METHODS AND DEVICES FOR SECURING KEYS FOR A NONSECURED, DISTRIBUTED ENVIRONMENT WITH APPLICATIONS TO VIRTUALIZATION AND CLOUD-COMPUTING SECURITY AND MANAGEMENT,申请号US201213820815-传众专利搜索

发明名称	METHODS AND DEVICES FOR SECURING KEYS FOR A NONSECURED, DISTRIBUTED ENVIRONMENT WITH APPLICATIONS TO VIRTUALIZATION AND CLOUD-COMPUTING SECURITY AND MANAGEMENT
摘要	The present invention discloses methods and devices for securing keys for a non-secure computing-environment. Methods include the steps of: providing a security-key framework which is adapted, upon receiving an encryption request for protecting a secret item, for repetitively encrypting the secret item with each of a set of N location-specific secure-keys, wherein each location-specific secure-key corresponds to a respective encryption location, to create an encrypted item; wherein the locations are regions of memory located in computing resources operationally connected to the computing-environment; and concealing through encryption at least one location-specific secure-key such that the concealing is configured: to prevent at least one location-specific secure-key from ever being known in an unconcealed form on any computing resource in any computing-environment during the encrypting; and to allow mathematical operations, performed as part of the encrypting and concealing, to be performed while at least one location-specific secure-key is in its concealed form.
申请公布号	US2015143111(A1)	申请公布日期	2015.05.21
申请号	US201213820815	申请日期	2012.11.28
申请人	Parann-Nissany Gilad;Sheffer Yaron	发明人	Parann-Nissany Gilad;Sheffer Yaron
分类号	H04L29/06;H04L9/08;G06F21/72;G06F21/60;G06F21/62	主分类号	H04L29/06
代理机构		代理人
主权项	1. A method for securing keys for a non-secure computing-environment, the method comprising the steps of: (a) providing a security-key framework which is adapted, upon receiving an encryption request for protecting a secret item in the computing-environment, for repetitively encrypting, either iteratively, in parallel, or in combination thereof, said secret item with each of a set of N location-specific secure-keys, wherein each said location-specific secure-key of said set corresponds to a respective encryption location, to create an encrypted item; wherein said locations are regions of memory located in computing resources operationally connected to the computing-environment; and (b) concealing through encryption at least one said location-specific secure-key such that said step of concealing is configured: (i) to prevent said at least one location-specific secure-key from ever being known in an unconcealed form on any computing resource in any computing-environment during said encrypting; and(ii) to allow useful mathematical operations, wherein said useful mathematical operations include at least one operation selected from the group consisting of: XOR, addition, subtraction, multiplication, division, modular addition, modular subtraction, modular multiplication, modular division, and combinations thereof, performed as part of said encrypting and said step of concealing, to be performed while said at least one location-specific secure-key is in its concealed form.
地址	Ramat Hasharon IL