发明名称 |
Providing consistent cryptographic operations |
摘要 |
A method, system, and computer usable program product for providing consistent cryptographic operations in a data processing environment using protected structured data objects are provided in the illustrative embodiments. A data input is received from an originating application by a security plug-in, both the application and the security plug-in executing in the data processing system. A security schema object is received by the security plug-in, the security schema object describing a sequence of cryptographic operations, wherein the security schema object includes a plurality of components each component describing an aspect of the cryptographic operations. The data input is transformed into a secure structured data object by the security plug-in using the sequence of cryptographic operations. A property of the secure structured data object is populated using data about the security schema object. The secure structured data object is transmitted to a consumer application. |
申请公布号 |
US9009472(B2) |
申请公布日期 |
2015.04.14 |
申请号 |
US201113272797 |
申请日期 |
2011.10.13 |
申请人 |
International Business Machines Corporation |
发明人 |
Cerruti Julian Ariel;Lanza Mariela Claudia;Manzato Guillermo;Prediletto Mariano Alejandro;Whitmore James J. |
分类号 |
H04L29/06;G06F21/60;H04L9/14 |
主分类号 |
H04L29/06 |
代理机构 |
Garg Law Firm, PLLC |
代理人 |
Garg Law Firm, PLLC ;Garg Rakesh;Kalaitzis Parashos T. |
主权项 |
1. A method for providing consistent cryptographic operations in a data processing system, the method comprising:
receiving, by a security plug-in, a data input from an originating application, the originating application and the security plug-in executing in the data processing system; receiving, by the security plug-in, a security schema object, the first security schema object describing a sequence of cryptographic operations, wherein the sequence includes a cryptographic operation, wherein the security schema object includes a plurality of components each component describing an aspect of the cryptographic operations in the sequence; transforming, by the security plug-in, a first part of the data input into a first part of a secure structured data object using the sequence of cryptographic operations; populating a first property of the secure structured data object, separate from the first part of the secure structured data object, with a reference to the security schema object, wherein the reference makes the security schema object available at a consumer application to recover the first part of the data input from the first part of the secure structured data object at the consumer application; and transmitting the secure structured data object to the consumer application. |
地址 |
Armonk NY US |