The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 11, 2012
Filed:
May. 29, 2007
Wilfred E. Plouffe, Jr., San Jose, CA (US);
Kanna Shimizu, Austin, TX (US);
Vladimir Zbarsky, Newark, CA (US);
Wilfred E. Plouffe, Jr., San Jose, CA (US);
Kanna Shimizu, Austin, TX (US);
Vladimir Zbarsky, Newark, CA (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
A method, computer program product, and data processing system provide an updateable encrypted operating kernel. Secure initialization hardware decrypts a minimal secure kernel containing sensitive portions of data and/or code into a portion of the processor-accessible memory space, from which the kernel is executed. Most system software functions are not directly supported by the secure kernel but are provided by dynamically loaded kernel extensions that are encrypted with a public key so that they can only be decrypted with a private key possessed by the secure kernel. The public/private key pair is processor-specific. Before passing control to a kernel extension, the secure kernel deletes a subset of its sensitive portions, retaining only those sensitive portions needed to perform the task(s) delegated to the kernel extension. Which sensitive portions are retained is determined by a cryptographic key with which the kernel extension is signed.