Patents by Inventor Wilfred E. Plouffe
Wilfred E. Plouffe has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9300465Abstract: A method and system for attaching a title key to encrypted content for synchronized transmission to, or storage by, a recipient is provided. Specifically, under the present invention, an elementary media stream is parceled into content units that each include a content packet and a header. The content packets are encrypted with one or more title keys. Once the content packets have been encrypted, the title keys are themselves encrypted with a key encrypting key. The encrypted title keys are then attached to the corresponding encrypted content packets for synchronized transmission to a recipient.Type: GrantFiled: February 20, 2008Date of Patent: March 29, 2016Assignee: International Business Machines CorporationInventors: Eric M. Foster, Jeffrey B. Lotspiech, Florian Pestoni, Wilfred E. Plouffe, Jr., Frank A. Schaffa
-
Patent number: 8656178Abstract: The present invention provides a method, system and program product for modifying content usage conditions during broadcast content distribution. Specifically, the present invention allows protected (e.g., encrypted, secured, etc.) content to be received along with content usage conditions, an encrypted combination of the content usage conditions and a title key (e.g., a MAC), and a key management block. Using the key management block, a key encrypting key can be determined for decrypting the combination. Once the combination is decrypted, the content usage conditions can be modified (e.g., edited, added to, etc.).Type: GrantFiled: April 18, 2002Date of Patent: February 18, 2014Assignee: International Business Machines CorporationInventors: Eric M. Foster, Jeffrey B. Lotspiech, Dalit Naor, Sigfredo I. Nin, Florian Pestoni, Wilfred E. Plouffe, Jr., Frank A. Schaffa
-
Patent number: 8433927Abstract: A method, computer program product, and data processing system are disclosed for protecting sensitive program code (and also data) from unauthorized access in a memory space not subject to protection fault detection. In a preferred embodiment, secure initialization hardware loads the sensitive code from a storage location accessible only to the secure initialization hardware itself and decrypts the sensitive code into a portion of the processor-accessible memory space, from which the code is executed. Once execution of the sensitive code has completed, all or at least a portion of the code is deleted before passing control to application software. If the application software needs to cause the sensitive code to be executed, the secure initialization hardware is activated to reload/decrypt a fresh copy of the sensitive code into the memory space and cause the code to be executed. Before control is returned to the application software, the sensitive code is again deleted to prevent unauthorized access.Type: GrantFiled: May 29, 2007Date of Patent: April 30, 2013Assignee: International Business Machines CorporationInventors: Wilfred E. Plouffe, Jr., Kanna Shimizu
-
Patent number: 8422674Abstract: A method, computer program product, and data processing system for protecting sensitive program code and data (including persistently stored data) from unauthorized access. Dedicated hardware decrypts an encrypted kernel into memory for execution. When an application is to be executed, the kernel computes one or more secrets by cryptographically combining information contained in the application with secret information contained in the kernel itself. The kernel then deletes its secret information and passes the computed secrets to the application. To store data persistently in memory, the application uses one of the computed secrets to encrypt the data prior to storage. If the kernel starts another instance of the same application, the kernel (which will have been re-decrypted to restore the kernel's secrets) will compute the same one or more secrets, thus allowing the second application instance to access the data encrypted by the first application instance.Type: GrantFiled: May 29, 2007Date of Patent: April 16, 2013Assignee: International Business Machines CorporationInventors: Masana Murase, Wilfred E. Plouffe, Jr., Kanna Shimizu, Vladimir Zbarsky
-
Patent number: 8332635Abstract: A method, computer program product, and data processing system provide an updateable encrypted operating kernel. Secure initialization hardware decrypts a minimal secure kernel containing sensitive portions of data and/or code into a portion of the processor-accessible memory space, from which the kernel is executed. Most system software functions are not directly supported by the secure kernel but are provided by dynamically loaded kernel extensions that are encrypted with a public key so that they can only be decrypted with a private key possessed by the secure kernel. The public/private key pair is processor-specific. Before passing control to a kernel extension, the secure kernel deletes a subset of its sensitive portions, retaining only those sensitive portions needed to perform the task(s) delegated to the kernel extension. Which sensitive portions are retained is determined by a cryptographic key with which the kernel extension is signed.Type: GrantFiled: May 29, 2007Date of Patent: December 11, 2012Assignee: International Business Machines CorporationInventors: Wilfred E. Plouffe, Jr., Kanna Shimizu, Vladimir Zbarsky
-
Patent number: 8166304Abstract: A method, computer program product, and data processing system are disclosed for ensuring that applications executed in the data processing system originate only from trusted sources are disclosed. In a preferred embodiment, a secure operating kernel maintains a “key ring” containing keys corresponding to trusted software vendors. The secure kernel uses vendor keys to verify that a given application was signed by an approved vendor. To make it possible for independent developers to develop software for the herein-described platform, a “global key pair” is provided in which both the public and private keys of the pair are publicly known, so that anyone may sign an application with the global key. Such an application may be allowed to execute by including the global key pair's public key in the key ring as a “vendor key” or, conversely, it may be disallowed by excluding the global public key from the key ring.Type: GrantFiled: October 2, 2007Date of Patent: April 24, 2012Assignee: International Business Machines CorporationInventors: Masana Murase, Wilfred E. Plouffe, Jr., Kanna Shimizu, Vladimir Zbarsky
-
Patent number: 7934063Abstract: A method of invoking power processor element (PPE) serviced C library functions on a synergistic processing element (SPE) running in isolated mode. When the SPE initiates a PPE-serviced function, an SPE stub routine allocates a parameter buffer in an open area of a local store (LS) memory within the SPE. The LS memory includes an open area accessible to the PPE, and an isolated area inaccessible to the PPE. The SPE stub routine copies function parameters corresponding to the PPE-serviced function to a buffer within the open area of the LS memory, and writes a message word, which contains an identification variable of the PPE-serviced function and a location variable of the function parameters, to the open area. When execution is temporarily suspended on the SPE, the PPE reads the message word from the open area of the LS memory and executes the PPE-serviced function.Type: GrantFiled: March 29, 2007Date of Patent: April 26, 2011Assignee: International Business Machines CorporationInventors: Masana Murase, Wilfred E. Plouffe, Jr., Masaharu Sakamoto, Kanna Shimizu, Vladimir Zbarsky
-
Patent number: 7886162Abstract: A method, computer program product, and data processing system for executing larger-than-physical-memory applications while protecting sensitive program code (and also data) from unauthorized access in a memory space not subject to protection fault or page fault detection are disclosed. Large applications are accommodated by providing a mechanism for secure program overlays, in which a single large application is broken into two or more smaller applications (overlays) that can be executed from the same memory space by overwriting one of the smaller applications with another of the smaller applications when the latter needs to be executed. So that the data may be shared among these smaller applications, each of the applications contains embedded cryptographic keys, which may be used to encrypt or decrypt information to be stored persistently while control is transferred from one application to the other.Type: GrantFiled: May 29, 2007Date of Patent: February 8, 2011Assignee: International Business Machines CorporationInventors: Masana Murase, Wilfred E. Plouffe, Jr., Kanna Shimizu, Masaharu Sakamoto, Vladimir Zbarsky
-
Patent number: 7747877Abstract: A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted.Type: GrantFiled: February 2, 2009Date of Patent: June 29, 2010Assignee: International Business Machines CorporationInventors: Hongxia Jin, Donald E. Leake, Jr., Jeffrey B. Lotspiech, Sigfredo I. Nin, Wilfred E. Plouffe
-
Patent number: 7574450Abstract: An object sharing system instantiates or defines an object container that can be cloned and return a reference to a “saved” object, allowing an object to be passed between applications while maintaining a consistent reference to the object. The object sharing system places a reference to an object in the object container. A serialization module serializes the object container; the serialized object container is passed to a second application comprising the object sharing system. A deserialization module in the second application deserializes the object container, instantiating an object container clone and extracting a reference clone. The reference clone allows the second application to manipulate the saved object as desired without further interaction with the first application.Type: GrantFiled: April 19, 2005Date of Patent: August 11, 2009Assignee: International Business Machines CorporationInventor: Wilfred E. Plouffe, Jr.
-
Publication number: 20090138731Abstract: A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted.Type: ApplicationFiled: February 2, 2009Publication date: May 28, 2009Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Hongxia Jin, Donald E. Leake, JR., Jeffrey B. Lotspiech, Sigfredo I. Nin, Wilfred E. Plouffe
-
Patent number: 7516331Abstract: A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted.Type: GrantFiled: November 26, 2003Date of Patent: April 7, 2009Assignee: International Business Machines CorporationInventors: Hongxia Jin, Donald E. Leake, Jr., Jeffrey B. Lotspiech, Sigfredo I. Nin, Wilfred E. Plouffe
-
Publication number: 20090086974Abstract: A method, computer program product, and data processing system are disclosed for ensuring that applications executed in the data processing system originate only from trusted sources are disclosed. In a preferred embodiment, a secure operating kernel maintains a “key ring” containing keys corresponding to trusted software vendors. The secure kernel uses vendor keys to verify that a given application was signed by an approved vendor. To make it possible for independent developers to develop software for the herein-described platform, a “global key pair” is provided in which both the public and private keys of the pair are publicly known, so that anyone may sign an application with the global key. Such an application may be allowed to execute by including the global key pair's public key in the key ring as a “vendor key” or, conversely, it may be disallowed by excluding the global public key from the key ring.Type: ApplicationFiled: October 2, 2007Publication date: April 2, 2009Inventors: Masana Murase, Wilfred E. Plouffe, JR., Kanna Shimizu, Vladimir Zbarsky
-
Publication number: 20080301468Abstract: A method, computer program product, and data processing system for executing larger-than-physical-memory applications while protecting sensitive program code (and also data) from unauthorized access in a memory space not subject to protection fault or page fault detection are disclosed. Large applications are accommodated by providing a mechanism for secure program overlays, in which a single large application is broken into two or more smaller applications (overlays) that can be executed from the same memory space by overwriting one of the smaller applications with another of the smaller applications when the latter needs to be executed. So that the data may be shared among these smaller applications, each of the applications contains embedded cryptographic keys, which may be used to encrypt or decrypt information to be stored persistently while control is transferred from one application to the other.Type: ApplicationFiled: May 29, 2007Publication date: December 4, 2008Inventors: Masana Murase, Wilfred E. Plouffe, JR., Kanna Shimizu, Masaharu Sakamoto, Vladimir Zbarsky
-
Publication number: 20080301469Abstract: A method, computer program product, and data processing system are disclosed for protecting sensitive program code (and also data) from unauthorized access in a memory space not subject to protection fault detection. In a preferred embodiment, secure initialization hardware loads the sensitive code from a storage location accessible only to the secure initialization hardware itself and decrypts the sensitive code into a portion of the processor-accessible memory space, from which the code is executed. Once execution of the sensitive code has completed, all or at least a portion of the code is deleted before passing control to application software. If the application software needs to cause the sensitive code to be executed, the secure initialization hardware is activated to reload/decrypt a fresh copy of the sensitive code into the memory space and cause the code to be executed. Before control is returned to the application software, the sensitive code is again deleted to prevent unauthorized access.Type: ApplicationFiled: May 29, 2007Publication date: December 4, 2008Inventors: Wilfred E. Plouffe, JR., Kanna Shimizu
-
Publication number: 20080301440Abstract: A method, computer program product, and data processing system for providing an updateable encrypted operating kernel are disclosed. In a preferred embodiment, secure initialization hardware decrypts a minimal secure kernel containing sensitive portions of data and/or code into a portion of the processor-accessible memory space, from which the kernel is executed. Most system software functions are not directly supported by the secure kernel but are provided by dynamically loaded kernel extensions that are encrypted with a public key so that they can only be decrypted with a private key possessed by the secure kernel. The public/private key pair is processor-specific. Before passing control to a kernel extension the secure kernel deletes a subset of its sensitive portions, retaining only those sensitive portions needed to perform the task(s) delegated to the kernel extension. Which sensitive portions are retained is determined by a cryptographic key with which the kernel extension is signed.Type: ApplicationFiled: May 29, 2007Publication date: December 4, 2008Inventors: Wilfred E. Plouffe, JR., Kanna Shimizu, Vladimir Zbarsky
-
Publication number: 20080298581Abstract: A method, computer program product, and data processing system for protecting sensitive program code and data (including persistently stored data) from unauthorized access are disclosed. Dedicated hardware decrypts an encrypted kernel into memory for execution. When an application is to be executed, the kernel computes one or more secrets by cryptographically combining information contained in the application with secret information contained in the kernel itself. The kernel then deletes its secret information and passes the computed secrets to the application. To store data persistently in memory, the application uses one of the computed secrets to encrypt the data prior to storage. If the kernel starts another instance of the same application, the kernel (which will have been re-decrypted to restore the kernel's secrets) will compute the same one or more secrets, thus allowing the second application instance to access the data encrypted by the first application instance.Type: ApplicationFiled: May 29, 2007Publication date: December 4, 2008Inventors: Masana Murase, Wilfred E. Plouffe, JR., Kanna Shimizu, Vladimir Zbarsky
-
Publication number: 20080273702Abstract: A method and system for attaching a title key to encrypted content for synchronized transmission to, or storage by, a recipient is provided. Specifically, under the present invention, an elementary media stream is parceled into content units that each include a content packet and a header. The content packets are encrypted with one or more title keys. Once the content packets have been encrypted, the title keys are themselves encrypted with a key encrypting key. The encrypted title keys are then attached to the corresponding encrypted content packets for synchronized transmission to a recipient.Type: ApplicationFiled: February 20, 2008Publication date: November 6, 2008Inventors: Eric M. Foster, Jeffrey B. Lotspiech, Florian Pestoni, Wilfred E. Plouffe, Frank A. Schaffa
-
Publication number: 20080244612Abstract: A method of invoking power processor element (PPE) serviced C library functions on a synergistic processing element (SPE) running in isolated mode. When the SPE initiates a PPE-serviced function, an SPE stub routine allocates a parameter buffer in an open area of a local store (LS) memory within the SPE. The LS memory includes an open area accessible to the PPE, and an isolated area inaccessible to the PPE. The SPE stub routine copies function parameters corresponding to the PPE-serviced function to a buffer within the open area of the LS memory, and writes a message word, which contains an identification variable of the PPE-serviced function and a location variable of the function parameters, to the open area. When execution is temporarily suspended on the SPE, the PPE reads the message word from the open area of the LS memory and executes the PPE-serviced function.Type: ApplicationFiled: March 29, 2007Publication date: October 2, 2008Inventors: Masana Murase, Wilfred E. Plouffe, Masaharu Sakamoto, Kanna Shimizu, Vladimir Zbarsky
-
Patent number: 7356147Abstract: A method and system for attaching a title key to encrypted content for synchronized transmission to, or storage by, a recipient is provided. Specifically, under the present invention, an elementary media stream is parceled into content units that each include a content packet and a header. The content packets are encrypted with one or more title keys. Once the content packets have been encrypted, the title keys are themselves encrypted with a key encrypting key. The encrypted title keys are then attached to the corresponding encrypted content packets for synchronized transmission to a recipient.Type: GrantFiled: April 18, 2002Date of Patent: April 8, 2008Assignee: International Business Machines CorporationInventors: Eric M. Foster, Jeffrey B. Lotspiech, Florian Pestoni, Wilfred E. Plouffe, Jr., Frank A. Schaffa