公开(公告)号：CA2638979C

公开(公告)日：2017-06-06

申请号：CA2638979

申请日：2003-04-16

Applicant: IBM

Inventor： FOSTER ERIC M ,  HALL WILLIAM E ,  ROSU MARCEL-CATALIN

IPC: G06F21/57

Abstract: Techniques are provided for initializing, maintaining, updating and recovering secure operation within an integrated system. The techniques, which employ a data access control function within the integrated system, include authenticating by a current level of software a next level of software within an integrated system. The authenticating occurs before control is passed to the next level of software. Further, an ability of the next level of software to modify an operational characteristic of the integrated system can be selectively limited via the data access control function. Techniques are also provided for initializing secure operation of the integrated system, for migrating data encrypted using a first key set to data encrypted using a second key set, for updating software and keys within the integrated system, and for recovering integrated system functionality following a trigger event.

公开(公告)号：CA2638955C

公开(公告)日：2012-06-05

申请号：CA2638955

申请日：2003-04-16

Applicant: IBM

Inventor： FOSTER ERIC M ,  HALL WILLIAM E ,  ROSU MARCEL-CATALIN

IPC: G06F21/57 ,  G06F9/445 ,  H04L9/30

Abstract: Techniques are provided for initializing, maintaining, updating and recovering secure operation within an integrated system. The techniques, which employ a data access control function within the integrated system, include authenticating by a current level of software a next level of software within an integrated system. The authenticating occurs before control is passed to the next level of software. Further, an ability of the next level of software to modify an operational characteristic of the integrated system can be selectively limited via the data access control function. Techniques are also provided for initializing secure operation of the integrated system, for migrating data encrypted using a first key set to data encrypted using a second key set, for updating software and keys within the integrated system, and for recovering integrated system functionality following a trigger event.

公开(公告)号：CA2481569C

公开(公告)日：2008-10-07

申请号：CA2481569

申请日：2003-04-16

Applicant: IBM

Inventor： HALL WILLIAM E ,  FOSTER ERIC M ,  ROSU MARCEL-CATALIN

IPC: G06F21/00 ,  G06F21/24 ,  G06F1/00 ,  G06F11/30 ,  G06F12/14 ,  G06F15/00 ,  G06F21/20 ,  G06F21/22 ,  G09C1/00 ,  H04L20060101 ,  H04L9/00 ,  H04L9/32

Abstract: Techniques are provided for initializing, maintaining, updating and recovering secure operation within an integrated system (200). The techniques, which employ a data access control function (240) within the integrated system (200), include authenticating by a current level of software a next level of software within an integrated system. The authenticating occurs before control is passed to the next level of software. Further, an ability of the next level of f software to modify an operational characteristic of the integrated system can be selectively limited via the data access control function (240). Techniques are also provided for initializing secure operation of the integrated system (200), for migrating data encrypted using a first key set to data encrypted using a second key set, for updating software and keys within the integrated system (200), and for recovering integrated system (200) functionality following a trigger event.

公开(公告)号：CA2481569A1

公开(公告)日：2003-10-30

申请号：CA2481569

申请日：2003-04-16

Applicant: IBM

Inventor： ROSU MARCEL-CATALIN ,  HALL WILLIAM E ,  FOSTER ERIC M

IPC: G06F21/24 ,  G06F1/00 ,  G06F11/30 ,  G06F12/14 ,  G06F15/00 ,  G06F21/20 ,  G06F21/22 ,  G09C1/00 ,  H04L20060101 ,  H04L9/00 ,  H04L9/32

Abstract: Techniques are provided for initializing, maintaining, updating and recoveri ng secure operation within an integrated system (200). The techniques, which employ a data access control function (240) within the integrated system (200), include authenticating by a current level of software a next level of software within an integrated system. The authenticating occurs before contr ol is passed to the next level of software. Further, an ability of the next lev el of f software to modify an operational characteristic of the integrated syst em can be selectively limited via the data access control function (240). Techniques are also provided for initializing secure operation of the integrated system (200), for migrating data encrypted using a first key set to data encrypted using a second key set, for updating software and keys within the integrated system (200), and for recovering integrated system (200) functionality following a trigger event.