a plurality of keys;
    a cryptographic processor that uses the plurality of keys to process packets of information that are correlated to the plurality of classification levels; and
    a key manager that comprises a rule enforcement circuit and a key decryption circuit, wherein:
    the key manager retrieves a first key for a first packet being processed by the cryptographic processor,
    the first packet is of a first classification level,
    the first key is associated with the first classification level,
    the rule enforcement circuit checks that the first key is designated for the first classification level before providing the first key to the cryptographic processor for processing the first packet,
    the key manager retrieves a second key for a second packet being processed by the cryptographic processor,
    the second packet is of a second classification level,
    the second key is associated with the second classification level, and
    the rule enforcement circuit checks that the second key is designated for the second classification level before providing the second key to the cryptographic processor for processing the second packet.
  13. 13. The cryptographic device for processing information with the plurality of classification levels as recited in claim 12, wherein at least one of the first and second keys are stored in the memory in an unusable form.
  14. 14. The cryptographic device for processing information with the plurality of classification levels as recited in claim 12, wherein the key manager further comprises a key decoder that descrambles the first key before providing the first key to the cryptographic processor.
  15. 15. The cryptographic device for processing information with the plurality of classification levels as recited in claim 12, wherein the memory and the cryptographic processor are in different integrated circuit.
  16. 16. The cryptographic device for processing information with the plurality of classification levels as recited in claim 12, wherein:
    the plurality of keys are divided among a plurality of partitions in the memory, and
    each classification level has a different partition to logically separate keys of different classification levels.
  17. 17. The cryptographic device for processing information with the plurality of classification levels as recited in claim 12, wherein the plurality of classification levels includes a plurality of protection values that are each used to descramble the plurality of keys.
  18. 18. The cryptographic device for processing information with the plurality of classification levels as recited in claim 12, wherein the rule enforcement circuit checks the first key twice to confirm that the first classification level of the key matches the first classification level of the packet.
  19. 19. The cryptographic device for processing information with the plurality of classification levels as recited in claim 12, wherein the first and second keys are decrypted in the key manager.
  20. 20. The cryptographic device for processing information with the plurality of classification levels as recited in claim 12, wherein a header is used to designate the first key for the first classification level.
US12184062 2007-07-31 2008-07-31 Multi-Level Key Manager Abandoned US20090034734A1 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
US96282207 true 2007-07-31 2007-07-31
US96284807 true 2007-07-31 2007-07-31
US96282107 true 2007-07-31 2007-07-31
US2643808 true 2008-02-05 2008-02-05
US12184062 US20090034734A1 (en) 2007-07-31 2008-07-31 Multi-Level Key Manager

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US12184062 US20090034734A1 (en) 2007-07-31 2008-07-31 Multi-Level Key Manager

Publications (1)

Publication Number Publication Date
US20090034734A1 true true US20090034734A1 (en) 2009-02-05

Family

ID=39832694

Family Applications (3)

Application Number Title Priority Date Filing Date
US12184062 Abandoned US20090034734A1 (en) 2007-07-31 2008-07-31 Multi-Level Key Manager
US12184048 Active 2031-01-25 US8392983B2 (en) 2007-07-31 2008-07-31 Trusted labeler
US12184079 Active 2031-01-15 US8312292B2 (en) 2007-07-31 2008-07-31 Input output access controller

Family Applications After (2)

Application Number Title Priority Date Filing Date
US12184048 Active 2031-01-25 US8392983B2 (en) 2007-07-31 2008-07-31 Trusted labeler
US12184079 Active 2031-01-15 US8312292B2 (en) 2007-07-31 2008-07-31 Input output access controller

Country Status (2)

Country Link
US (3) US20090034734A1 (en)
WO (3) WO2009018481A1 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090158050A1 (en) * 2007-07-31 2009-06-18 Viasat, Inc. Trusted Labeler
US20120066509A1 (en) * 2010-09-10 2012-03-15 Douglas Edward Lapp Multi-level security software architecture
US20120069995A1 (en) * 2010-09-22 2012-03-22 Seagate Technology Llc Controller chip with zeroizable root key
US20120170750A1 (en) * 2007-09-14 2012-07-05 Security First Corp. Systems and methods for managing cryptographic keys
US8494168B1 (en) * 2008-04-28 2013-07-23 Netapp, Inc. Locating cryptographic keys stored in a cache
US9449180B2 (en) 1999-09-20 2016-09-20 Security First Corp. Secure data parser method and system
US20170041138A1 (en) * 2015-08-04 2017-02-09 Ge Aviation Systems Llc Cryptographic key server embedded in data transfer system
US20170075821A1 (en) * 2013-04-01 2017-03-16 Secturion Systems, Inc. Multi-level independent security architecture
US9798899B1 (en) 2013-03-29 2017-10-24 Secturion Systems, Inc. Replaceable or removable physical interface input/output module
US9858442B1 (en) 2013-03-29 2018-01-02 Secturion Systems, Inc. Multi-tenancy architecture

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100132047A1 (en) * 2008-11-24 2010-05-27 Honeywell International Inc. Systems and methods for tamper resistant memory devices
US8275996B1 (en) 2010-04-12 2012-09-25 Stephen Waller Melvin Incremental encryption of stored information
US8812875B1 (en) * 2010-04-12 2014-08-19 Stephen Melvin Virtual self-destruction of stored information
WO2013055872A3 (en) * 2011-10-12 2013-08-22 Raytheon Company An integrated circuit for cyber security processing

Citations (59)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4442484A (en) * 1980-10-14 1984-04-10 Intel Corporation Microprocessor memory management and protection mechanism
US4683532A (en) * 1984-12-03 1987-07-28 Honeywell Inc. Real-time software monitor and write protect controller
US5495533A (en) * 1994-04-29 1996-02-27 International Business Machines Corporation Personal key archive
US5905725A (en) * 1996-12-16 1999-05-18 Juniper Networks High speed switching device
US5991519A (en) * 1997-10-03 1999-11-23 Atmel Corporation Secure memory having multiple security levels
US6408001B1 (en) * 1998-10-21 2002-06-18 Lucent Technologies Inc. Method for determining label assignments for a router
US20030084309A1 (en) * 2001-10-22 2003-05-01 Sun Microsystems, Inc. Stream processor with cryptographic co-processor
US6604147B1 (en) * 2000-05-09 2003-08-05 Lucent Technologies Inc. Scalable IP edge router
US20040008685A1 (en) * 2002-07-03 2004-01-15 Nec Corporation Multi-protocol label switching device and multi-protocol switching method
US6704871B1 (en) * 1997-09-16 2004-03-09 Safenet, Inc. Cryptographic co-processor
US20040066781A1 (en) * 2002-10-07 2004-04-08 Broadcom Corporation Fast-path implementation for an uplink double tagging engine
US6751729B1 (en) * 1998-07-24 2004-06-15 Spatial Adventures, Inc. Automated operation and security system for virtual private networks
US20040258062A1 (en) * 2003-01-27 2004-12-23 Paolo Narvaez Method and device for the classification and redirection of data packets in a heterogeneous network
US6836548B1 (en) * 1991-10-29 2004-12-28 The Commonwealth Of Australia Communications security and trusted path method and means
US6854061B2 (en) * 1999-12-31 2005-02-08 International Business Machines Corporation Installing and controlling trial software
US20050031119A1 (en) * 2003-08-04 2005-02-10 Yuying Ding Method and communications device for secure group communication
US20050044252A1 (en) * 2002-12-19 2005-02-24 Floyd Geoffrey E. Packet classifier
US20050094643A1 (en) * 2003-11-05 2005-05-05 Xiaolin Wang Method of and apparatus for variable length data packet transmission with configurable adaptive output scheduling enabling transmission on the same transmission link(s) of differentiated services for various traffic types
US20050102546A1 (en) * 2003-11-07 2005-05-12 Patchen Paul J. System and method for handling state change conditions by a program status register
US20050198412A1 (en) * 2003-08-19 2005-09-08 General Dynamics Advanced Information Systems, Inc. Trusted interface unit (TIU) and method of making and using the same
US20060039335A1 (en) * 2004-08-20 2006-02-23 Fujitsu Limited Communication device simultaneously using plurality of routes corresponding to application characteristics
US20060075311A1 (en) * 2004-09-23 2006-04-06 Prashant Ranjan Techniques to perform error detection
US7055029B2 (en) * 1998-02-03 2006-05-30 Hewlett-Packard Development Company, L.P. Cryptographic system enabling ownership of a secure process
US20060114914A1 (en) * 2004-11-30 2006-06-01 Broadcom Corporation Pipeline architecture of a network device
US20060146706A1 (en) * 2005-01-06 2006-07-06 Enigma Semiconductor Method and apparatus for scheduling packets and/or cells
US20060190987A1 (en) * 2005-02-04 2006-08-24 Ntt Docomo, Inc. Client apparatus, device verification apparatus, and verification method
US20060251078A1 (en) * 2005-04-12 2006-11-09 Samsung Electronics Co., Ltd. Message transmission method and device in mixture of private network and public network
US20060294596A1 (en) * 2005-06-27 2006-12-28 Priya Govindarajan Methods, systems, and apparatus to detect unauthorized resource accesses
US20070014399A1 (en) * 2005-07-15 2007-01-18 Scheidt Edward M High assurance key management overlay
US20070067826A1 (en) * 2005-09-19 2007-03-22 Texas Instruments Incorporated Method and system for preventing unsecure memory accesses
US7213147B2 (en) * 2000-05-12 2007-05-01 Microsoft Corporation Methods and apparatus for managing secure collaborative transactions
US20070101142A1 (en) * 2003-02-03 2007-05-03 Sony Corporation Wireless adhoc communication system, terminal, authentication method for use in terminal, encryption method, terminal management method, and program for enabling terminal to perform those methods
US20070110069A1 (en) * 2005-11-12 2007-05-17 Electronics And Telecommunications Research Institute Method of blocking network attacks using packet information and apparatus thereof
US20070130458A1 (en) * 2002-06-17 2007-06-07 Digitalnet Government Solutions, Llc Trusted computer system
US20070156987A1 (en) * 2006-01-05 2007-07-05 Chen Iue-Shuenn I System and method for partitioning multiple logical memory regions with access control by a central control agent
US20070156999A1 (en) * 2005-12-30 2007-07-05 David Durham Identifier associated with memory locations for managing memory accesses
US20070157287A1 (en) * 2005-12-29 2007-07-05 Blue Jungle Techniques and System for Specifying Policies Using Abstractions
US20070220500A1 (en) * 2006-03-20 2007-09-20 Louisa Saunier Computer security method and computer system
US7274696B1 (en) * 2002-10-21 2007-09-25 Force10 Networks, Inc. Scalable redundant switch fabric architecture
US20070226795A1 (en) * 2006-02-09 2007-09-27 Texas Instruments Incorporated Virtual cores and hardware-supported hypervisor integrated circuits, systems, methods and processes of manufacture
US20070250904A1 (en) * 2006-04-19 2007-10-25 Thales Holdings Uk Plc Privacy protection system
US7322043B2 (en) * 2002-06-20 2008-01-22 Hewlett-Packard Development Company, L.P. Allowing an electronic device accessing a service to be authenticated
US20080019358A1 (en) * 2005-10-12 2008-01-24 Juniper Networks, Inc. Spoof checking within a label switching computer network
US20080077794A1 (en) * 2006-09-22 2008-03-27 International Business Machines Corporation Method for controlling security function execution with a flexible, entendable, and non-forgable block
US7356147B2 (en) * 2002-04-18 2008-04-08 International Business Machines Corporation Method, system and program product for attaching a title key to encrypted content for synchronized transmission to a recipient
US20080130534A1 (en) * 2006-11-30 2008-06-05 Kabushiki Kaisha Toshiba Data transmitting apparatus, data receiving apparatus, and data communication system
US20080215897A1 (en) * 2003-07-31 2008-09-04 International Business Machines Corporation Security Containers for Document Components
US7441262B2 (en) * 2002-07-11 2008-10-21 Seaway Networks Inc. Integrated VPN/firewall system
US20090037631A1 (en) * 2007-07-31 2009-02-05 Viasat, Inc. Input Output Access Controller
US20090214044A1 (en) * 2008-02-21 2009-08-27 Hitachi, Ltd. Data archiving technique for encrypted data
US20090249080A1 (en) * 2008-03-27 2009-10-01 General Instrument Corporation Methods, apparatus and system for authenticating a programmable hardware device and for authenticating commands received in the programmable hardware device from a secure processor
US20090282263A1 (en) * 2003-12-11 2009-11-12 Khan Moinul H Method and apparatus for a trust processor
US7636858B2 (en) * 2003-12-11 2009-12-22 Intel Corporation Management of a trusted cryptographic processor
US20100008499A1 (en) * 2007-04-06 2010-01-14 Lee Adam Y Method and apparatus for generating random data-encryption keys
US7660986B1 (en) * 1999-06-08 2010-02-09 General Instrument Corporation Secure control of security mode
US7715565B2 (en) * 2004-07-29 2010-05-11 Infoassure, Inc. Information-centric security
US7764672B2 (en) * 2003-03-19 2010-07-27 Hitachi, Ltd. Packet communication device
US7773754B2 (en) * 2002-07-08 2010-08-10 Broadcom Corporation Key management system and method
US7774619B2 (en) * 2004-11-17 2010-08-10 Broadcom Corporation Secure code execution using external memory

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6101255A (en) 1997-04-30 2000-08-08 Motorola, Inc. Programmable cryptographic processing system and method
JP4522548B2 (en) 2000-03-10 2010-08-11 富士通フロンテック株式会社 Access monitor device and access monitoring method
US6615329B2 (en) * 2001-07-11 2003-09-02 Intel Corporation Memory access control system, apparatus, and method
US7178033B1 (en) 2001-12-12 2007-02-13 Pss Systems, Inc. Method and apparatus for securing digital assets
US7089419B2 (en) * 2002-04-18 2006-08-08 International Business Machines Corporation Control function with multiple security states for facilitating secure operation of an integrated system
US7322042B2 (en) * 2003-02-07 2008-01-22 Broadon Communications Corp. Secure and backward-compatible processor and secure software execution thereon
JP4130799B2 (en) * 2003-12-24 2008-08-06 三星電子株式会社Samsung Electronics Co.,Ltd. Multi-beam semiconductor laser
US7542567B2 (en) * 2004-06-10 2009-06-02 Freescale Semiconductor, Inc. Method and apparatus for providing security in a data processing system
US7681226B2 (en) * 2005-01-28 2010-03-16 Cisco Technology, Inc. Methods and apparatus providing security for multiple operational states of a computerized device
US8190877B2 (en) * 2005-07-05 2012-05-29 Viasat, Inc. Trusted cryptographic processor
US20070245413A1 (en) * 2005-07-05 2007-10-18 Viasat, Inc. Trusted Cryptographic Switch
JP5202312B2 (en) 2005-07-06 2013-06-05 インターナショナル レクティフィアー コーポレイション The iii nitride enhancement-type device
US8041947B2 (en) * 2006-03-23 2011-10-18 Harris Corporation Computer architecture for an electronic device providing SLS access to MLS file system with trusted loading and protection of program execution memory

Patent Citations (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4442484A (en) * 1980-10-14 1984-04-10 Intel Corporation Microprocessor memory management and protection mechanism
US4683532A (en) * 1984-12-03 1987-07-28 Honeywell Inc. Real-time software monitor and write protect controller
US6836548B1 (en) * 1991-10-29 2004-12-28 The Commonwealth Of Australia Communications security and trusted path method and means
US5495533A (en) * 1994-04-29 1996-02-27 International Business Machines Corporation Personal key archive
US5905725A (en) * 1996-12-16 1999-05-18 Juniper Networks High speed switching device
US6704871B1 (en) * 1997-09-16 2004-03-09 Safenet, Inc. Cryptographic co-processor
US5991519A (en) * 1997-10-03 1999-11-23 Atmel Corporation Secure memory having multiple security levels
US7055029B2 (en) * 1998-02-03 2006-05-30 Hewlett-Packard Development Company, L.P. Cryptographic system enabling ownership of a secure process
US6751729B1 (en) * 1998-07-24 2004-06-15 Spatial Adventures, Inc. Automated operation and security system for virtual private networks
US6408001B1 (en) * 1998-10-21 2002-06-18 Lucent Technologies Inc. Method for determining label assignments for a router
US7660986B1 (en) * 1999-06-08 2010-02-09 General Instrument Corporation Secure control of security mode
US6854061B2 (en) * 1999-12-31 2005-02-08 International Business Machines Corporation Installing and controlling trial software
US6604147B1 (en) * 2000-05-09 2003-08-05 Lucent Technologies Inc. Scalable IP edge router
US7213147B2 (en) * 2000-05-12 2007-05-01 Microsoft Corporation Methods and apparatus for managing secure collaborative transactions
US20030084309A1 (en) * 2001-10-22 2003-05-01 Sun Microsystems, Inc. Stream processor with cryptographic co-processor
US7356147B2 (en) * 2002-04-18 2008-04-08 International Business Machines Corporation Method, system and program product for attaching a title key to encrypted content for synchronized transmission to a recipient
US20070130458A1 (en) * 2002-06-17 2007-06-07 Digitalnet Government Solutions, Llc Trusted computer system
US7322043B2 (en) * 2002-06-20 2008-01-22 Hewlett-Packard Development Company, L.P. Allowing an electronic device accessing a service to be authenticated
US20040008685A1 (en) * 2002-07-03 2004-01-15 Nec Corporation Multi-protocol label switching device and multi-protocol switching method
US7773754B2 (en) * 2002-07-08 2010-08-10 Broadcom Corporation Key management system and method
US7441262B2 (en) * 2002-07-11 2008-10-21 Seaway Networks Inc. Integrated VPN/firewall system
US20040066781A1 (en) * 2002-10-07 2004-04-08 Broadcom Corporation Fast-path implementation for an uplink double tagging engine
US7274696B1 (en) * 2002-10-21 2007-09-25 Force10 Networks, Inc. Scalable redundant switch fabric architecture
US20050044252A1 (en) * 2002-12-19 2005-02-24 Floyd Geoffrey E. Packet classifier
US20040258062A1 (en) * 2003-01-27 2004-12-23 Paolo Narvaez Method and device for the classification and redirection of data packets in a heterogeneous network
US20070101142A1 (en) * 2003-02-03 2007-05-03 Sony Corporation Wireless adhoc communication system, terminal, authentication method for use in terminal, encryption method, terminal management method, and program for enabling terminal to perform those methods
US7764672B2 (en) * 2003-03-19 2010-07-27 Hitachi, Ltd. Packet communication device
US20080215897A1 (en) * 2003-07-31 2008-09-04 International Business Machines Corporation Security Containers for Document Components
US20050031119A1 (en) * 2003-08-04 2005-02-10 Yuying Ding Method and communications device for secure group communication
US20050198412A1 (en) * 2003-08-19 2005-09-08 General Dynamics Advanced Information Systems, Inc. Trusted interface unit (TIU) and method of making and using the same
US20050094643A1 (en) * 2003-11-05 2005-05-05 Xiaolin Wang Method of and apparatus for variable length data packet transmission with configurable adaptive output scheduling enabling transmission on the same transmission link(s) of differentiated services for various traffic types
US20050102546A1 (en) * 2003-11-07 2005-05-12 Patchen Paul J. System and method for handling state change conditions by a program status register
US20090282263A1 (en) * 2003-12-11 2009-11-12 Khan Moinul H Method and apparatus for a trust processor
US7636858B2 (en) * 2003-12-11 2009-12-22 Intel Corporation Management of a trusted cryptographic processor
US7715565B2 (en) * 2004-07-29 2010-05-11 Infoassure, Inc. Information-centric security
US20060039335A1 (en) * 2004-08-20 2006-02-23 Fujitsu Limited Communication device simultaneously using plurality of routes corresponding to application characteristics
US20060075311A1 (en) * 2004-09-23 2006-04-06 Prashant Ranjan Techniques to perform error detection
US7774619B2 (en) * 2004-11-17 2010-08-10 Broadcom Corporation Secure code execution using external memory
US20060114914A1 (en) * 2004-11-30 2006-06-01 Broadcom Corporation Pipeline architecture of a network device
US20060146706A1 (en) * 2005-01-06 2006-07-06 Enigma Semiconductor Method and apparatus for scheduling packets and/or cells
US20060190987A1 (en) * 2005-02-04 2006-08-24 Ntt Docomo, Inc. Client apparatus, device verification apparatus, and verification method
US20060251078A1 (en) * 2005-04-12 2006-11-09 Samsung Electronics Co., Ltd. Message transmission method and device in mixture of private network and public network
US20060294596A1 (en) * 2005-06-27 2006-12-28 Priya Govindarajan Methods, systems, and apparatus to detect unauthorized resource accesses
US20070014399A1 (en) * 2005-07-15 2007-01-18 Scheidt Edward M High assurance key management overlay
US20070067826A1 (en) * 2005-09-19 2007-03-22 Texas Instruments Incorporated Method and system for preventing unsecure memory accesses
US20080019358A1 (en) * 2005-10-12 2008-01-24 Juniper Networks, Inc. Spoof checking within a label switching computer network
US20070110069A1 (en) * 2005-11-12 2007-05-17 Electronics And Telecommunications Research Institute Method of blocking network attacks using packet information and apparatus thereof
US20070157287A1 (en) * 2005-12-29 2007-07-05 Blue Jungle Techniques and System for Specifying Policies Using Abstractions
US20070156999A1 (en) * 2005-12-30 2007-07-05 David Durham Identifier associated with memory locations for managing memory accesses
US20070156987A1 (en) * 2006-01-05 2007-07-05 Chen Iue-Shuenn I System and method for partitioning multiple logical memory regions with access control by a central control agent
US20070226795A1 (en) * 2006-02-09 2007-09-27 Texas Instruments Incorporated Virtual cores and hardware-supported hypervisor integrated circuits, systems, methods and processes of manufacture
US20070220500A1 (en) * 2006-03-20 2007-09-20 Louisa Saunier Computer security method and computer system
US20070250904A1 (en) * 2006-04-19 2007-10-25 Thales Holdings Uk Plc Privacy protection system
US20080077794A1 (en) * 2006-09-22 2008-03-27 International Business Machines Corporation Method for controlling security function execution with a flexible, entendable, and non-forgable block
US20080130534A1 (en) * 2006-11-30 2008-06-05 Kabushiki Kaisha Toshiba Data transmitting apparatus, data receiving apparatus, and data communication system
US20100008499A1 (en) * 2007-04-06 2010-01-14 Lee Adam Y Method and apparatus for generating random data-encryption keys
US20090158050A1 (en) * 2007-07-31 2009-06-18 Viasat, Inc. Trusted Labeler
US20090037631A1 (en) * 2007-07-31 2009-02-05 Viasat, Inc. Input Output Access Controller
US20090214044A1 (en) * 2008-02-21 2009-08-27 Hitachi, Ltd. Data archiving technique for encrypted data
US20090249080A1 (en) * 2008-03-27 2009-10-01 General Instrument Corporation Methods, apparatus and system for authenticating a programmable hardware device and for authenticating commands received in the programmable hardware device from a secure processor

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9449180B2 (en) 1999-09-20 2016-09-20 Security First Corp. Secure data parser method and system
US9613220B2 (en) 1999-09-20 2017-04-04 Security First Corp. Secure data parser method and system
US20090158050A1 (en) * 2007-07-31 2009-06-18 Viasat, Inc. Trusted Labeler
US8312292B2 (en) 2007-07-31 2012-11-13 Viasat, Inc. Input output access controller
US8392983B2 (en) 2007-07-31 2013-03-05 Viasat, Inc. Trusted labeler
US20120170750A1 (en) * 2007-09-14 2012-07-05 Security First Corp. Systems and methods for managing cryptographic keys
US9397827B2 (en) * 2007-09-14 2016-07-19 Security First Corp. Systems and methods for managing cryptographic keys
US8494168B1 (en) * 2008-04-28 2013-07-23 Netapp, Inc. Locating cryptographic keys stored in a cache
US9129121B2 (en) 2008-04-28 2015-09-08 Netapp, Inc. Locating cryptographic keys stored in a cache
US9430659B2 (en) 2008-04-28 2016-08-30 Netapp, Inc. Locating cryptographic keys stored in a cache
US8478997B2 (en) * 2010-09-10 2013-07-02 Raytheon Company Multi-level security software architecture
US20120066509A1 (en) * 2010-09-10 2012-03-15 Douglas Edward Lapp Multi-level security software architecture
EP2428910A3 (en) * 2010-09-10 2016-06-08 Raytheon Cyber Products, LLC Multi-level security data processing architecture
US20120069995A1 (en) * 2010-09-22 2012-03-22 Seagate Technology Llc Controller chip with zeroizable root key
US9798899B1 (en) 2013-03-29 2017-10-24 Secturion Systems, Inc. Replaceable or removable physical interface input/output module
US9858442B1 (en) 2013-03-29 2018-01-02 Secturion Systems, Inc. Multi-tenancy architecture
US20170075821A1 (en) * 2013-04-01 2017-03-16 Secturion Systems, Inc. Multi-level independent security architecture
US20170041138A1 (en) * 2015-08-04 2017-02-09 Ge Aviation Systems Llc Cryptographic key server embedded in data transfer system

Also Published As

Publication number Publication date Type
WO2009018483A1 (en) 2009-02-05 application
WO2009018481A1 (en) 2009-02-05 application
WO2009018479A1 (en) 2009-02-05 application
US20090158050A1 (en) 2009-06-18 application
US8392983B2 (en) 2013-03-05 grant
WO2009018479A4 (en) 2009-04-30 application
US8312292B2 (en) 2012-11-13 grant
US20090037631A1 (en) 2009-02-05 application

Similar Documents

Publication Publication Date Title
Suh et al. AEGIS: A single-chip secure processor
US4941176A (en) Secure management of keys using control vectors
US7073059B2 (en) Secure machine platform that interfaces to operating systems and customized control programs
US8005227B1 (en) Key information consistency checking in encrypting data storage system
US20020174369A1 (en) Trusted computer system
US7051211B1 (en) Secure software distribution and installation
US20090038017A1 (en) Secure vault service for software components within an execution environment
US6715085B2 (en) Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
US20030163711A1 (en) Multi-token seal and unseal
US20040054914A1 (en) Method and apparatus for in-line serial data encryption
US20040003273A1 (en) Sleep protection
US20100037069A1 (en) Integrated Cryptographic Security Module for a Network Node
US7082539B1 (en) Information processing apparatus
US20060232826A1 (en) Method, device, and system of selectively accessing data
US20060265733A1 (en) Method and apparatus for security policy and enforcing mechanism for a set-top box security processor
US20060107047A1 (en) Method, device, and system of securely storing data
US20050076226A1 (en) Computing device that securely runs authorized software
US5224166A (en) System for seamless processing of encrypted and non-encrypted data and instructions
US20060005047A1 (en) Memory encryption architecture
US20080189560A1 (en) Secure data access methods and apparatus
US6948065B2 (en) Platform and method for securely transmitting an authorization secret
US20020038429A1 (en) Data integrity mechanisms for static and dynamic data
US20040186994A1 (en) Cryptographically protected paging system
US7082615B1 (en) Protecting software environment in isolated execution
US6851056B2 (en) Control function employing a requesting master id and a data address to qualify data access within an integrated system

Legal Events

Date Code Title Description
AS Assignment

Owner name: VIASAT, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:OWENS, JOHN R.;ANDOLINA, JOHN C.;SHANKEN, STUART N.;AND OTHERS;REEL/FRAME:021499/0783;SIGNING DATES FROM 20080813 TO 20080828