What technology area does this patent fall under?

Primary CPC classification H04L63/10. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Nov 28 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Protecting access to hardware devices through use of a secure processor

US9832199B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9832199-B2
Application number	US-201514865504-A
Country	US
Kind code	B2
Filing date	Sep 25, 2015
Priority date	Sep 25, 2015
Publication date	Nov 28, 2017
Grant date	Nov 28, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A computer-implemented method, system, and/or computer program product protects access to hardware devices through use of a secure processor. A security computer receives a request from a requesting computer for access to a hardware device on a network. A secure processor within the security computer encrypts the request to generate an encrypted request, which is generated within a core of the secure processor. The secure processor protects a secure application that is used to process the request from other software on the secure processor. The security computer transmits the encrypted request to the hardware device, and then receives an encrypted acknowledgement of the encrypted request from a processor associated with the hardware device. The security computer then creates a communication session between the requesting computer and the hardware device.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer-implemented method of protecting access to hardware devices through use of a secure processor, the method comprising: receiving, by a security computer, a request from a requesting computer for access to a hardware device on a network, wherein access to the hardware device is established by an application; in response to receiving the request, encrypting, by a first secure processor within the security computer, the request to generate an encrypted request, wherein the encrypted request is generated within a core of the first secure processor, and wherein the first secure processor protects a secure application that is used to process the request from other software on the first secure processor; transmitting, from the security computer to the hardware device, the encrypted request, wherein the encrypted request comprises an address and identification of the requesting computer; receiving, by the security computer, an encrypted acknowledgement of the encrypted request, wherein the encrypted acknowledgement was generated by a processor associated with the hardware device; in response to receiving the encrypted acknowledgement, decrypting the encrypted acknowledgement and creating, by the security computer, a communication session between the requesting computer and the hardware device; and controlling, by the first secure processor, access to the hardware device by the requesting computer by requiring the requesting computer to provide an encrypted private key needed by the first secure processor to access an operating system that is required to execute the application that accesses the hardware device. 2. The computer-implemented method of claim 1 , wherein the hardware device is a legacy hardware sensor, and wherein the computer-implemented method further comprises: accessing, by the security computer, a legacy sensor access system with the encrypted request, wherein the legacy sensor access system comprises a second secure processor, wherein the second secure processor decrypts the encrypted request to open a port between the legacy hardware sensor and the security computer. 3. The computer-implemented method of claim 1 , wherein the hardware device is a legacy mechanical actuator, and wherein the computer-implemented method further comprises: accessing, by the security computer, a legacy actuator access system with the encrypted request, wherein the legacy actuator access system comprises a second secure processor, wherein the second secure processor decrypts the encrypted request to open a port between the legacy mechanical actuator and the security computer. 4. The computer-implemented method of claim 1 , wherein the processor associated with the hardware device is a second secure processor. 5. The computer-implemented method of claim 1 , wherein the hardware device is a cloud of hardware resources. 6. The computer-implemented method of claim 1 , wherein the hardware device is a cloud of computing devices. 7. A computer program product for protecting access to hardware devices through use of a secure processor, the computer program product comprising a non-transitory computer readable storage medium having program code embodied therewith, the program code readable and executable by one or more processors to perform a method comprising: receiving, by a security computer, a request from a requesting computer for access to a hardware device on a network, wherein access to the hardware device is established by an application; in response to receiving the request, encrypting, by a first secure processor within the security computer, the request to generate an encrypted request, wherein the encrypted request is generated within a core of the first secure processor, and wherein the first secure processor protects a secure application that is used to process the request from other software on the first secure processor; transmitting, from the security computer to the hardware device, the encrypted request, wherein the encrypted request comprises an address and identification of the requesting computer; receiving, by the security computer, an encrypted acknowledgement of the encrypted request, wherein the encrypted acknowledgement was generated by a processor associated with the hardware device; in response to receiving the encrypted acknowledgement, decrypting the encrypted acknowledgement and creating, by the security computer, a communication session between the requesting computer and the hardware device; and controlling, by the first secure processor, access to the hardware device by the requesting computer by requiring the requesting computer to provide an encrypted private key needed by the first secure processor to access an operating system that is required to execute the application that accesses the hardware device. 8. The computer program product of claim 7 , wherein the hardware device is a legacy hardware sensor, and wherein the method further comprises: accessing, by the security computer, a legacy sensor access system with the encrypted request, wherein the legacy sensor access system comprises a second secure processor, wherein the second secure processor decrypts the encrypted request to open a port between the legacy hardware sensor and the security computer. 9. The computer program product of claim 7 , wherein the hardware device is a legacy mechanical actuator, and wherein the method further comprises: accessing, by the security computer, a legacy actuator access system with the encrypted request, wherein the legacy actuator access system comprises a second secure processor, wherein the second secure processor decrypts the encrypted request to open a port between the legacy mechanical actuator and the security computer. 10. The computer program product of claim 7 , wherein the processor associated with the hardware device is a second secure processor. 11. The computer program product of claim 7 , wherein the hardware device is a cloud of hardware resources. 12. The computer program product of claim 7 , wherein the hardware device is a cloud of computing devices. 13. A computer system comprising: a processor, a computer readable memory, and a computer readable storage medium; first program instructions to receive, by a security computer, a request from a requesting computer for access to a hardware device on a network, wherein access to the hardware device is established by an application; second program instructions to, in response to receiving the request, encrypt, by a first secure processor within the security computer, the request to generate an encrypted request, wherein the encrypted request is generated within a core of the first secure processor, and wherein the first secure processor protects a secure application that is used to process the request from other software on the first secure processor; third program instructions to transmit, from the security computer to the hardware device, the encrypted request, wherein the encrypted request comprises an address and identification of the requesting computer; fourth program instructions to receive, by the security computer, an encrypted acknowledgement of the encrypted request, wherein the encrypted acknowledgement was generated by a processor associated with the hardware device; fifth program instructions to, in response to receiving the encrypted acknowledgement, decrypt the encrypted acknowledgement and to create, by the security computer, a communication session between the requesting computer and the hardware device; and sixth program instructions to control, by the first secure processor, access to the hardware device by the re

Assignees

Inventors

Classifications

H04L63/0428
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
H04L63/10Primary
for controlling access to devices or network resources · CPC title
G06F21/72
in cryptographic circuits · CPC title
G06F21/00
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity · CPC title
H04L63/08
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title

Patent family

Related publications grouped by family.

View patent family 58409409

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9832199B2 cover?: A computer-implemented method, system, and/or computer program product protects access to hardware devices through use of a secure processor. A security computer receives a request from a requesting computer for access to a hardware device on a network. A secure processor within the security computer encrypts the request to generate an encrypted request, which is generated within a core of the …
Who is the assignee on this patent?: IBM
What technology area does this patent fall under?: Primary CPC classification H04L63/10. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Nov 28 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).