Unlock instant, AI-driven research and patent intelligence for your innovation.

Tokenized Hardware Security Module

A hardware security module and hardware technology, which is applied to secure communication devices, computer security devices, and key distribution, and can solve problems such as insecure encryption key storage

Active Publication Date: 2018-12-28
GOOGLE LLC
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Storage of cryptographic keys in files on a file system or in the memory of a general-purpose computer may be relatively insecure

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Tokenized Hardware Security Module
  • Tokenized Hardware Security Module
  • Tokenized Hardware Security Module

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The hardware security module allows users to encapsulate cryptographic secrets and authorizes which users are permitted to perform cryptographic operations on the cryptographic secrets. When a hardware security module is integrated within a cloud environment (e.g., a distributed system) and users store their cryptographic keys in the cloud environment, the provider of the cloud environment excessively has more than all cryptographic keys stored on behalf of the user full privileges and thus defeats the purpose of using a hardware security module in controlling and restricting access to cryptographic keys. Embodiments herein relate to requiring a user to request that a hardware security module integrated within a cloud environment process cryptographic operations to provide a packaged ( wrapped) cryptographic key. The hardware security module can verify that the hardware security module has generated and signed an authorization token. The hardware security module furth...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a tokenized hardware security module. A method for processing a cryptographic operation request (250) includes receiving, at a hardware security module (HSM), the cryptographic operation request including a cryptographic key (120) and at least one authorization token (220), determining, by the HSM, whether an access control list (ACL) (214) associated with the cryptographic key (120) of the cryptographic operation request is authorized to govern access to the cryptographic key, and validating, by the HSM, the at least one authorization token. When the at least one authorization token is valid and the ACL is authorized to govern access to the cryptographic key of the cryptographic operation request, the method includes processing, by the HSM, the cryptographic operation request.

Description

technical field [0001] The present disclosure relates to hardware security modules. Background technique [0002] Refers to something that can be encrypted for secure storage on a computer readable / writable medium and then decrypted when accessed for use. For relatively quick use, the actual encryption and decryption can be performed by a cryptographic computer program resident on a general purpose computer. Cryptographic computer programs must have access to one or more cryptographic keys to encrypt and decrypt data. Storage of cryptographic keys in files on a file system or in the memory of a general purpose computer may be relatively insecure. In contrast, a hardware security module (HSM), which can be a hardware device within or connected to a general-purpose computer, can generate and / or store cryptographic keys. A hardware security module can operate at the same speed as a computer and protect its contents, never revealing the contents to the host computer in unencr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L9/08H04L29/06
CPCH04L9/0863H04L9/3213H04L9/3226H04L9/3247H04L9/3271H04L63/083H04L63/101G06F21/602G06F21/72H04L9/0825H04L63/108G06F2221/2101G06F2221/2115G06F2221/2137G06F2221/2141G06F21/60H04L65/40H04L9/3234H04L63/0853
Inventor 帕特里克·施塔尔贝格奥古斯特·休伯李日成陶涛晓兰·张约翰·兰道夫戴维·埃尔罗姆
Owner GOOGLE LLC