Patent number 8798267 is assigned to
The following quote was obtained by the news editors from the background information supplied by the inventors: "This invention relates, in general, to processing within a virtual computing environment, and in particular, to providing security within that environment.
"One aspect of providing security within the virtual environment is to protect cryptographic keys used in cryptographic operations performed by a crypto device. In one example, these keys are protected via encryption. For instance, a cryptographic key is encrypted under a master key providing an encrypted cryptographic key. The master key is kept inside the security boundary of the crypto device. The encrypted cryptographic key can be stored outside the security boundary of the crypto device and is then used in cryptographic operations.
"A single processor system has one set of master keys associated therewith. That is, the single processor system has a master key for each type of cryptographic keys. However, in a partitioned environment, there is one set of master keys for each zone or partition."
In addition to the background information obtained for this patent, VerticalNews journalists also obtained the inventor's summary information for this patent: "Although each partition in a partitioned system has its own set of master keys, those keys are traditionally shared by all virtual systems within that partition. As used herein, each virtual system is a computing system running in a virtual environment. It includes, for instance, the resources (e.g., one or more CPUs, memory, I/O, etc.) under control of a guest operating system, such as Linux. Thus, the term 'guest' refers to a virtual system. In an effort to enhance security, it is desired that each guest has its own set of virtual master keys. Thus, a need exists for a capability to provide separate virtual keys for each guest executing within a partition.
"Additionally, a need exists for a capability to virtualize keys other than master keys, such as other cryptographic keys or other keys.
"The shortcomings of the prior art are overcome and additional advantages are provided through the provision of a computer program product for virtualizing cryptographic keys in a virtual computing environment having a hierarchy including a host and one or more layers of guests, wherein a layer corresponds to a virtualization level. The computer program product comprises a non-transitory storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method. The method includes, for instance, obtaining, by a processor, a cryptographic key; and generating a virtual cryptographic key using an operation, the cryptographic key and a mask, wherein the mask used is dependent on the virtualization level of a guest for which the virtual cryptographic key is being generated.
"Methods and systems relating to one or more aspects of the present invention are also described and claimed herein. Further, services relating to one or more aspects of the present invention are also described and may be claimed herein.
"Additional features and advantages are realized through the techniques of the present invention. Other embodiments and aspects of the invention are described in detail herein and are considered a part of the claimed invention."
URL and more information on this patent, see: Yeh,
Keywords for this news article include: Information Technology, Information and Cryptography,
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC
Most Popular Stories
- Alabama House Speaker Arrested on Felony Ethics Charges
- 'Fury' Blows 'Gone Girl' Out of the Box Office
- German Intelligence Blames Ukraine Rebels for MH17
- Turkey to Help Kurds Reach Fight in Kobani
- Clinton Rallies Early Vote for Landrieu
- Car Drivers Warned to Get Air Bags Fixed
- ISIS Seeks to Expand Terror War
- Prius Drivers Battle Stereotypes
- Obama Building Ebola Coalition for Africa Fight
- 'Fury' Gets Into Soldiers' Minds: Brad Pitt