专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08879728B2 Key creation and rotation for data encryption 有权
公开(公告)号：US08879728B2
公开(公告)日：2014-11-04
申请号：US13858841
申请日：2013-04-08
申请人： Dark Matter Labs Inc.
发明人： Jeffrey Earl MacMillan , Jason Arthur Offrey
IPC分类号： H04L9/00 , H04L9/08 , G06F21/62
CPC分类号： H04L9/0838 , G06F21/6218 , G06F2221/2107 , H04L9/0816 , H04L9/0861 , H04L9/0891
摘要： Embodiments are directed towards enabling cryptographic key rotation without disrupting cryptographic operations. If key rotation is initiated, a transitional key may be generated by encrypting the current key with a built-in system key. A new key may be generated based one at least one determined key parameter. Next, the new key may be activated by the one or more key holders. If the new key is activated, it may be designated as the new current key. The new current key may be employed to encrypt the transitional key and store it in a key array. Each additional rotated key may be stored in the key array after it is encrypted by the current cryptographic key. Further, in response to a submission of an unencrypted query value, one or more encrypted values that correspond to a determined number of rotated cryptographic keys are generated.

2. 发明申请

US20140177829A1 KEY CREATION AND ROTATION FOR DATA ENCRYPTION 有权
标题翻译：数据加密的关键创新和旋转
公开(公告)号：US20140177829A1
公开(公告)日：2014-06-26
申请号：US13858841
申请日：2013-04-08
申请人： DARK MATTER LABS INC.
发明人： Jeffrey Earl MacMillan , Jason Arthur Offrey
IPC分类号： H04L9/08
CPC分类号： H04L9/0838 , G06F21/6218 , G06F2221/2107 , H04L9/0816 , H04L9/0861 , H04L9/0891
摘要： Embodiments are directed towards enabling cryptographic key rotation without disrupting cryptographic operations. If key rotation is initiated, a transitional key may be generated by encrypting the current key with a built-in system key. A new key may be generated based one at least one determined key parameter. Next, the new key may be activated by the one or more key holders. If the new key is activated, it may be designated as the new current key. The new current key may be employed to encrypt the transitional key and store it in a key array. Each additional rotated key may be stored in the key array after it is encrypted by the current cryptographic key. Further, in response to a submission of an unencrypted query value, one or more encrypted values that correspond to a determined number of rotated cryptographic keys are generated.
摘要翻译：实施例旨在实现加密密钥轮换而不中断加密操作。如果启动了旋转键，则可以通过使用内置的系统密钥加密当前密钥来生成过渡密钥。可以基于至少一个确定的关键参数来生成新密钥。接下来，新键可以由一个或多个键持有者激活。如果新密钥被激活，则可以将其指定为新的当前密钥。可以使用新的当前密钥来加密过渡密钥并将其存储在密钥阵列中。每个附加的旋转键可以在通过当前密码密钥加密之后存储在密钥数组中。此外，响应于提交未加密的查询值，生成对应于所确定数量的旋转密码密钥的一个或多个加密值。

3. 发明申请

US20140003608A1 KEY MANAGEMENT SYSTEM 有权
标题翻译：关键管理系统
公开(公告)号：US20140003608A1
公开(公告)日：2014-01-02
申请号：US13831618
申请日：2013-03-15
申请人： DARK MATTER LABS INC.
发明人： Jeffrey Earl MacMillan , Jason Arthur Offrey
IPC分类号： H04L9/08
CPC分类号： H04L9/0802 , H04L9/083 , H04L9/0861 , H04L9/0891 , H04L9/3239
摘要： Embodiments are directed towards enabling cryptographic key management without disrupting cryptographic operations. Embodiments may be employed to generate cryptographic keys based on at least one key parameter that may be provided by an administrator. The administrator may generate key managers and key request users that may be linked to particular cryptographic keys. The cryptographic keys may be stored on key exchange servers separate from the key management server. Responsive to a request for a cryptographic key, the key exchange servers may authenticate the key request user associated with the request. The key request may be validated based on at least one key parameter and a portion of the key request. The key exchange server may generate the requested cryptographic keys providing them to the key request user over the network.
摘要翻译：实施例旨在实现加密密钥管理而不中断加密操作。可以采用实施例来基于可由管理员提供的至少一个关键参数来生成加密密钥。管理员可以生成可以链接到特定加密密钥的密钥管理器和密钥请求用户。加密密钥可以存储在与密钥管理服务器分开的密钥交换服务器上。响应于密码密钥的请求，密钥交换服务器可以认证与请求相关联的密钥请求用户。密钥请求可以基于至少一个密钥参数和密钥请求的一部分来验证。密钥交换服务器可以生成通过网络向密钥请求用户提供请求的加密密钥。

4. 发明申请

US20130163753A1 KEY CREATION AND ROTATION FOR DATA ENCRYPTION 有权
标题翻译：数据加密的关键创新和旋转
公开(公告)号：US20130163753A1
公开(公告)日：2013-06-27
申请号：US13708535
申请日：2012-12-07
申请人： DARK MATTER LABS INC.
发明人： Jeffrey Earl MacMillan , Jason Arthur Offrey
IPC分类号： H04L9/08
CPC分类号： H04L9/0838 , G06F21/6218 , G06F2221/2107 , H04L9/0816 , H04L9/0861 , H04L9/0891
摘要： Embodiments are directed towards enabling cryptographic key rotation without disrupting cryptographic operations. If key rotation is initiated, a transitional key may be generated by encrypting the current key with a built-in system key. A new key may be generated based one at least one determined key parameter. Next, the new key may be activated by the one or more key holders. If the new key is activated, it may be designated as the new current key. The new current key may be employed to encrypt the transitional key and store it in a key array. Each additional rotated key may be stored in the key array after it is encrypted by the current cryptographic key. Further, in response to a submission of an unencrypted query value, one or more encrypted values that correspond to a determined number of rotated cryptographic keys are generated.
摘要翻译：实施例旨在实现加密密钥轮换而不中断加密操作。如果启动了旋转键，则可以通过使用内置的系统密钥加密当前密钥来生成过渡密钥。可以基于至少一个确定的关键参数来生成新密钥。接下来，新键可以由一个或多个键持有者激活。如果新密钥被激活，则可以将其指定为新的当前密钥。可以使用新的当前密钥来加密过渡密钥并将其存储在密钥阵列中。每个附加的旋转键可以在通过当前密码密钥加密之后存储在密钥数组中。此外，响应于提交未加密的查询值，生成对应于所确定数量的旋转密码密钥的一个或多个加密值。

5. 发明授权

US08868908B2 Total hypervisor encryptor 有权
标题翻译：总管理程序加密器
公开(公告)号：US08868908B2
公开(公告)日：2014-10-21
申请号：US13791742
申请日：2013-03-08
申请人： Dark Matter Labs Inc.
发明人： Jeffrey Earl MacMillan , Jason Arthur Offrey
IPC分类号： H04L29/06 , G06F21/60 , G06F21/70 , G06F21/78
CPC分类号： G06F21/602 , G06F21/53 , G06F21/60 , G06F21/70 , G06F21/78
摘要： Embodiments are directed towards providing cryptographic services to protect guest operating system (OS) images in virtualized computing environments. A hypervisor may trap privileged operations initiated by guest OS images. These trapped operations may be intercepted by a cryptographic module. A hypervisor may trap a write operation made by a guest OS image, and cryptographic module may encrypt the write buffer and return it the hypervisor. A hypervisor may trap a read operation made by a guest OS image, and provide the encrypted data to the cryptographic module for decrypting. If the data is decrypted, the cryptographic module may provide the decrypted data to the hypervisor which provides the decrypted data to the guest OS image. Also, guest OS image context information may be decrypted and encrypted as the guest OS image is scheduled and de-scheduled on physical CPU(s). Further, if necessary entire guest OS images may be encrypted.
摘要翻译：实施例旨在提供加密服务以在虚拟化计算环境中保护客户操作系统（OS）映像。管理程序可能会捕获由客户操作系统映像发起的特权操作。这些被捕获的操作可能被加密模块拦截。管理程序可能会陷入由客户操作系统映像进行的写入操作，并且加密模块可以对写入缓冲区进行加密并将其返回给管理程序。管理程序可能会陷入由客户操作系统映像进行的读取操作，并将加密数据提供给加密模块进行解密。如果数据被解密，则加密模块可以将解密的数据提供给管理程序，该管理程序将解密的数据提供给客户操作系统映像。此外，客户OS图像上下文信息可以在客户操作系统映像在物理CPU上被调度和解除调度时被解密和加密。此外，如果需要，可以对整个客户OS映像进行加密。

6. 发明申请

US20140258716A1 TOTAL HYPERVISOR ENCRYPTOR 有权
标题翻译：总高级加密器
公开(公告)号：US20140258716A1
公开(公告)日：2014-09-11
申请号：US13791742
申请日：2013-03-08
申请人： DARK MATTER LABS INC.
发明人： Jeffrey Earl MacMillan , Jason Arthur Offrey
IPC分类号： G06F21/60
CPC分类号： G06F21/602 , G06F21/53 , G06F21/60 , G06F21/70 , G06F21/78
摘要： Embodiments are directed towards providing cryptographic services to protect guest operating system (OS) images in virtualized computing environments. A hypervisor may trap privileged operations initiated by guest OS images. These trapped operations may be intercepted by a cryptographic module. A hypervisor may trap a write operation made by a guest OS image, and cryptographic module may encrypt the write buffer and return it the hypervisor. A hypervisor may trap a read operation made by a guest OS image, and provide the encrypted data to the cryptographic module for decrypting. If the data is decrypted, the cryptographic module may provide the decrypted data to the hypervisor which provides the decrypted data to the guest OS image. Also, guest OS image context information may be decrypted and encrypted as the guest OS image is scheduled and de-scheduled on physical CPU(s). Further, if necessary entire guest OS images may be encrypted.
摘要翻译：实施例旨在提供加密服务以在虚拟化计算环境中保护客户操作系统（OS）映像。管理程序可能会捕获由客户操作系统映像发起的特权操作。这些被捕获的操作可能被加密模块拦截。管理程序可能会陷入由客户操作系统映像进行的写入操作，并且加密模块可以对写入缓冲区进行加密并将其返回给管理程序。管理程序可能会陷入由客户操作系统映像进行的读取操作，并将加密数据提供给加密模块进行解密。如果数据被解密，则加密模块可以将解密的数据提供给管理程序，该管理程序将解密的数据提供给客户操作系统映像。此外，客户OS图像上下文信息可以在客户操作系统映像在物理CPU上被调度和解除调度时被解密和加密。此外，如果需要，可以对整个客户OS映像进行加密。

7. 发明授权

US08774403B2 Key creation and rotation for data encryption 有权
标题翻译：数据加密的关键创建和旋转
公开(公告)号：US08774403B2
公开(公告)日：2014-07-08
申请号：US13708535
申请日：2012-12-07
申请人： Dark Matter Labs Inc.
发明人： Jeffrey Earl MacMillan , Jason Arthur Offrey
IPC分类号： H04L9/08
CPC分类号： H04L9/0838 , G06F21/6218 , G06F2221/2107 , H04L9/0816 , H04L9/0861 , H04L9/0891
摘要： Embodiments are directed towards enabling cryptographic key rotation without disrupting cryptographic operations. If key rotation is initiated, a transitional key may be generated by encrypting the current key with a built-in system key. A new key may be generated based one at least one determined key parameter. Next, the new key may be activated by the one or more key holders. If the new key is activated, it may be designated as the new current key. The new current key may be employed to encrypt the transitional key and store it in a key array. Each additional rotated key may be stored in the key array after it is encrypted by the current cryptographic key. Further, in response to a submission of an unencrypted query value, one or more encrypted values that correspond to a determined number of rotated cryptographic keys are generated.
摘要翻译：实施例旨在实现加密密钥轮换而不中断加密操作。如果启动了旋转键，则可以通过使用内置的系统密钥加密当前密钥来生成过渡密钥。可以基于至少一个确定的关键参数来生成新密钥。接下来，新键可以由一个或多个键持有者激活。如果新密钥被激活，则可以将其指定为新的当前密钥。可以使用新的当前密钥来加密过渡密钥并将其存储在密钥阵列中。每个附加的旋转键可以在通过当前密码密钥加密之后存储在密钥数组中。此外，响应于提交未加密的查询值，生成对应于所确定数量的旋转密码密钥的一个或多个加密值。

8. 发明授权

US08712044B2 Key management system 有权
标题翻译：密钥管理系统
公开(公告)号：US08712044B2
公开(公告)日：2014-04-29
申请号：US13831618
申请日：2013-03-15
申请人： Dark Matter Labs Inc.
发明人： Jeffrey Earl MacMillan , Jason Arthur Offrey
IPC分类号： H04L9/00
CPC分类号： H04L9/0802 , H04L9/083 , H04L9/0861 , H04L9/0891 , H04L9/3239
摘要： Embodiments are directed towards enabling cryptographic key management without disrupting cryptographic operations. Embodiments may be employed to generate cryptographic keys based on at least one key parameter that may be provided by an administrator. The administrator may generate key managers and key request users that may be linked to particular cryptographic keys. The cryptographic keys may be stored on key exchange servers separate from the key management server. Responsive to a request for a cryptographic key, the key exchange servers may authenticate the key request user associated with the request. The key request may be validated based on at least one key parameter and a portion of the key request. The key exchange server may generate the requested cryptographic keys providing them to the key request user over the network.
摘要翻译：实施例旨在实现加密密钥管理而不中断加密操作。可以采用实施例来基于可由管理员提供的至少一个关键参数来产生加密密钥。管理员可以生成可以链接到特定加密密钥的密钥管理器和密钥请求用户。加密密钥可以存储在与密钥管理服务器分开的密钥交换服务器上。响应于密码密钥的请求，密钥交换服务器可以认证与请求相关联的密钥请求用户。密钥请求可以基于至少一个密钥参数和密钥请求的一部分来验证。密钥交换服务器可以生成通过网络向密钥请求用户提供请求的加密密钥。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式