Browse Prior Art Database

Mutual Authentication between Data and Program

IP.com Disclosure Number: IPCOM000126676D
Original Publication Date: 2005-Jul-28
Included in the Prior Art Database: 2005-Jul-28
Document File: 3 page(s) / 35K

Publishing Venue

IBM

Abstract

Current PC grid mechanism is as follows. 1) Requester sends his program and data to centralized grid center. 2) Grid center stacks jobs and assigns appropriate server or PC which is available for grid computing. 3) Acceptor receives program and data from grid center and executes a job. 4) One job at one time is a general rule. 5) Result data is returned to grid center. 6) Grid Center transfers it to requester. In many case, program and data are protected by SSL on communication line. And remained old program and data are usually deleted before receiving new program and data. After sending of program and data to acceptor, protection of them is tolerated by application program. If someone balefully stops the machine and move hard disk to another machine, he can get the program and data. This possibility of leakage is overlooked in the world because grid computing is used in a public environment or intranet in a company. However, in order to make a commercial service using grid computing technology, complete security will be required. Solutions should be provided not only by individual application programming, but by a general purpose programming mechanism. Where to look is that program and data are sent as a pair. If the program can only work with specific data and encrypted data can be read by specific program, very strong security will be obtained.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 34% of the total text.

Page 1 of 3

Mutual Authentication between Data and Program

The characteristics of invented mechanism are as follows . 
1) Data is encrypted by symmetric key in the site of requester . Symmetric key is  encrypted by acceptor's public key and is embedded in the header of the data before it   is sent to acceptor.
2) Acceptor receives encrypted data and it is stored as it is, Encrypted data is free   from wiretapping and interpolation. If a hard disk was stolen, data is invisible to   the thief.
3) Symmetric key for data decryption is extracted by only specific program which has   a capability of getting a private key of acceptor . 
4) Key for data decryption is encrypted by public key of acceptor, other program   cannot read the data.
5) Private key of acceptor should be protected by tamper resist mechanism in acceptor 's environment,
6) Centralized grid center can provide stronger function of authentication for data   and program distribution.
7) In order to decrypt and encrypt only one record, module for secure reading and   secure writing should be provided to avoid making temporary file which contains plain   text of all the file.

New mechanism is as follows.
1) Requester puts in his public key to grid center .
2) Grid center generates new symmetric key for each job request .
3) Grid center encrypt the symmetric key by requester 's public key.
4) Grid center sends encrypted symmetric key and center 's public key to the  requester.
5) Requester pulls out the symmetric key decrypting by his own private key .
6) Requester encrypts data by the symmetric key .
7) Requester encrypts symmetric key by center 's public key and put it in the header  of data.
8) Requester includes APIs for key extraction and secure reading /writing in his  program.
9) Requester sends encrypted data and program to grid center .
10) Acceptor also puts in his public key to grid center .
11) When grid center decides which acceptor should execute a job, grid center extracts   symmetric key from the header of data and re -encrypt it by acceptor's public key. 
12) Grid center embed the key string to the header of data .
13) Grid center sends a job to the acceptor . The job contains encrypted data and a  program which includes module of secure reading and secure writing .
14) Acceptor receives a job and he can extract symmetric key ...