公开(公告)号：CA2481569C

公开(公告)日：2008-10-07

申请号：CA2481569

申请日：2003-04-16

Applicant: IBM

Inventor： HALL WILLIAM E ,  FOSTER ERIC M ,  ROSU MARCEL-CATALIN

IPC: G06F21/00 ,  G06F21/24 ,  G06F1/00 ,  G06F11/30 ,  G06F12/14 ,  G06F15/00 ,  G06F21/20 ,  G06F21/22 ,  G09C1/00 ,  H04L20060101 ,  H04L9/00 ,  H04L9/32

Abstract: Techniques are provided for initializing, maintaining, updating and recovering secure operation within an integrated system (200). The techniques, which employ a data access control function (240) within the integrated system (200), include authenticating by a current level of software a next level of software within an integrated system. The authenticating occurs before control is passed to the next level of software. Further, an ability of the next level of f software to modify an operational characteristic of the integrated system can be selectively limited via the data access control function (240). Techniques are also provided for initializing secure operation of the integrated system (200), for migrating data encrypted using a first key set to data encrypted using a second key set, for updating software and keys within the integrated system (200), and for recovering integrated system (200) functionality following a trigger event.

公开(公告)号：AU2003230960A1

公开(公告)日：2003-11-03

申请号：AU2003230960

申请日：2003-04-16

Applicant: IBM

Inventor： EVANS EDWARD K ,  FOSTER ERIC M ,  FRANKLIN DENNIS E ,  HALL WILLIAM E

IPC: G06F21/24 ,  G06F12/14 ,  G06F13/36 ,  G06F21/00 ,  G06F11/30 ,  H04L9/32

Abstract: An access control function for an integrated system is provided which determines data access based on the master id of a requesting master within the system and the address of the data. The access control function can be inserted, for example, into the data transfer path between bus control logic and one or more slaves. In addition to determining whether to grant access to the data, the access control function can further qualify the access by selectively implementing encryption and decryption of data, again dependent on the data authorization level for the particular functional master initiating the request for data.

公开(公告)号：CA2481569A1

公开(公告)日：2003-10-30

申请号：CA2481569

申请日：2003-04-16

Applicant: IBM

Inventor： ROSU MARCEL-CATALIN ,  HALL WILLIAM E ,  FOSTER ERIC M

IPC: G06F21/24 ,  G06F1/00 ,  G06F11/30 ,  G06F12/14 ,  G06F15/00 ,  G06F21/20 ,  G06F21/22 ,  G09C1/00 ,  H04L20060101 ,  H04L9/00 ,  H04L9/32

Abstract: Techniques are provided for initializing, maintaining, updating and recoveri ng secure operation within an integrated system (200). The techniques, which employ a data access control function (240) within the integrated system (200), include authenticating by a current level of software a next level of software within an integrated system. The authenticating occurs before contr ol is passed to the next level of software. Further, an ability of the next lev el of f software to modify an operational characteristic of the integrated syst em can be selectively limited via the data access control function (240). Techniques are also provided for initializing secure operation of the integrated system (200), for migrating data encrypted using a first key set to data encrypted using a second key set, for updating software and keys within the integrated system (200), and for recovering integrated system (200) functionality following a trigger event.