Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
1998-09-16
2002-05-28
Barron, Jr., Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S165000, C713S167000, C717S152000
Reexamination Certificate
active
06397331
ABSTRACT:
COPYRIGHT NOTICE
A portion of the disclosure of this patent document contains material which is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright rights whatsoever.
BACKGROUND OF THE INVENTION
1. Field Of The Invention
The present invention relates generally to a method of expanding a secure kernel memory area, and more particularly relates to a method of expanding a secure kernel memory area into an unprotected memory area while testing for validation and providing protection to the newly acquired memory area.
2. Description Of The Prior Art
Software developers attach a digital signature to their software code to protect users from code that has been modified. The modification may occur during or after the manufacturing process. Digital signatures are attached to each software package during the final stages of the manufacturing process. Each signature has a data item which accompanies a digitally encoded message and is used to determine if the code has been modified. Before the user is permitted to load the entire software package on to a computer, the digital signature must be checked for authenticity. This is accomplished by comparing the digital signature within the code to a digital signature provided by the user. If the software code has been tampered with or a computer virus has attacked the code, the digital signature within the code will be altered. A difference between the two digital signatures indicates that data integrity has been breached and the software is prevented from being loaded into the computer.
OBJECTS AND SUMMARY OF THE INVENTION
It is an object of the present invention to provide a method of expanding a secure kernel memory area into an unprotected memory location while testing for validation and providing protection to the newly acquired memory area.
It is an object of the present invention to provide a method for adding new authorized encryption algorithms to a secure kernel while providing the new algorithms with the same security as mask-programmed cryptographic algorithms.
It is another object of the present invention to provide flexible memory protection that can only be accessed by a super user, for example, the manufacturer of the integrated circuit having the protected and unprotected memories.
It is an object of the present invention to provide a manufacturer with flexibility and control over the addition of code to an existing system.
A method of expanding a secure kernel memory area formed in accordance with the present invention includes the step of signing an application program or encryption algorithm with a digital signature. This is required so that the manufacturer of an integrated circuit (IC) containing a secure kernel memory can control code that is added to the secure kernel memory. It also prevents unauthorized access to the secure memory area. The IC manufacturer generates a digital signature using its private key. The digital signature is verified by the secure kernel in the end product (e.g., router, modem, cellular phone) in which the IC is being used using a public key, which is stored in a read only memory (ROM) within the IC. The secure kernel verifies the digital signature and if it is valid, the secure kernel locks the expanded memory into protected mode and loads the new code. If the signature is invalid, the request is denied.
REFERENCES:
patent: 4987595 (1991-01-01), Marino, Jr. et al.
patent: 5136709 (1992-08-01), Shirakabe et al.
patent: 5465299 (1995-11-01), Matsumoto et al.
patent: 5557346 (1996-09-01), Lipner et al.
patent: 5572590 (1996-11-01), Ches
patent: 5584032 (1996-12-01), Hyatt
patent: 5619724 (1997-04-01), Moore
patent: 5623545 (1997-04-01), Childs et al.
patent: 5631960 (1997-05-01), Likens et al.
patent: 5692047 (1997-11-01), McManis
patent: 5721777 (1998-02-01), Blaze
patent: 5757914 (1998-05-01), McManis
patent: 5815707 (1998-09-01), Krause et al.
patent: 5841866 (1998-11-01), Bruwer
patent: 5950221 (1999-09-01), Draves et al.
patent: 6094691 (2000-07-01), Burgard
Ober Timothy
Reed Peter
Barron Jr. Gilberto
Hoffmann & Baron , LLP
Kabakoff Steve
SafeNet, Inc.
LandOfFree
Method for expanding secure kernel program memory does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for expanding secure kernel program memory, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for expanding secure kernel program memory will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2901920