Invention Grant
US08477946B2 Method and apparatus for protecting encryption keys in a logically partitioned computer system environment
失效
用于在逻辑分区的计算机系统环境中保护加密密钥的方法和装置
- Patent Title: Method and apparatus for protecting encryption keys in a logically partitioned computer system environment
- Patent Title (中): 用于在逻辑分区的计算机系统环境中保护加密密钥的方法和装置
-
Application No.: US12038038Application Date: 2008-02-27
-
Publication No.: US08477946B2Publication Date: 2013-07-02
- Inventor: Mark R. Funk , Jeffrey E. Remfert
- Applicant: Mark R. Funk , Jeffrey E. Remfert
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agent Roy W. Truelson
- Main IPC: H04L9/00
- IPC: H04L9/00 ; G06F13/00
Abstract:
In a logically partitioned computer system, a partition manager maintains and controls master encryption keys for the different partitions. Preferably, processes executing within a partition have no direct access to real memory, addresses in the partition's memory space being mapped to real memory by the partition manager. The partition manager maintains master keys at real memory addresses inaccessible to processes executing in the partitions. Preferably, a special hardware register stores a pointer to the current key, and is read only by a hardware crypto-engine to encrypt/decrypt data. The crypto-engine returns the encrypted/decrypted data, but does not output the key itself or its location.
Public/Granted literature
Information query
