| 发明名称 | Device with privileged memory and applications thereof | ||
| 摘要 | A device includes a key store memory, a rule set memory, a plurality of cryptographic clients, and a key store arbitration module. The key store memory stores a plurality of cryptographic keys and the rule set memory stores a set of rules for accessing the cryptographic keys. A cryptographic client is operable to issue a request to access a cryptographic key(s) and, when access to the cryptographic key is granted, execute a cryptographic function regarding at least a portion of the cryptographic key to produce a cryptographic result. The key store arbitration module is operable to determine whether the request to access the cryptographic key is valid; when the request is valid, interpret the request to produce an interpreted request; access the rule set memory based on the interpreted request to retrieve a rule of the set of rules; and grant access to the cryptographic key in accordance with the rule. | ||
| 申请公布号 | US8781127(B2) | 申请公布日期 | 2014.07.15 |
| 申请号 | US200912490777 | 申请日期 | 2009.06.24 |
| 申请人 | VIXS Systems, Inc. | 发明人 | Ducharme Paul;Stewart Norman V. D. |
| 分类号 | G06F21/00 | 主分类号 | G06F21/00 |
| 代理机构 | Garlick & Markison | 代理人 | Garlick & Markison ;Stuckman Bruce E. |
| 主权项 | 1. A device comprises: a processing module operable to issue a decryption request to decrypt at least a portion of an encrypted file; a key store memory operable to store a plurality of cryptographic keys, control words and initial vectors; a rule set memory operable to store a set of rules for accessing at least some of the plurality of cryptographic keys; a plurality of cryptographic clients, wherein a cryptographic client of the plurality of cryptographic clients is operable to: issue a request to access a control word of the control words or an initial vector of the initial vectors; andwhen access to the control word or initial vector is granted, execute another cryptographic function regarding at least a portion of the control word or the initial vector to produce another cryptographic result; and a key store arbitration module operable to: determine whether the request to access the control word or initial vector is valid;when the request to access the control word or initial vector is valid, interpret the request for access to the control word or initial vector to produce an interpreted request;access the rule set memory based on the interpreted request to retrieve rule of the set of rules; andgrant access to the control word or initial vector in accordance with the rule. | ||
| 地址 | Toronto, Ontario CA | ||