Protection of application secrets
Number of patents in Portfolio can not be more than 2000
United States of America Patent
Stats
-
Jun 9, 2009
Grant Date -
Oct 16, 2003
app pub date -
Apr 12, 2002
filing date -
Apr 12, 2002
priority date (Note) -
In Force
status (Latency Note)
Importance
Abstract
A method and system for securely storing, managing, and sending critical application data (application secrets) are disclosed. The invention provides an application program interface (API) through which applications (code components) can request a secure store component (SSC) store an application secret, retrieve an application secret, and send an application secret from one code component to another. The SSC encrypts and stores the application secrets using a symmetric cipher algorithm with a key derived by combining machine-specific entropy and evidence associated with the application (or code component), using a mechanism such as a hashing function. When an application requests the SSC to return a stored application secret, the SSC decrypts the secret using a key derived from machine-specific entropy and evidence associated with the application requesting the secret. A secret owning application can also request the SSC to create an object storing the encrypted secret, evidence associated with an intended recipient, and evidence associated with the owning application, in order to send the application secret to another code component.
First Claim
Family
International Classification(s)
Cited Art Landscape
Patent Citation Ranking
Advertisement
Advertisement
Advertisement
Recipient Email Address
Recipient Email Address
Comment
Recipient Email Address
Add to Portfolio(s)
To add this patent to one, or more, of your portfolios, simply click the add button.
This Patent is in these Portfolios:
Add to additional portfolios:
Last Refreshed On:
Changes done successfully