Enhancing container security by performing container vulnerability reduction based on static analysis of dynamically loaded symbols and system call blocking
US-2024220632-A1 · Jul 4, 2024 · US
Generation of working security key based on security parameters
US9239920B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9239920-B2 |
| Application number | US-201313868859-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 23, 2013 |
| Priority date | Apr 23, 2013 |
| Publication date | Jan 19, 2016 |
| Grant date | Jan 19, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for improving security of an electronics device are disclosed. In one aspect of the present disclosure, security of a device may be improved by generating a working key based on a hardware secret key and at least one security parameter of the device, e.g., with a key derivation function. The security parameter(s) may be related to software to be authenticated on the device and/or other aspects of security for the wireless device. The security parameter(s) may indicate whether the software is authorized and/or at least one operating function authorized for the software. At least one security function may be performed for the device based on the working key. For example, the working key may be used to encrypt, sign, decrypt, or verify data for the device. The working key may be used directly or indirectly by the software for the at least one security function.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of providing security, comprising: generating by software a working key based on at least one security parameter of a set of security parameters and a secret key of a device, the set of security parameters and the secret key having been provisioned and stored on the device by at least two different entities, the software being authorized for execution on the device according to the set of security parameters, wherein the at least one security parameter determines at least one operating function authorized for the software on the device; and performing at least one security function for the device based on the working key, the working key being used directly or indirectly for the at least one security function. 2. The method of claim 1 , the at least one security parameter comprising a public key used to determine whether the software is authorized for the device. 3. The method of claim 2 , the public key corresponding to a private key used to sign the software. 4. The method of claim 1 , the secret key and the at least one security parameter being loaded onto the device at different times. 5. The method of claim 1 , the generating a working key comprises generating the working key based on the at least one security parameter and the secret key of the device with a key derivation function. 6. The method of claim 1 , the performing at least one security function comprises encrypting or signing data for the device with the working key. 7. The method of claim 1 , the performing at least one security function comprises decrypting or verifying data for the device with the working key. 8. The method of claim 1 , the performing at least one security function comprises performing the at least one security function under control of the software. 9. The method of claim 1 , further comprising: executing the software on the device without authenticating the software via a secure mechanism. 10. The method of claim 1 , further comprising: storing the secret key in a secure memory on the device; and storing the at least one security parameter in the secure memory or an unsecure memory on the device. 11. An apparatus comprising: means for generating by software a working key based on at least one security parameter and a secret key of a device, the set of security parameters and the secret key having been provisioned and stored on the device by at least two different entities, the software being authorized for execution on the device according to the set of security parameters, wherein the at least one security parameter determines at least one operating function authorized for the software on the device; and means for performing at least one security function for the device based on the working key, the working key being used directly or indirectly for the at least one security function. 12. The apparatus of claim 11 , the secret key and the at least one security parameter being loaded onto the device at different times. 13. The apparatus of claim 11 , the means for performing at least one security function comprising means for performing the at least one security function prior to activation of a secure mechanism to authenticate the software. 14. An apparatus comprising: a memory configured to store software for a device; and a processor coupled to the memory and configured to: generate by software a working key based on at least one security parameter of a set of security parameters and a secret key of the device, the set of security parameters and the secret key having been provisioned and stored on the device by at least two different entities, the software being authorized for execution on the device according to the set of security parameters, wherein the at least one security parameter determines at least one operating function authorized for the software on the device; and perform at least one security function for the device based on the working key, the working key being used directly or indirectly for the at least one security function. 15. The apparatus of claim 14 , the secret key and the at least one security parameter being loaded onto the device at different times. 16. The apparatus of claim 14 , the at least one processor being configured to perform the at least one security function prior to activation of a secure mechanism to authenticate the software. 17. A computer program product, comprising: a non-transitory computer-readable medium comprising: code for causing at least one computer to generate by software a working key based on at least one security parameter of a set of security parameters and a secret key of a device, the set of security parameters and the secret key having been provisioned and stored on the device by at least two different entities, the software being authorized for execution on the device according to the set of security parameters, wherein the at least one security parameter determines at least one operating function authorized for the software on the device; and code for causing the at least one computer to perform at least one security function for the device based on the working key, the working key being used directly or indirectly by software for the at least one security function. 18. The computer program product of claim 17 , the secret key and the at least one security parameter being loaded onto the device at different times. 19. The computer program product of claim 17 , the code for causing the at least one computer to perform at least one security function comprising code for causing the at least one computer to perform the at least one security function prior to activation of a secure mechanism to authenticate the software.
Assignees
Inventors
Classifications
Integrity · CPC title
involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics · CPC title
involving digital signatures · CPC title
Terminal devices · CPC title
received data contents, e.g. message integrity · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9239920B2 cover?
- Techniques for improving security of an electronics device are disclosed. In one aspect of the present disclosure, security of a device may be improved by generating a working key based on a hardware secret key and at least one security parameter of the device, e.g., with a key derivation function. The security parameter(s) may be related to software to be authenticated on the device and/or oth…
- Who is the assignee on this patent?
- Qualcomm Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/51. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 19 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).