AR075283A1 - Metodo sistema y dispositivo para proveer un modulo de plataforma confiable (tpm) - Google Patents
Metodo sistema y dispositivo para proveer un modulo de plataforma confiable (tpm)Info
- Publication number
- AR075283A1 AR075283A1 ARP090103901A AR075283A1 AR 075283 A1 AR075283 A1 AR 075283A1 AR P090103901 A ARP090103901 A AR P090103901A AR 075283 A1 AR075283 A1 AR 075283A1
- Authority
- AR
- Argentina
- Prior art keywords
- platform module
- running
- tpm
- device method
- secure communications
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/029—Firewall traversal, e.g. tunnelling or, creating pinholes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/127—Trusted platform modules [TPM]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Se proveen técnicas para implementar la inicializacion de un Modulo de Plataforma Confiable TPM. Los resultados pueden ser confiables y confidenciales aun cuando los dispositivos contengan programas en ejecucion o sistemas operativos maliciosos. En una materializacion, las comunicaciones seguras pueden ser activadas mediante una clave proporcionada por el fabricante del dispositivo. Las comunicaciones seguras pueden permitir que un administrador de sistema realice una operacion para obtener la propiedad de forma remota, en lugar de ejecutarla localmente en cada dispositivo y correr el riesgo de exponer informacion sensible al software local.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/249,042 US8607065B2 (en) | 2008-10-10 | 2008-10-10 | Trusted and confidential remote TPM initialization |
Publications (1)
Publication Number | Publication Date |
---|---|
AR075283A1 true AR075283A1 (es) | 2011-03-23 |
Family
ID=42099965
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
ARP090103901 AR075283A1 (es) | 2008-10-10 | 2009-10-09 | Metodo sistema y dispositivo para proveer un modulo de plataforma confiable (tpm) |
Country Status (6)
Country | Link |
---|---|
US (3) | US8607065B2 (es) |
EP (1) | EP2335375B1 (es) |
CN (1) | CN102177678B (es) |
AR (1) | AR075283A1 (es) |
TW (1) | TW201017465A (es) |
WO (1) | WO2010042621A2 (es) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2962648C (en) | 2005-10-06 | 2019-07-23 | Mastercard Mobile Transactions Solutions, Inc. | Three-dimensional transaction authentication |
US8959363B2 (en) | 2010-06-03 | 2015-02-17 | Intel Corporation | Systems, methods, and apparatus to virtualize TPM accesses |
US8953790B2 (en) * | 2011-11-21 | 2015-02-10 | Broadcom Corporation | Secure generation of a device root key in the field |
US8949818B2 (en) * | 2012-06-29 | 2015-02-03 | Intel Corporation | Mechanism for facilitating dynamic and trusted cloud-based extension upgrades for computing systems |
US9912771B2 (en) | 2014-04-14 | 2018-03-06 | Arris Enterprises Llc | Real time key collection in device provisioning |
CN105516967A (zh) * | 2014-09-25 | 2016-04-20 | 中兴通讯股份有限公司 | 可信环境创建方法和装置及基站异常恢复方法和装置 |
US9735968B2 (en) | 2014-10-20 | 2017-08-15 | Microsoft Technology Licensing, Llc | Trust service for a client device |
CN104618096B (zh) * | 2014-12-30 | 2018-10-30 | 华为技术有限公司 | 保护密钥授权数据的方法、设备和tpm密钥管理中心 |
US10146916B2 (en) * | 2015-11-17 | 2018-12-04 | Microsoft Technology Licensing, Llc | Tamper proof device capability store |
US10218696B2 (en) | 2016-06-30 | 2019-02-26 | Microsoft Technology Licensing, Llc | Targeted secure software deployment |
CN109309690B (zh) * | 2018-12-28 | 2019-04-02 | 中国人民解放军国防科技大学 | 一种基于报文认证码的软件白名单控制方法 |
US11546176B2 (en) * | 2020-08-26 | 2023-01-03 | Rockwell Collins, Inc. | System and method for authentication and cryptographic ignition of remote devices |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7299354B2 (en) * | 2003-09-30 | 2007-11-20 | Intel Corporation | Method to authenticate clients and hosts to provide secure network boot |
US7644278B2 (en) * | 2003-12-31 | 2010-01-05 | International Business Machines Corporation | Method for securely creating an endorsement certificate in an insecure environment |
US7382880B2 (en) * | 2004-01-26 | 2008-06-03 | Hewlett-Packard Development Company, L.P. | Method and apparatus for initializing multiple security modules |
EP1617587A1 (en) * | 2004-07-12 | 2006-01-18 | International Business Machines Corporation | Method, system and computer program product for privacy-protecting integrity attestation of computing platform |
US7484099B2 (en) * | 2004-07-29 | 2009-01-27 | International Business Machines Corporation | Method, apparatus, and product for asserting physical presence with a trusted platform module in a hypervisor environment |
US20060095505A1 (en) * | 2004-09-30 | 2006-05-04 | Zimmer Vincent J | Providing a trustworthy configuration server |
US20060184785A1 (en) * | 2005-02-16 | 2006-08-17 | David Carroll Challener | Apparatus, system, and method for securing I/O communications between a blade and a peripheral interface device of a blade-based computer system |
US7640593B2 (en) * | 2005-04-21 | 2009-12-29 | Nokia Corporation | User-controlled management of TPM identities |
US7849312B2 (en) * | 2006-03-24 | 2010-12-07 | Atmel Corporation | Method and system for secure external TPM password generation and use |
US20080046752A1 (en) * | 2006-08-09 | 2008-02-21 | Stefan Berger | Method, system, and program product for remotely attesting to a state of a computer system |
US7900058B2 (en) * | 2006-08-31 | 2011-03-01 | Intel Corporation | Methods and arrangements for remote communications with a trusted platform module |
US20080184028A1 (en) * | 2007-01-29 | 2008-07-31 | Dell Products L.P. | Methods, Apparatus and Products for Establishing a Trusted Information Handling System |
US8543799B2 (en) * | 2008-05-02 | 2013-09-24 | Microsoft Corporation | Client authentication during network boot |
-
2008
- 2008-10-10 US US12/249,042 patent/US8607065B2/en active Active
-
2009
- 2009-10-07 EP EP09819820.3A patent/EP2335375B1/en active Active
- 2009-10-07 CN CN200980140559.1A patent/CN102177678B/zh active Active
- 2009-10-07 WO PCT/US2009/059846 patent/WO2010042621A2/en active Application Filing
- 2009-10-08 TW TW98134180A patent/TW201017465A/zh unknown
- 2009-10-09 AR ARP090103901 patent/AR075283A1/es unknown
-
2013
- 2013-11-26 US US14/091,145 patent/US9237135B2/en active Active
-
2015
- 2015-12-28 US US14/981,024 patent/US9787674B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
US9787674B2 (en) | 2017-10-10 |
EP2335375A2 (en) | 2011-06-22 |
EP2335375B1 (en) | 2017-07-26 |
US20100095120A1 (en) | 2010-04-15 |
EP2335375A4 (en) | 2015-05-27 |
WO2010042621A2 (en) | 2010-04-15 |
US20140089664A1 (en) | 2014-03-27 |
US20170078279A1 (en) | 2017-03-16 |
TW201017465A (en) | 2010-05-01 |
US8607065B2 (en) | 2013-12-10 |
CN102177678B (zh) | 2014-11-26 |
WO2010042621A3 (en) | 2010-07-08 |
CN102177678A (zh) | 2011-09-07 |
US9237135B2 (en) | 2016-01-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AR075283A1 (es) | Metodo sistema y dispositivo para proveer un modulo de plataforma confiable (tpm) | |
CO2019007876A2 (es) | Direccionamiento de un entorno de ejecución confiable utilizando clave de cifrado | |
CL2019002026A1 (es) | Direccionamiento de un entorno de ejecución confiable utilizando clave de firma. | |
WO2017062128A3 (en) | Technologies for end-to-end biometric-based authentication and platform locality assertion | |
CL2009001359A1 (es) | Método para generar una clave criptográfica para la protección de la comunicación entre dos entidades, realizada por la primera entidad como parte de una operación distribuida de seguridad iniciada por la segunda entidad; dispositivo; equipo; sistema. | |
AR047827A1 (es) | Un dispositivo de computadora que presenta capacidad inalambrica para la ejecucion de programas no verificados en un entorno operado por dispositivo inalambrico | |
BR112015007854A2 (pt) | sistema e método de execução de uma instância de máquina virtual, sistema servidor de chaves para emitir chaves para uma instância de máquina virtual, imagem de máquina virtual capaz de ter instância formada como uma instância de máquina virtual, e, método de emissão de chaves para uma instância de máquina virtual | |
BR112014012653A8 (pt) | sistema e método para o gerenciamento de chave para domínio de segurança do emissor ao usar especificações da global platform | |
BR112017014632A2 (pt) | ?método implementado por computador, e, sistema de computador? | |
AR072975A1 (es) | Modulo integrado de seguridad criptografica para un nodo de red | |
ES2722533T3 (es) | Sistema y método para gestionar la instalación de un paquete de aplicación que requiera un acceso a permisos de riesgo alto | |
BR112015026372B8 (pt) | Dispositivo de comunicação que reforça a segurança para um arquivo armazenado em uma unidade virtual | |
WO2015134760A3 (en) | Secure hardware for cross-device trusted applications | |
GB2460841B (en) | Methods of providing access to I/O devices | |
ATE440336T1 (de) | Verfahren zum schutz von ic-karten vor leistungsanalyse-attacken | |
FR2914378B1 (fr) | Dispositif et clavette de verrouillage. | |
WO2008008623A3 (en) | Systems and techniques for datapath security in a system-on-a-chip device | |
DE60324593D1 (de) | Zuverlässiger systemzeitgeber | |
BRPI0519483A2 (pt) | mÉtodo para produzir um dispositivo eletroluminescente, e, dispositivo eletroluminescente | |
BR112014010472A2 (pt) | método para proporcionar um mecanismo de segurança para um código externo; aparelho; programa de computador incorporado em um meio legível por computador; e servidor de aplicação | |
DE602008000738D1 (de) | Beschleunigung von Berechnungen im Galois-Counter-Modus | |
BRPI1011217A2 (pt) | dispositivo, produto de programa de computador e método para usar strings de caracteres em sistemas de criptografia, estatísticas, simulação, randomização, máquinas de jogos e semelhantes. | |
BR112013001728A2 (pt) | métodos para criptografar um valor introduzido em um dispositivo de usuário, para verificar um valor comunicado a um sistema de autenticação via uma rede de comunicações, e para comunicar um valor introduzido em um dispositivo de usuário a um sistema de autenticação via uma rede de comunicações, dispositivo de usuário, sistema, software, e, meio legível por computador. | |
GB2474200A (en) | Ticket authorized secure installation and boot | |
PE20050854A1 (es) | Metodos y aparatos para proporcionar credenciales de aplicacion |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FB | Suspension of granting procedure |