1. Field of the Invention
The present invention relates in general to the field of secure data storage and access for operating systems especially in a distributed computer system, and in particular to a computer system and a method for secure data handling in a computer system. Still more particularly, the present invention relates to a data processing program and a computer program product for secure data handling in a computer system.
2. Description of the Related Art
Sensitive data, when located in a main memory of a computer system, is a potential security risk. For example, the memory may not be fully protected against unauthorized access, or data could be disclosed via a storage dump.
Known solutions deal with storing sensitive data at rest; e.g., on USB sticks with encryption capabilities, hard disk encryption, etc.
Sensitive data in a main memory of an operating system can be accessed via sniffer tools, dumps, etc. Cryptographic operations are known, for example, where encryption key and data are kept in a clear form in the main memory. Also, a secure key concept is known where secure keys are stored in secure, tamperproof hardware areas, wherein sensitive data is still located in the main memory of the operating system.
In the Patent Application Publication US 2008/0104709 A1, “System and Method for Secure Data Storage” by Averyt et al., a system and method for secure data storage are disclosed.
The disclosed system comprises a protected storage area located outside the main memory and including cryptographic key for protection of sensitive data and application code required for operation of the cryptographic key. A host system sends data to a secure storage processor where it is encrypted, stored, and a globally unique identifier is transmitted to the host system. The globally unique identifier is associated with the stored encrypted data and can be used in future interactions with the secure storage processor, such as a transaction request. A host system will transmit a transaction request and a globally unique identifier to the secure storage processor. The secure storage processor will process the transaction utilizing the stored encrypted data associated with the globally unique identifier, and will transmit a response indicating the failure or success of the transaction. In addition, the system is configured to facilitate information retrieval, wherein the secure storage processor sends the stored encrypted data to a requesting host system. Since the host system transmits a request to process a transaction to the secure storage processor, the transaction is permanently located in the secure storage and executed on request and no dynamic loading of new user/customer written functions is possible.