Patents by Inventor Elizabeth A. Dames
Elizabeth A. Dames has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9716585Abstract: An aspect of cipher text translation includes a memory configured to store predetermined conditions for performing an encryption operation, and a processor communicatively coupled to the memory. The processor is configured to execute computer readable instructions. The computer readable instructions include determining through analysis of an inbound key and an outbound key of the encryption operation that the encryption operation includes a translation from a first class of encryption to a second class of encryption. The second class of encryption is determined to be weaker than the first class of encryption. The instructions also include applying the predetermined conditions to the input key and the output key and authorizing the translation via the processor, based on the applying, when aspects of the predetermined conditions are satisfied.Type: GrantFiled: April 12, 2016Date of Patent: July 25, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Elizabeth A. Dames, Mark D. Marik
-
Patent number: 9633212Abstract: A method, computer program product, and system for selecting and generating a key to perform a cryptographic operation are described. The method includes receiving one or more inputs representing criteria for the key, the one or more inputs excluding an explicit identification of the key and one of the one or more inputs specifying the cryptographic operation; retrieving, from a memory device, information corresponding with the one or more inputs; selecting and generating the key based on the one or more inputs and the information; and performing the cryptographic operation using the key.Type: GrantFiled: August 26, 2016Date of Patent: April 25, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Elizabeth A. Dames, Charles D. Helfenberger, Richard V. Kisley, Jimmie R. Mayfield, Jr.
-
Patent number: 9607159Abstract: A method, computer program product, and system for selecting and generating a key to perform a cryptographic operation are described. The method includes receiving one or more inputs representing criteria for the key, the one or more inputs excluding an explicit identification of the key and one of the one or more inputs specifying the cryptographic operation; retrieving, from a memory device, information corresponding with the one or more inputs; selecting and generating the key based on the one or more inputs and the information; and performing the cryptographic operation using the key.Type: GrantFiled: December 10, 2014Date of Patent: March 28, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Elizabeth A. Dames, Charles D. Helfenberger, Richard V. Kisley, Jimmie R. Mayfield, Jr.
-
Publication number: 20160357974Abstract: A method, computer program product, and system for selecting and generating a key to perform a cryptographic operation are described. The method includes receiving one or more inputs representing criteria for the key, the one or more inputs excluding an explicit identification of the key and one of the one or more inputs specifying the cryptographic operation; retrieving, from a memory device, information corresponding with the one or more inputs; selecting and generating the key based on the one or more inputs and the information; and performing the cryptographic operation using the key.Type: ApplicationFiled: August 26, 2016Publication date: December 8, 2016Inventors: Todd W. Arnold, Elizabeth A. Dames, Charles D. Helfenberger, Richard V. Kisley, Jimmie R. Mayfield, Jr.
-
Patent number: 9471796Abstract: A method, computer program product, and system for selecting and generating a key to perform a cryptographic operation are described. The method includes receiving one or more inputs representing criteria for the key, the one or more inputs excluding an explicit identification of the key and one of the one or more inputs specifying the cryptographic operation; retrieving, from a memory device, information corresponding with the one or more inputs; selecting and generating the key based on the one or more inputs and the information; and performing the cryptographic operation using the key.Type: GrantFiled: March 7, 2016Date of Patent: October 18, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Elizabeth A. Dames, Charles D. Helfenberger, Richard V. Kisley, Jimmie R. Mayfield, Jr.
-
Publication number: 20160226659Abstract: An aspect of cipher text translation includes a memory configured to store predetermined conditions for performing an encryption operation, and a processor communicatively coupled to the memory. The processor is configured to execute computer readable instructions. The computer readable instructions include determining through analysis of an inbound key and an outbound key of the encryption operation that the encryption operation includes a translation from a first class of encryption to a second class of encryption. The second class of encryption is determined to be weaker than the first class of encryption. The instructions also include applying the predetermined conditions to the input key and the output key and authorizing the translation via the processor, based on the applying, when aspects of the predetermined conditions are satisfied.Type: ApplicationFiled: April 12, 2016Publication date: August 4, 2016Inventors: Todd W. Arnold, Elizabeth A. Dames, Mark D. Marik
-
Publication number: 20160171221Abstract: A method, computer program product, and system for selecting and generating a key to perform a cryptographic operation are described. The method includes receiving one or more inputs representing criteria for the key, the one or more inputs excluding an explicit identification of the key and one of the one or more inputs specifying the cryptographic operation; retrieving, from a memory device, information corresponding with the one or more inputs; selecting and generating the key based on the one or more inputs and the information; and performing the cryptographic operation using the key.Type: ApplicationFiled: December 10, 2014Publication date: June 16, 2016Inventors: Todd W. Arnold, Elizabeth A. Dames, Charles D. Helfenberger, Richard V. Kisley, Jimmie R. Mayfield, JR.
-
Publication number: 20160171251Abstract: A method, computer program product, and system for selecting and generating a key to perform a cryptographic operation are described. The method includes receiving one or more inputs representing criteria for the key, the one or more inputs excluding an explicit identification of the key and one of the one or more inputs specifying the cryptographic operation; retrieving, from a memory device, information corresponding with the one or more inputs; selecting and generating the key based on the one or more inputs and the information; and performing the cryptographic operation using the key.Type: ApplicationFiled: March 7, 2016Publication date: June 16, 2016Inventors: Todd W. Arnold, Elizabeth A. Dames, Charles D. Helfenberger, Richard V. Kisley, Jimmie R. Mayfield, JR.
-
Patent number: 9369274Abstract: A computer system includes memory configured to store information regarding predetermined conditions of an encryption operation and a processor configured to analyze an inbound key and an outbound key of the encryption operation. The processor is also configured to determine that the encryption operation includes a translation from a first class of encryption to a second class of encryption based on the analyzing the inbound key and the outbound key, and to determine whether the translation is permitted based on the predetermined conditions.Type: GrantFiled: July 6, 2012Date of Patent: June 14, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Elizabeth A. Dames, Mark D. Marik
-
Patent number: 9306745Abstract: According to one embodiment, a method for implementing secure key management is provided. The method includes populating a section of information associated with a key, the section being populated with information relating to how the key was created. The method also includes populating the section with information relating to how the key was acquired by a secure module; and binding the section to the key, wherein the key is encrypted.Type: GrantFiled: October 15, 2012Date of Patent: April 5, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Elizabeth A. Dames, Carsten D. Frehr, Michael J. Kelly, Kenneth B. Kerr, Richard V. Kisley, Eric D. Rossman, Eric B. Smith
-
Patent number: 9288051Abstract: According to one embodiment, a method for implementing computer security is provided. The method includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information, wherein a structure of the key control information in the token is independent of the wrapping method. The method also includes wrapping the key material and binding key control information to the key material in the token, wherein the key control information includes information relating to usage and management of the key material.Type: GrantFiled: October 15, 2012Date of Patent: March 15, 2016Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Elizabeth A. Dames, Thomas J. Dewkett, Carsten D. Frehr, Michael J. Kelly, Kenneth B. Kerr, Richard V. Kisley, Eric D. Rossman, Eric B. Smith
-
Patent number: 9264230Abstract: A system for implementing computer security is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method that includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information. A structure of the key control information in the token is independent of the wrapping method. Implementing computer security also includes wrapping the key material and binding key control information to the key material in the token. The key control information includes information relating to usage and management of the key material.Type: GrantFiled: March 14, 2011Date of Patent: February 16, 2016Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Elizabeth A. Dames, Thomas J. Dewkett, Carsten D. Frehr, Michael J. Kelly, Kenneth B. Kerr, Richard V. Kisley, Eric D. Rossman, Eric B. Smith
-
Patent number: 9252944Abstract: Embodiments relate to wrapping of a common cryptographic architecture (CCA) key token. An aspect includes wrapping, by an exporting computer, the CCA key token using a key wrapping export function, the CCA key token comprising a CCA key data section and an unencrypted control vector. Another aspect includes splitting the control vector into a first control vector portion and a second control vector portion. Another aspect includes encrypting the CCA key data section and the first control vector portion using an key encrypting key (KEK) to generate a wrapped key block. Another aspect includes binding the second control vector portion to the wrapped key block to form an associated data section, wherein the associated data section is not encrypted, and wherein the wrapped key block and the associated data section comprise a wrapped key token.Type: GrantFiled: March 21, 2014Date of Patent: February 2, 2016Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Gerald K. Boyter, Elizabeth A. Dames, Richard V. Kisley, Eric B. Smith
-
Patent number: 9235702Abstract: A method that includes receiving, from a first entity having an input permission, a first data structure into a HSM, wherein the first data structure maps a first many-to-one mapping between a first and a second PIN numeral system. The method also includes determining whether the content of the first data structure is valid, storing the first data structure in the HSM if the first data structure is valid and marking the stored first data structure as inactive. The method further includes activating the first data structure if a second data structure is input into the HSM by a second entity having an activation permission, wherein the first entity is different from the second entity, the first data structure is identical to the second data structure. The method additionally includes converting from the first to the second PIN numeral system responsive to the activated first data structure.Type: GrantFiled: November 14, 2012Date of Patent: January 12, 2016Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Elizabeth A. Dames, Carsten D. Frehr, Clifford L. Hansen, Shelia M. Sittinger
-
Publication number: 20150270955Abstract: Embodiments relate to wrapping of a common cryptographic architecture (CCA) key token. An aspect includes wrapping, by an exporting computer, the CCA key token using a key wrapping export function, the CCA key token comprising a CCA key data section and an unencrypted control vector. Another aspect includes splitting the control vector into a first control vector portion and a second control vector portion. Another aspect includes encrypting the CCA key data section and the first control vector portion using an key encrypting key (KEK) to generate a wrapped key block. Another aspect includes binding the second control vector portion to the wrapped key block to form an associated data section, wherein the associated data section is not encrypted, and wherein the wrapped key block and the associated data section comprise a wrapped key token.Type: ApplicationFiled: March 21, 2014Publication date: September 24, 2015Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Gerald K. Boyter, Elizabeth A. Dames, Richard V. Kisley, Eric B. Smith
-
Patent number: 8856520Abstract: Secure key management includes populating a section of information associated with a key, the section of information being populated with information relating to a level of protection of the key accumulated over time. Secure key management further includes securely binding the section of information to the key, wherein the key is encrypted.Type: GrantFiled: October 15, 2012Date of Patent: October 7, 2014Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Elizabeth A. Dames, Carsten D. Frehr, Michael J. Kelly, Kenneth B. Kerr, Richard V. Kisley, Eric D. Rossman, Eric B. Smith
-
Patent number: 8789210Abstract: A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to usage of the key material populating one or more key usage fields that define attributes that limit actions that may be performed with the key material.Type: GrantFiled: May 4, 2011Date of Patent: July 22, 2014Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Elizabeth A. Dames, Carsten D. Frehr, Michael J. Kelly, Kenneth B. Kerr, Richard V. Kisley, Eric D. Rossman, Eric B. Smith
-
Patent number: 8755527Abstract: A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to management of the key material populating one or more key management fields that define attributes that limit distribution of the key material.Type: GrantFiled: May 4, 2011Date of Patent: June 17, 2014Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Elizabeth A. Dames, Carsten D. Frehr, Michael J. Kelly, Kenneth B. Kerr, Richard V. Kisley, Eric D. Rossman, Eric B. Smith
-
Patent number: 8739297Abstract: A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method. The method includes creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to usage of the key material populating one or more key usage fields that define attributes that limit actions that may be performed with the key material.Type: GrantFiled: October 19, 2012Date of Patent: May 27, 2014Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Elizabeth A. Dames, Carsten D. Frehr, Michael J. Kelly, Kenneth B. Kerr, Richard V. Kisley, Eric D. Rossman, Eric B. Smith
-
Patent number: 8713709Abstract: A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method. The method includes creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to management of the key material populating one or more key management fields that define attributes that limit distribution of the key material.Type: GrantFiled: October 17, 2012Date of Patent: April 29, 2014Assignee: International Business Machines CorporationInventors: Todd W. Arnold, Elizabeth A. Dames, Carsten D. Frehr, Michael J. Kelly, Kenneth B. Kerr, Richard V. Kisley, Eric D. Rossman, Eric B. Smith