05933503 is referenced by 69 patents and cites 16 patents.

An apparatus and method provide a controlled, dynamically loaded, modular, cryptographic filler for integration into a base executable having a "slot" minimizing the interface between the filler and the base executable, and between individual component modules in the filler. Cryptographic engines provide for security (privacy and integrity) of data. The base executable having potential cryptographic capability may rely on an integrated loader to control linking of the filler and its modules according to a controlling policy set by export or import laws. A base executable may be a network operating system having a "slot" for dynamically linking the filler and its modules. Modules may be created by a third party vendor within controls enforced by the loader and a management module in the filler. Asymmetric key cryptography may assure that modules have not been modified, functionally extended, or created by unauthorized sources, and may ensure that keys used in the modules come only from authorized sources. The policy may limit each module's function, access, and potential for modification or substitution. The filler and modules, typically representing a relatively small portion of the overall coding required by the base executable, may provide strong controls limiting integration by providing layered access between modules, and excluding direct access to or by them from the base executable or supported applications.

Title
Controlled modular cryptography apparatus and method
Application Number
8/618411
Publication Number
5933503
Application Date
March 15, 1996
Publication Date
August 3, 1999
Inventor
Thomas A Berson
Palo Alto
CA, US
Kevin W Kingdon
Fremont
CA, US
Roger R Schell
Orem
UT, US
Agent
Madson & Metcalf
Assignee
Novell
UT, US
IPC
H04K 1/00
View Original Source