-
公开(公告)号:DE68926005T2
公开(公告)日:1996-10-17
申请号:DE68926005
申请日:1989-08-09
Applicant: IBM
Inventor: MATYAS STEPHEN M , ABRAHAM DENNIS G , JOHNSON DONALD B , KARNE RAMESH K , LE AN V , PRYMAK ROSTISLAW , THOMAS JULIAN , WILKINS JOHN D , YEH PHIL C , SMITH RONALD M , WHITE STEVE R , ARNOLD WILLIAM C
Abstract: Arrangements are disclosed for validating that key management functions requested for a cryptographic key by the program have been authorised by the originator of the key. The invention includes a cryptographic facility characterised by a secure boundary through which passes an input path for receiving the cryptographic service requests, cryptographic keys and their associated control vectors, and an output path for providing responses thereto. There can be included within the boundary a cryptographic instruction storage coupled to the input path, a control vector checking unit and a cryptographic processing unit coupled to the instruction storage, and a master key storage coupled to the processing means, for providing a secure location for executing key management functions in response to the received service requests. The cryptographic instruction storage receives over the input path a cryptographic service request for performing a key management function on a cryptographic key. The control vector checking unit has an input coupled to the input path for receiving a control vector associated with the cryptographic key and an input connected to the cryptographic instruction storage, for receiving control signals to initiate checking that the control vector authorises the key management function which is requested by the cryptographic service request. The control vector checking unit has an authorisation output connected to an input of the cryptographic processing means, for signalling that the key management function is authorised, the receipt of which by the cryptographic processing unit initiates the performance of the requested key management function with the cryptographic key. The invention enables the flexible control of many cryptographic key management functions in the generation, distribution and use of cryptographic keys, while maintaining a high security standard.
-
公开(公告)号:DE68922884D1
公开(公告)日:1995-07-06
申请号:DE68922884
申请日:1989-08-09
Applicant: IBM
Inventor: MATYAS STEPHEN M , JOHNSON DONALD B , ABRAHAM DENNIS G , KARNE RAMESH K , LE AN V , PRYMAK ROSTISLAW , THOMAS JULIAN , WILKINS JOHN D , YEH PHIL C , SMITH RONALD M
-
3.发明专利
公开(公告)号:CA1308202C
公开(公告)日:1992-09-29
申请号:CA584970
申请日:1988-12-05
Applicant: IBM
Inventor: BAUM RICHARD I , BORDEN TERRY L , BUTWELL JUSTIN R , CLARK CARL E , GANEK ALAN G , LUM JAMES , MALL MICHAEL G , PLAMBECK KENNETH E , SCALZI CASPER A , SCHMALZ RICHARD J , SMITH RONALD M , THOMAS JULIAN
Abstract: PO98/-004 ACCESS REGISTER TRANSLATION MEANS FOR ADDRESS GENERATING MECHANISM FOR MULTIPLE VIRTUAL SPACES A method and apparatus is provided to translate the contents of access registers into information for use in performing addressing functions for multiple virtual address spaces. The access registers represent the full addressing capability of the system but do not directly contain the addressing information. The system has a plurality of general purpose registers, a plurality of access registers associated with the general registers, an access list having access list entries which is addressed by the contents of the access register, memory storage for holding address space number second table entries (ASTE), where the contents of the access list entry locate the ASTE and where the ASTE contains the addressing information needed to translate a virtual address when combined with the contents of a general purpose register. Access register translation (ART) consists of the process of determining addressing information by using the access list entry and the ASTE. The results of the ART process are stored in an ART lookaside buffer (ALB) which stores the results of ART while valid for later use.
-
公开(公告)号:DE68926200T2
公开(公告)日:1996-10-17
申请号:DE68926200
申请日:1989-08-09
Applicant: IBM
Inventor: MATYAS STEPHEN M , ABRAHAM DENNIS G , JOHNSON DONALD B , KARNE RAMESH K , LE AN V , PRYMAK ROSTISLAW , THOMAS JULIAN , WILKINS JOHN D , YEH PHIL C
-
公开(公告)号:DE68926005D1
公开(公告)日:1996-04-25
申请号:DE68926005
申请日:1989-08-09
Applicant: IBM
Inventor: MATYAS STEPHEN M , ABRAHAM DENNIS G , JOHNSON DONALD B , KARNE RAMESH K , LE AN V , PRYMAK ROSTISLAW , THOMAS JULIAN , WILKINS JOHN D , YEH PHIL C , SMITH RONALD M , WHITE STEVE R , ARNOLD WILLIAM C
Abstract: Arrangements are disclosed for validating that key management functions requested for a cryptographic key by the program have been authorised by the originator of the key. The invention includes a cryptographic facility characterised by a secure boundary through which passes an input path for receiving the cryptographic service requests, cryptographic keys and their associated control vectors, and an output path for providing responses thereto. There can be included within the boundary a cryptographic instruction storage coupled to the input path, a control vector checking unit and a cryptographic processing unit coupled to the instruction storage, and a master key storage coupled to the processing means, for providing a secure location for executing key management functions in response to the received service requests. The cryptographic instruction storage receives over the input path a cryptographic service request for performing a key management function on a cryptographic key. The control vector checking unit has an input coupled to the input path for receiving a control vector associated with the cryptographic key and an input connected to the cryptographic instruction storage, for receiving control signals to initiate checking that the control vector authorises the key management function which is requested by the cryptographic service request. The control vector checking unit has an authorisation output connected to an input of the cryptographic processing means, for signalling that the key management function is authorised, the receipt of which by the cryptographic processing unit initiates the performance of the requested key management function with the cryptographic key. The invention enables the flexible control of many cryptographic key management functions in the generation, distribution and use of cryptographic keys, while maintaining a high security standard.
-
Patent Agency Ranking
公开(公告)号:DE68923386T2
公开(公告)日:1996-03-28
申请号:DE68923386
申请日:1989-01-17
Applicant: IBM
-
公开(公告)号:CA1317677C
公开(公告)日:1993-05-11
申请号:CA602904
申请日:1989-06-15
Applicant: IBM
Inventor: MATYAS STEPHEN M , ABRAHAM DENNIS G , JOHNSON DONALD B , KARNE RAMESH K , LE AN V , PRYMAK ROSTISLAW , THOMAS JULIAN , WILKINS JOHN D , YEH PHIL C
Abstract: MA988-011 of the Invention SECURE MANAGEMENT OF KEYS USING CONTROL VECTORS The invention is an apparatus and method for validating that key management functions requested for a cryptographic key by the program have been authorized by the originator of the key. The invention includes a cryptographic facility characterized by a secure boundary through which passes an input path for receiving the cryptographic service requests, cryptographic keys and their associated control vectors, and an output path for providing responses thereto. There can be included within the boundary a cryptographic instruction storage coupled to the input path, a control vector checking unit and a cryptographic processing unit coupled to the instruction storage, and a master key storage coupled to the processing means, for providing a secure location for executing key management functions in response to the received service requests. The cryptographic instruction storage receives over the input path a cryptographic service request for performing a key management function on a cryptographic key. The control vector checking unit has an input coupled to the input path for receiving a control vector associated with the cryptographic key and an input connected to the cryptographic instruction storage, for receiving control signals to initiate checking that the control vector authorizes the key management function which is requested by the cryptographic service request. The control vector checking unit has an authorization output connected to an input of the cryptographic processing means, for signalling that the key management function is authorized, the receipt of which by the cryptographic processing unit initiates the performance of the requested key management function with the cryptographic key. The invention enables the flexible control of many cryptographic key management functions in the generation, distribution and use of cryptographic keys, while maintaining a high security standard.
-
公开(公告)号:DE68923386D1
公开(公告)日:1995-08-17
申请号:DE68923386
申请日:1989-01-17
Applicant: IBM
-
公开(公告)号:DE68926076T2
公开(公告)日:1996-11-14
申请号:DE68926076
申请日:1989-08-09
Applicant: IBM
Inventor: MATYAS STEPHEN M , ABRAHAM DENNIS G , JOHNSON DONALD B , KARNE RAMESH K , LE AN V , PRYMAK ROSTISLAW , ARNOLD WILLIAM C , WHITE STEVE R , WILKINS JOHN D , YEH PHIL C , THOMAS JULIAN
IPC: H04L9/08
-
公开(公告)号:DE68926076D1
公开(公告)日:1996-05-02
申请号:DE68926076
申请日:1989-08-09
Applicant: IBM
Inventor: MATYAS STEPHEN M , ABRAHAM DENNIS G , JOHNSON DONALD B , KARNE RAMESH K , LE AN V , PRYMAK ROSTISLAW , ARNOLD WILLIAM C , WHITE STEVE R , WILKINS JOHN D , YEH PHIL C , THOMAS JULIAN
IPC: H04L9/08
-
-
-
-
-
-
-
-
-
Search Results
17
records
(took 0.018 seconds)
