Patent application number | Description | Published |
20120255701 | SYSTEMS AND METHODS FOR CASTING METALLIC MATERIALS - Certain embodiments of a melting and casting apparatus comprising includes a melting hearth; a refining hearth fluidly communicating with the melting hearth; a receiving receptacle fluidly communicating with the refining hearth, the receiving receptacle including a first outflow region defining a first molten material pathway, and a second outflow region defining a second molten material pathway; and at least one melting power source oriented to direct energy toward the receiving receptacle and regulate a direction of flow of molten material along the first molten material pathway and the second molten material pathway. Methods for casting a metallic material also are disclosed. | 10-11-2012 |
20140090792 | CONTINUOUS CASTING OF MATERIALS USING PRESSURE DIFFERENTIAL - A system and method for continuous casting. The system includes a melt chamber, a withdrawal chamber, and a secondary chamber therebetween. The melt chamber can maintain a melting pressure and the withdrawal chamber can attain atmospheric pressure. The secondary chamber can include regions that can be adjusted to different pressures. During continuous casting operations, the first region adjacent to the melt chamber can be adjusted to a pressure that is at least slightly greater than the melting pressure; the pressure in subsequent regions can be sequentially decreased and then sequentially increased. The pressure in the final region can be at least slightly greater than atmospheric pressure. The differential pressures can form a dynamic airlock between the melt chamber and the withdrawal chamber, which can prevent infiltration of the melt chamber by non-inert gas in the atmosphere, and thus can prevent contamination of reactive materials in the melt chamber. | 04-03-2014 |
20140216679 | TAPERED HEARTH - A casting system and method. The casting system can include an energy source and a hearth, which can have a tapered cavity. The tapered cavity can have a first end portion and a second end portion, and the tapered cavity can narrow between the first and second end portions. Further, the tapered cavity can have an inlet at the first end portion that defines an inlet capacity, and one or more outlets at the second end portion that define an outlet capacity. Where the cavity has a single outlet, the outlet capacity can be less than the inlet capacity. Where the cavity has multiple outlets, the combined outlet capacity can match the inlet capacity. Further, the cross-sectional area of the tapered cavity near the inlet can be similar to the cross-sectional area of the inlet. | 08-07-2014 |
20150174654 | METHOD FOR CASTING MATERIAL - A casting system and method. The casting system can include an energy source and a hearth, which can have a tapered cavity. The tapered cavity can have a first end portion and a second end portion, and the tapered cavity can narrow between the first and second end portions. Further, the tapered cavity can have an inlet at the first end portion that defines an inlet capacity, and one or more outlets at the second end portion that define an outlet capacity. Where the cavity has a single outlet, the outlet capacity can be less than the inlet capacity. Where the cavity has multiple outlets, the combined outlet capacity can match the inlet capacity. Further, the cross-sectional area of the tapered cavity near the inlet can be similar to the cross-sectional area of the inlet. | 06-25-2015 |
20150174655 | HEARTH AND CASTING SYSTEM - A casting system and method. The casting system can include an energy source and a hearth, which can have a tapered cavity. The tapered cavity can have a first end portion and a second end portion, and the tapered cavity can narrow between the first and second end portions. Further, the tapered cavity can have an inlet at the first end portion that defines an inlet capacity, and one or more outlets at the second end portion that define an outlet capacity. Where the cavity has a single outlet, the outlet capacity can be less than the inlet capacity. Where the cavity has multiple outlets, the combined outlet capacity can match the inlet capacity. Further, the cross-sectional area of the tapered cavity near the inlet can be similar to the cross-sectional area of the inlet. | 06-25-2015 |
20160082508 | HEARTH - A casting system and method. The casting system can include an energy source and a hearth, which can have a tapered cavity. The tapered cavity can have a first end portion and a second end portion, and the tapered cavity can narrow between the first and second end portions. Further, the tapered cavity can have an inlet at the first end portion that defines an inlet capacity, and one or more outlets at the second end portion that define an outlet capacity. Where the cavity has a single outlet, the outlet capacity can be less than the inlet capacity. Where the cavity has multiple outlets, the combined outlet capacity can match the inlet capacity. Further, the cross-sectional area of the tapered cavity near the inlet can be similar to the cross-sectional area of the inlet. | 03-24-2016 |
Patent application number | Description | Published |
20100031021 | METHOD FOR IMPROVED KEY MANAGEMENT FOR ATMS AND OTHER REMOTE DEVICES - A method, article, and system for providing an effective implementation of a data structure comprising instructions that are cryptographically protected against alteration or misuse, wherein the instructions further comprise a trusted block that defines specific key management policies that are permitted when an application program employs the trusted block in application programming interface (API) functions to generate or export symmetric cryptographic keys. The trusted block has a number of fields containing rules that provide an ability to limit how the trusted block is used, thereby reducing the risk of the trusted block being employed in unintended ways or with unintended keys. | 02-04-2010 |
20120179903 | COMPACT ATTRIBUTE FOR CRYPTOGRAPHICALLY PROTECTED MESSAGES - A system and associated method for verifying a signature of a signed message having a compact attribute. Components of the compact attribute of the signed message appear in a predefined order within the compact attribute, and are identified by an object identifier associated with the compact attribute. A processing flag and a security assertion are among the components of the compact message. The processing flag directs rules to process the security assertion. The security assertion is made by an authority trusted by both a sender and a recipient of the signed message. The recipient validates the signature of the signed message based on the processing flag and the security assertion recovered from the compact attribute. | 07-12-2012 |
20120185699 | SPACE-EFFICIENT ENCRYPTION WITH MULTI-BLOCK BINDING - Exemplary embodiments include an encryption method in a computer system having a processor and a memory operatively coupled to the processor, the method including receiving a cleartext key in the memory, the encryption key having a plurality of segments including segment K | 07-19-2012 |
20120237023 | Secure Key Management - A system for implementing computer security is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method that includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information. A structure of the key control information in the token is independent of the wrapping method. Implementing computer security also includes wrapping the key material and binding key control information to the key material in the token. The key control information includes information relating to usage and management of the key material. | 09-20-2012 |
20120275600 | SECURE KEY CREATION - A system for creating a secure key is provided that includes a computer processor and an application configured to execute on the computer processor, the application implementing a method that includes creating a token and populating a key control information section of the token with a value to indicate a minimum number of key parts used to form a key. Creating the secure key also includes populating a payload section of the token with a first key part, binding the key control information section to the payload section, adding a second key part to the first key part and iterating the value and binding the key control information section to the payload section after the second key part has been added. Creating the secure key further includes indicating the key is complete, wherein the key comprises a combination of the first and second key parts. | 11-01-2012 |
20120281836 | SECURE KEY MANAGEMENT - A system for implementing secure key management is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method. The method includes populating a section of information associated with a key, the section being populated with information relating to how the key was created. The method also includes populating the section with information relating to how the key was acquired by a secure module; and binding the section to the key, wherein the key is encrypted. | 11-08-2012 |
20120281837 | SECURE KEY MANAGEMENT - A system for secure key management is provided. The system includes a computer processor and an application configured to execute on the computer processor, the application implementing a method. The method includes populating a section of information associated with a key, the section of information being populated with information relating to a level of protection of the key accumulated over time. Secure key management further includes securely binding the section of information to the key, wherein the key is encrypted. | 11-08-2012 |
20120281838 | KEY MANAGEMENT POLICIES FOR CRYPTOGRAPHIC KEYS - A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to management of the key material populating one or more key management fields that define attributes that limit distribution of the key material. | 11-08-2012 |
20120281839 | KEY USAGE POLICIES FOR CRYPTOGRAPHIC KEYS - A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to usage of the key material populating one or more key usage fields that define attributes that limit actions that may be performed with the key material. | 11-08-2012 |
20120284526 | PERSONAL IDENTIFICATION NUMBER SECURITY ENHANCEMENT - A system for enhancing security of a personal identification number is configned for performing a method that includes receiving, from a first entity having an input permission, a first data structure into a HSM, wherein the first data structure maps a first many-to-one mapping between a first and a second PIN numeral system. The method also includes determining whether the content of the first data structure is valid, storing the first data structure in the HSM if the first data structure is valid and marking the stored first data structure as inactive. The method further includes activating the first data structure if a second data structure is input into the HSM by a second entity having an activation permission, wherein the first entity is different from the second entity, the first data structure is identical to the second data structure. The method additionally includes converting from the first to the second PIN numeral system responsive to the activated first data structure. | 11-08-2012 |
20120307998 | BUILDING OPTIONAL BLOCKS - A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for verifying conditions for iterative building of optional blocks in a standardized key block, parsing optional block data to validate the optional block data and to determine a length of the optional block data and a number of optional blocks contained in the optional block data, validating an optional block identification to be added, determining a storage location, inserting the optional block into the storage location, updating a value of the optional block data and returning the updated value of the optional block data. | 12-06-2012 |
20120307999 | PROTECTING A CONTROL VECTOR IN AN OPTIONAL BLOCK OF A STANDARD KEY BLOCK - A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for validating parameters passed to a parameter database, computing a length required for control vector CV data, preparing an optional block in accordance with a result of the computation, converting the CV to a format for a standardized key block while copying the converted CV into the optional block and updating optional block data in the standardized key block. | 12-06-2012 |
20120308000 | Combining Key Control Information in Common Cryptographic Architecture Services - A system includes a processor configured to perform a method, the method comprising receiving a first key token, second key token and a request to combine the first key token with the second key token, identifying a key type of the first key token and a key type of the second key token, determining whether the key type of the first key token may be combined with the key type of the second key token, combining the first key token with the second key token to create a third key token responsive to determining that the key type of the first key token may be combined with the key type of the second key token, and outputting the third key token. | 12-06-2012 |
20120308001 | SECURE KEY CREATION - Key creation includes sending a first public key part from a first system to a second system, receiving a second public key part sent by the second system to the first system and establishing a first secret material in the first system using the first and second public key parts, wherein the first secret material is identical to a second secret material established on the second system using the first and second key parts. Key creation also includes binding key control information to the first secret material in the first system, wherein the key control information includes information relating to key type and key management and deriving a first key material from the combination of the key control information and the first secret material, wherein the first key material is identical to a second key material derived by the second system. | 12-06-2012 |
20120310908 | METHOD OF PARSING OPTIONAL BLOCK DATA - A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for initially verifying a presence of parameters passed to a parameter database and that a selected group of the parameters are greater than or equal to zero, parsing optional block data to validate the optional block data, determine a length thereof and a number of optional blocks contained therein and proceeding with one of a secondary info-parsing and a secondary data-parsing operation with respect to the optional block data in accordance with content of the parameters passed to the parameter database | 12-06-2012 |
20120311324 | METHOD OF MAPPING KEY INFORMATION - A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for performing a method. The method includes checking whether information to be translated between a key token and a key block is valid and, in an event a result of the checking is affirmative, preparing an output by translating the information between the key token and the key block such that the key token and the key block each include key control information cryptographically bound to key material via a wrapping method of the key token and the key block, respectively. The key control information of the key block is related to the key control information of the key token following the translation and disambiguation information for guiding the translation specified prior to or during the translation. | 12-06-2012 |
20130034228 | SECURE KEY CREATION - Creating a secure key includes creating a token and populating a key control information section of the token with a value to indicate a minimum number of key parts used to form a key. Creating the secure key also includes populating a payload section of the token with a first key part, binding the key control information section to the payload section, adding a second key part to the first key part and iterating the value and binding the key control information section to the payload section after the second key part has been added. Creating the secure key further includes indicating the key is complete, wherein the key comprises a combination of the first and second key parts. | 02-07-2013 |
20130039494 | SECURE KEY MANAGEMENT - According to one embodiment, a method for implementing secure key management is provided. The method includes populating a section of information associated with a key, the section being populated with information relating to how the key was created. The method also includes populating the section with information relating to how the key was acquired by a secure module; and binding the section to the key, wherein the key is encrypted. | 02-14-2013 |
20130039495 | SECURE KEY MANAGEMENT - According to one embodiment, a method for implementing computer security is provided. The method includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information, wherein a structure of the key control information in the token is independent of the wrapping method. The method also includes wrapping the key material and binding key control information to the key material in the token, wherein the key control information includes information relating to usage and management of the key material. | 02-14-2013 |
20130044875 | COMBINING KEY CONTROL INFORMATION IN COMMON CRYPTOGRAPHIC ARCHITECTURE SERVICES - A method for creating a key token includes receiving a first key token, second key token and a request to combine the first key token with the second key token, identifying a key type of the first key token and a key type of the second key token, determining whether the key type of the first key token may be combined with the key type of the second key token, combining the first key token with the second key token to create a third key token responsive to determining that the key type of the first key token may be combined with the key type of the second key token, and outputting the third key token. | 02-21-2013 |
20130044879 | SECURE KEY MANAGEMENT - Secure key management includes populating a section of information associated with a key, the section of information being populated with information relating to a level of protection of the key accumulated over time. Secure key management further includes securely binding the section of information to the key, wherein the key is encrypted. | 02-21-2013 |
20130044880 | KEY MANAGEMENT POLICIES FOR CRYPTOGRAPHIC KEYS - A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method. The method includes creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to management of the key material populating one or more key management fields that define attributes that limit distribution of the key material. | 02-21-2013 |
20130054624 | METHOD OF PARSING OPTIONAL BLOCK DATA - A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for performing a method. The method includes initially verifying a presence of parameters passed to a parameter database and that a selected group of the parameters are greater than or equal to zero, parsing optional block data to validate the optional block data, determine a length thereof and a number of optional blocks contained therein and proceeding with one of a secondary info-parsing and a secondary data-parsing operation with respect to the optional block data in accordance with content of the parameters passed to the parameter database. | 02-28-2013 |
20130058486 | METHOD OF PROTECTING A CONTROL VECTOR IN AN OPTIONAL BLOCK OF A STANDARD KEY BLOCK - A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for performing a method. The method includes validating parameters passed to a parameter database, computing a length required for control vector CV data, preparing an optional block in accordance with a result of the computation, converting the CV to a format for a standardized key block while copying the converted CV into the optional block and updating optional block data in the standardized key block. | 03-07-2013 |
20130058487 | METHOD OF BUILDING OPTIONAL BLOCKS - A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for performing a method. The method includes verifying conditions for iterative building of optional blocks in a standardized key block, parsing optional block data to validate the optional block data and to determine a length of the optional block data and a number of optional blocks contained in the optional block data, validating an optional block identification to be added, determining a storage location, inserting the optional block into the storage location, updating a value of the optional block data and returning the updated value of the optional block data. | 03-07-2013 |
20130073863 | PERSONAL IDENTIFICATION NUMBER SECURITY ENHANCEMENT - A method that includes receiving, from a first entity having an input permission, a first data structure into a HSM, wherein the first data structure maps a first many-to-one mapping between a first and a second PIN numeral system. The method also includes determining whether the content of the first data structure is valid, storing the first data structure in the HSM if the first data structure is valid and marking the stored first data structure as inactive. The method further includes activating the first data structure if a second data structure is input into the HSM by a second entity having an activation permission, wherein the first entity is different from the second entity, the first data structure is identical to the second data structure. The method additionally includes converting from the first to the second PIN numeral system responsive to the activated first data structure. | 03-21-2013 |
20130103954 | KEY USAGE POLICIES FOR CRYPTOGRAPHIC KEYS - A computer program product for secure key management is provided. The computer program product includes a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method. The method includes creating a token and populating the token with key material, and binding key control information to the key material. The key control information includes information relating to usage of the key material populating one or more key usage fields that define attributes that limit actions that may be performed with the key material. | 04-25-2013 |
20140013122 | CIPHER TEXT TRANSLATION - A computer system includes memory configured to store information regarding predetermined conditions of an encryption operation and a processor configured to analyze an inbound key and an outbound key of the encryption operation. The processor is also configured to determine that the encryption operation includes a translation from a first class of encryption to a second class of encryption based on the analyzing the inbound key and the outbound key, and to determine whether the translation is permitted based on the predetermined conditions. | 01-09-2014 |
20150270955 | KEY WRAPPING FOR COMMON CRYPTOGRAPHIC ARCHITECTURE (CCA) KEY TOKEN - Embodiments relate to wrapping of a common cryptographic architecture (CCA) key token. An aspect includes wrapping, by an exporting computer, the CCA key token using a key wrapping export function, the CCA key token comprising a CCA key data section and an unencrypted control vector. Another aspect includes splitting the control vector into a first control vector portion and a second control vector portion. Another aspect includes encrypting the CCA key data section and the first control vector portion using an key encrypting key (KEK) to generate a wrapped key block. Another aspect includes binding the second control vector portion to the wrapped key block to form an associated data section, wherein the associated data section is not encrypted, and wherein the wrapped key block and the associated data section comprise a wrapped key token. | 09-24-2015 |
20150319166 | DUAL-PARTY SESSION KEY DERIVATION - Embodiments relate to negotiating a session key to secure a user session executed in a host computer. An electronic hardware security module (HSM) located in the host computer generates a first session key. A smart card generates a second session key that matches the first session key. An encrypted copy of the second session key is communicated to an electronic host application module installed in the host computer. The electronic host application module decrypts the encrypted session key to obtain a copy of the session key such that the first and second session keys possessed by the smart card, the host application module and the HSM match one another. | 11-05-2015 |