Patents by Inventor Michael J Miele
Michael J Miele has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11012231Abstract: The solutions disclosed enable security credentials to be shared between two entities. Embodiments of the present invention can be used to facilitate the transfer security credentials associated with a first level of permission of a first entity to a second entity that does not have the security credentials associated with the first level of permission in response to receiving a request to share security credentials between two entities.Type: GrantFiled: February 6, 2020Date of Patent: May 18, 2021Assignee: International Business Machines CorporationInventors: James R. Coon, Michael J. Miele, Garry J. Sullivan
-
Publication number: 20200177374Abstract: The solutions disclosed enable security credentials to be shared between two entities. Embodiments of the present invention can be used to facilitate the transfer security credentials associated with a first level of permission of a first entity to a second entity that does not have the security credentials associated with the first level of permission in response to receiving a request to share security credentials between two entities.Type: ApplicationFiled: February 6, 2020Publication date: June 4, 2020Inventors: James R. Coon, Michael J. Miele, Garry J. Sullivan
-
Patent number: 10594478Abstract: The solutions disclosed enable security credentials to be shared between two entities. Embodiments of the present invention can be used to facilitate the transfer security credentials associated with a first level of permission of a first entity to a second entity that does not have the security credentials associated with the first level of permission in response to receiving a request to share security credentials between two entities.Type: GrantFiled: November 18, 2016Date of Patent: March 17, 2020Assignee: International Business Machines CorporationInventors: James R. Coon, Michael J. Miele, Garry J. Sullivan
-
Patent number: 10382199Abstract: Embodiments are directed to a computer-implemented method and system, and for setting a minimum key strength in a key hierarchy. The method and system can include the use of a key strength keyword that set a minimum key strength for a plurality of key classes. The setting of a key strength lower than that set forth in the key strength command is prohibited. The key classes can include DES keys, AES keys, HMAC keys, RSA PKI keys, RSA usage keys, RSA key generation keys, ECC PKI keys, ECC usage keys, and ECC key generation keys. A multi-dimension key hierarchy, including a master key and a key that is derived through the use of a key derivation function is also described herein.Type: GrantFiled: September 30, 2016Date of Patent: August 13, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Richard V. Kisley, Michael J. Miele
-
Patent number: 10333703Abstract: Embodiments are directed to a computer-implemented method and system for generating a transport key. A method can include generating, using a processor, a key agreement pair comprising a public agreement key and a private agreement key in a second element. Thereafter, generating, using the processor, a transport key based on the public agreement key in a first element. Then sending, using the processor, an information blob to the second element. Finally, independently generating, using the processor, the transport key in the second element using the information blob and the private agreement key. The transport key can thereafter be used to send information securely between the first and second elements.Type: GrantFiled: March 1, 2017Date of Patent: June 25, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Richard V. Kisley, Michael J. Miele
-
Patent number: 10298390Abstract: Embodiments are directed to a computer-implemented method, computer system, and computer program product for creating a public key token. A public key and private key are generated, using a master key. A set of permissions is received for the public key and private key that note the allowable uses for the public key and private key. Thereafter, the set of permissions, encrypted public key, and other associated information is placed in a public key token.Type: GrantFiled: November 7, 2017Date of Patent: May 21, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Richard V. Kisley, Michael J. Miele
-
Patent number: 10256981Abstract: Embodiments include method, systems and computer program products for secure logging of host security module. In some embodiments, an event may be received. The event may include data to be written to a secure log file. A hash may be generated using data of the event. The hash may be stored in a first field of an event record associated with the event. The event record may be stored in the secure log file. The hash may be stored in a second field of a next event record in the secure log file.Type: GrantFiled: September 27, 2016Date of Patent: April 9, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Richard V. Kisley, Mark D. Marik, Michael J. Miele, Tamas Visegrady
-
Publication number: 20180254894Abstract: Embodiments are directed to a computer-implemented method and system for generating a transport key. A method can include generating, using a processor, a key agreement pair comprising a public agreement key and a private agreement key in a second element. Thereafter, generating, using the processor, a transport key based on the public agreement key in a first element. Then sending, using the processor, an information blob to the second element. Finally, independently generating, using the processor, the transport key in the second element using the information blob and the private agreement key. The transport key can thereafter be used to send information securely between the first and second elements.Type: ApplicationFiled: March 1, 2017Publication date: September 6, 2018Inventors: Todd W. Arnold, Richard V. Kisley, Michael J. Miele
-
Publication number: 20180152292Abstract: The solutions disclosed enable security credentials to be shared between two entities. Embodiments of the present invention can be used to facilitate the transfer security credentials associated with a first level of permission of a first entity to a second entity that does not have the security credentials associated with the first level of permission in response to receiving a request to share security credentials between two entities.Type: ApplicationFiled: February 19, 2018Publication date: May 31, 2018Inventors: James R. Coon, Michael J. Miele, Garry J. Sullivan
-
Publication number: 20180145828Abstract: The solutions disclosed enable security credentials to be shared between two entities. Embodiments of the present invention can be used to facilitate the transfer security credentials associated with a first level of permission of a first entity to a second entity that does not have the security credentials associated with the first level of permission in response to receiving a request to share security credentials between two entities.Type: ApplicationFiled: November 18, 2016Publication date: May 24, 2018Inventors: James R. Coon, Michael J. Miele, Garry J. Sullivan
-
Publication number: 20180097620Abstract: Embodiments are directed to a computer-implemented method and system, and for setting a minimum key strength in a key hierarchy. The method and system can include the use of a key strength keyword that set a minimum key strength for a plurality of key classes. The setting of a key strength lower than that set forth in the key strength command is prohibited. The key classes can include DES keys, AES keys, HMAC keys, RSA PKI keys, RSA usage keys, RSA key generation keys, ECC PKI keys, ECC usage keys, and ECC key generation keys. A multi-dimension key hierarchy, including a master key and a key that is derived through the use of a key derivation function is also described herein.Type: ApplicationFiled: September 30, 2016Publication date: April 5, 2018Inventors: Richard V. Kisley, Michael J. Miele
-
Publication number: 20180091311Abstract: Embodiments include method, systems and computer program products for secure logging of host security module. In some embodiments, an event may be received. The event may include data to be written to a secure log file. A hash may be generated using data of the event. The hash may be stored in a first field of an event record associated with the event. The event record may be stored in the secure log file. The hash may be stored in a second field of a next event record in the secure log file.Type: ApplicationFiled: September 27, 2016Publication date: March 29, 2018Inventors: Richard V. Kisley, Mark D. Marik, Michael J. Miele, Tamas Visegrady
-
Publication number: 20180091299Abstract: Embodiments are directed to a computer-implemented method, computer system, and computer program product for creating a public key token. A public key and private key are generated, using a master key. A set of permissions is received for the public key and private key that note the allowable uses for the public key and private key. Thereafter, the set of permissions, encrypted public key, and other associated information is placed in a public key token.Type: ApplicationFiled: November 7, 2017Publication date: March 29, 2018Inventors: Richard V. Kisley, Michael J. Miele
-
Patent number: 9838203Abstract: Embodiments are directed to a computer-implemented method, computer system, and computer program product for creating a public key token. A public key and private key are generated, using a master key. A set of permissions is received for the public key and private key that note the allowable uses for the public key and private key. Thereafter, the set of permissions, encrypted public key, and other associated information is placed in a public key token.Type: GrantFiled: September 28, 2016Date of Patent: December 5, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Richard V. Kisley, Michael J. Miele
-
Patent number: 9647842Abstract: A session key is negotiated to secure a user session executed in a host computer. An electronic hardware security module (HSM) located in the host computer generates a first session key. A smart card generates a second session key that matches the first session key. An encrypted copy of the second session key is communicated to an electronic host application module installed in the host computer. The electronic host application module decrypts the encrypted session key to obtain a copy of the session key such that the first and second session keys possessed by the smart card, the host application module and the HSM match one another.Type: GrantFiled: September 9, 2016Date of Patent: May 9, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Richard V. Kisley, Michael J. Miele
-
Publication number: 20160373259Abstract: A session key is negotiated to secure a user session executed in a host computer. An electronic hardware security module (HSM) located in the host computer generates a first session key. A smart card generates a second session key that matches the first session key. An encrypted copy of the second session key is communicated to an electronic host application module installed in the host computer. The electronic host application module decrypts the encrypted session key to obtain a copy of the session key such that the first and second session keys possessed by the smart card, the host application module and the HSM match one another.Type: ApplicationFiled: September 9, 2016Publication date: December 22, 2016Inventors: Todd W. Arnold, Richard V. Kisley, Michael J. Miele
-
Patent number: 9485091Abstract: Embodiments relate to negotiating a session key to secure a user session executed in a host computer. An electronic hardware security module (HSM) located in the host computer generates a first session key. A smart card generates a second session key that matches the first session key. An encrypted copy of the second session key is communicated to an electronic host application module installed in the host computer. The electronic host application module decrypts the encrypted session key to obtain a copy of the session key such that the first and second session keys possessed by the smart card, the host application module and the HSM match one another.Type: GrantFiled: May 1, 2014Date of Patent: November 1, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Richard V. Kisley, Michael J. Miele
-
Patent number: 9473299Abstract: Embodiments relate to negotiating a session key to secure a user session executed in a host computer. An electronic hardware security module (HSM) located in the host computer generates a first session key. A smart card generates a second session key that matches the first session key. An encrypted copy of the second session key is communicated to an electronic host application module installed in the host computer. The electronic host application module decrypts the encrypted session key to obtain a copy of the session key such that the first and second session keys possessed by the smart card, the host application module and the HSM match one another.Type: GrantFiled: March 7, 2016Date of Patent: October 18, 2016Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Todd W. Arnold, Richard V. Kisley, Michael J. Miele
-
Publication number: 20160173279Abstract: Embodiments relate to negotiating a session key to secure a user session executed in a host computer. An electronic hardware security module (HSM) located in the host computer generates a first session key. A smart card generates a second session key that matches the first session key. An encrypted copy of the second session key is communicated to an electronic host application module installed in the host computer. The electronic host application module decrypts the encrypted session key to obtain a copy of the session key such that the first and second session keys possessed by the smart card, the host application module and the HSM match one another.Type: ApplicationFiled: March 7, 2016Publication date: June 16, 2016Inventors: Todd W. Arnold, Richard V. Kisley, Michael J. Miele
-
Publication number: 20150319166Abstract: Embodiments relate to negotiating a session key to secure a user session executed in a host computer. An electronic hardware security module (HSM) located in the host computer generates a first session key. A smart card generates a second session key that matches the first session key. An encrypted copy of the second session key is communicated to an electronic host application module installed in the host computer. The electronic host application module decrypts the encrypted session key to obtain a copy of the session key such that the first and second session keys possessed by the smart card, the host application module and the HSM match one another.Type: ApplicationFiled: May 1, 2014Publication date: November 5, 2015Applicant: International Business Machines CorporationInventors: Todd W. Arnold, Richard V. Kisley, Michael J. Miele