The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Apr. 16, 2013
Filed:
May. 29, 2007
Masana Murase, Kawasaki, JP;
Wilfred E. Plouffe, Jr., San Jose, CA (US);
Kanna Shimizu, Austin, TX (US);
Vladimir Zbarsky, Newark, CA (US);
Masana Murase, Kawasaki, JP;
Wilfred E. Plouffe, Jr., San Jose, CA (US);
Kanna Shimizu, Austin, TX (US);
Vladimir Zbarsky, Newark, CA (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
A method, computer program product, and data processing system for protecting sensitive program code and data (including persistently stored data) from unauthorized access. Dedicated hardware decrypts an encrypted kernel into memory for execution. When an application is to be executed, the kernel computes one or more secrets by cryptographically combining information contained in the application with secret information contained in the kernel itself. The kernel then deletes its secret information and passes the computed secrets to the application. To store data persistently in memory, the application uses one of the computed secrets to encrypt the data prior to storage. If the kernel starts another instance of the same application, the kernel (which will have been re-decrypted to restore the kernel's secrets) will compute the same one or more secrets, thus allowing the second application instance to access the data encrypted by the first application instance.