CO2020000162A2 - Generación de declaración de autenticación de claves que proporcionan el anonimato del dispositivo - Google Patents
Generación de declaración de autenticación de claves que proporcionan el anonimato del dispositivoInfo
- Publication number
- CO2020000162A2 CO2020000162A2 CONC2020/0000162A CO2020000162A CO2020000162A2 CO 2020000162 A2 CO2020000162 A2 CO 2020000162A2 CO 2020000162 A CO2020000162 A CO 2020000162A CO 2020000162 A2 CO2020000162 A2 CO 2020000162A2
- Authority
- CO
- Colombia
- Prior art keywords
- public
- authentication
- private key
- authentication service
- information
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/006—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0827—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3265—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/42—Anonymization, e.g. involving pseudonyms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Mobile Radio Communication Systems (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Medicines Containing Antibodies Or Antigens For Use As Internal Diagnostic Agents (AREA)
Abstract
Un dispositivo de cómputo envía una solicitud de certificado de autenticación a un servicio de autenticación junto con información sobre el hardware y/o software del dispositivo. El servicio de autenticación procesa la solicitud y verifica la información recibida de parte del dispositivo. Después de verificar la información, el servicio de autenticación selecciona un par de claves pública/privada a partir de un conjunto de pares de claves pública/privada reutilizables y genera un certificado de autenticación para el dispositivo y la clave pública del par de claves pública/privada. Este certificado de autenticación se firma digitalmente por el servicio de autenticación y se devuelve al dispositivo. La clave privada del par de claves pública/privada seleccionada también se cifra en un componente seguro confiable del dispositivo, asegurando que la clave no pueda ser robada por programas maliciosos y reutilizarse en otro dispositivo, y se devuelve al dispositivo. El dispositivo utiliza este certificado de autenticación para acceder a las entidades confiantes, y opcionalmente generar los pares de claves pública/privada y los certificados de autenticación adicionales.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/649,085 US10819696B2 (en) | 2017-07-13 | 2017-07-13 | Key attestation statement generation providing device anonymity |
PCT/US2018/034795 WO2019013886A1 (en) | 2017-07-13 | 2018-05-28 | GENERATION OF KEY CERTIFICATION DECLARATION PROVIDING DEVICE ANONYMAT |
Publications (1)
Publication Number | Publication Date |
---|---|
CO2020000162A2 true CO2020000162A2 (es) | 2020-01-17 |
Family
ID=62621070
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CONC2020/0000162A CO2020000162A2 (es) | 2017-07-13 | 2020-01-08 | Generación de declaración de autenticación de claves que proporcionan el anonimato del dispositivo |
Country Status (17)
Country | Link |
---|---|
US (2) | US10819696B2 (es) |
EP (1) | EP3652882A1 (es) |
JP (1) | JP7077394B2 (es) |
KR (1) | KR102451109B1 (es) |
CN (1) | CN110892672B (es) |
AU (1) | AU2018299716B2 (es) |
BR (1) | BR112020000220A2 (es) |
CA (1) | CA3067540A1 (es) |
CL (1) | CL2020000081A1 (es) |
CO (1) | CO2020000162A2 (es) |
IL (1) | IL271812B2 (es) |
MX (1) | MX2020000328A (es) |
PH (1) | PH12020550006A1 (es) |
RU (1) | RU2763516C2 (es) |
SG (1) | SG11201912738WA (es) |
WO (1) | WO2019013886A1 (es) |
ZA (1) | ZA201908494B (es) |
Families Citing this family (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11310050B2 (en) | 2018-09-17 | 2022-04-19 | Microsoft Technology Licensing, Llc | Verifying a computing device after transport |
US10423791B2 (en) * | 2017-04-27 | 2019-09-24 | Microsoft Technology Licensing, Llc | Enabling offline restart of shielded virtual machines using key caching |
US10819696B2 (en) * | 2017-07-13 | 2020-10-27 | Microsoft Technology Licensing, Llc | Key attestation statement generation providing device anonymity |
US10447486B2 (en) * | 2017-07-19 | 2019-10-15 | Spyrus, Inc. | Remote attestation of a security module's assurance level |
US11770373B2 (en) * | 2017-09-25 | 2023-09-26 | Telefonaktiebolaget Lm Ericsson (Publ) | Provisioning of vendor credentials |
GB2578628B (en) * | 2018-11-01 | 2021-09-15 | Trustonic Ltd | Device attestation techniques |
US11777717B2 (en) * | 2019-01-25 | 2023-10-03 | Huawei Technologies Co., Ltd. | Method for end entity attestation |
US11374771B2 (en) | 2019-03-08 | 2022-06-28 | Ares Technologies, Inc. | Methods and systems for implementing mixed protocol certificates |
US10742421B1 (en) | 2019-03-08 | 2020-08-11 | Ares Technologies, Inc. | Methods and systems for anonymous hardware attestation |
US10735205B1 (en) | 2019-03-08 | 2020-08-04 | Ares Technologies, Inc. | Methods and systems for implementing an anonymized attestation chain |
US11394565B2 (en) * | 2019-06-18 | 2022-07-19 | Intel Corporation | Asymmetric device attestation using physically unclonable functions |
KR20210017083A (ko) * | 2019-08-06 | 2021-02-17 | 삼성전자주식회사 | 퓨즈된 키에 기반하여 증명 인증서를 생성하는 전자 장치 및 방법 |
US11539678B2 (en) * | 2019-08-16 | 2022-12-27 | Red Hat, Inc. | Asymmetric key management for cloud computing services |
US11265721B1 (en) * | 2019-08-20 | 2022-03-01 | Facebook Technologies, Llc | Secure device attestation and mutual authentication of artificial reality devices |
US11431689B2 (en) * | 2020-01-10 | 2022-08-30 | Lennox Industries Inc. | Secure payload delivery |
WO2022006574A1 (en) * | 2020-06-29 | 2022-01-06 | Arm Cloud Technology, Inc. | Device attestation |
US11595213B2 (en) * | 2020-06-29 | 2023-02-28 | Izuma Tech, Inc. | Methods and apparatus for performing attestation |
CN111953675B (zh) * | 2020-08-10 | 2022-10-25 | 四川阵风科技有限公司 | 一种基于硬件设备的密钥管理方法 |
KR102318947B1 (ko) * | 2020-08-21 | 2021-10-27 | 세종대학교산학협력단 | 개인 정보 보호 방법과 이를 수행하기 위한 컴퓨팅 장치 및 시스템 |
WO2022115200A2 (en) | 2020-10-28 | 2022-06-02 | Ares Technologies, Inc. | Systems and methods for a cryptographic agile bootloader for upgradable secure environment |
US11665148B2 (en) * | 2021-03-22 | 2023-05-30 | Cisco Technology, Inc. | Systems and methods for addressing cryptoprocessor hardware scaling limitations |
US11750384B2 (en) * | 2021-05-27 | 2023-09-05 | Microsoft Technology Licensing, Llc | Binding with cryptographic key attestation |
US20230388110A1 (en) * | 2022-05-31 | 2023-11-30 | Microsoft Technology Licensing, Llc | Using attestation client code to attest health of a computing device |
US20240007354A1 (en) * | 2022-06-30 | 2024-01-04 | Amazon Technologies, Inc. | Automatic onboarding of heterogeneous devices onto a client network |
Family Cites Families (140)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7165174B1 (en) * | 1995-02-13 | 2007-01-16 | Intertrust Technologies Corp. | Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management |
US7631188B2 (en) * | 1997-05-16 | 2009-12-08 | Tvworks, Llc | Hierarchical open security information delegation and acquisition |
US6233685B1 (en) * | 1997-08-29 | 2001-05-15 | Sean William Smith | Establishing and employing the provable untampered state of a device |
JP2000049766A (ja) * | 1998-07-27 | 2000-02-18 | Hitachi Ltd | 鍵管理サーバシステム |
US7194620B1 (en) * | 1999-09-24 | 2007-03-20 | Verizon Business Global Llc | Method for real-time data authentication |
US6996710B1 (en) * | 2000-03-31 | 2006-02-07 | Intel Corporation | Platform and method for issuing and certifying a hardware-protected attestation key |
US20020019938A1 (en) * | 2000-08-04 | 2002-02-14 | Aarons Michael Thomas | Method and apparatus for secure identification for networked environments |
US20020078347A1 (en) * | 2000-12-20 | 2002-06-20 | International Business Machines Corporation | Method and system for using with confidence certificates issued from certificate authorities |
US20020129261A1 (en) * | 2001-03-08 | 2002-09-12 | Cromer Daryl Carvis | Apparatus and method for encrypting and decrypting data recorded on portable cryptographic tokens |
US7925878B2 (en) * | 2001-10-03 | 2011-04-12 | Gemalto Sa | System and method for creating a trusted network capable of facilitating secure open network transactions using batch credentials |
GB2382419B (en) * | 2001-11-22 | 2005-12-14 | Hewlett Packard Co | Apparatus and method for creating a trusted environment |
US6963873B2 (en) * | 2002-01-02 | 2005-11-08 | Intel Corporation | Method and system for automatic association of a signed certificate with a certificate signing request |
CA2491662C (en) | 2002-07-12 | 2015-11-24 | Privaris, Inc. | Personal authentication software and systems for travel privilege assignation and verification |
US7181016B2 (en) * | 2003-01-27 | 2007-02-20 | Microsoft Corporation | Deriving a symmetric key from an asymmetric key for file encryption or decryption |
US20040193917A1 (en) * | 2003-03-26 | 2004-09-30 | Drews Paul C | Application programming interface to securely manage different execution environments |
US7797544B2 (en) * | 2003-12-11 | 2010-09-14 | Microsoft Corporation | Attesting to establish trust between computer entities |
US7263608B2 (en) | 2003-12-12 | 2007-08-28 | Lenovo (Singapore) Pte. Ltd. | System and method for providing endorsement certificate |
US7424610B2 (en) * | 2003-12-23 | 2008-09-09 | Intel Corporation | Remote provisioning of secure systems for mandatory control |
US7350072B2 (en) * | 2004-03-30 | 2008-03-25 | Intel Corporation | Remote management and provisioning of a system across a network based connection |
US20050251857A1 (en) * | 2004-05-03 | 2005-11-10 | International Business Machines Corporation | Method and device for verifying the security of a computing platform |
US20050278253A1 (en) * | 2004-06-15 | 2005-12-15 | Microsoft Corporation | Verifying human interaction to a computer entity by way of a trusted component on a computing device or the like |
US7055742B2 (en) * | 2004-06-29 | 2006-06-06 | Microsoft Corporation | Method for secure on-line voting |
US8356175B2 (en) * | 2005-06-29 | 2013-01-15 | Intel Corporation | Methods and apparatus to perform associated security protocol extensions |
US8417640B2 (en) * | 2005-10-31 | 2013-04-09 | Research In Motion Limited | Secure license key method and system |
US8989390B2 (en) * | 2005-12-12 | 2015-03-24 | Qualcomm Incorporated | Certify and split system and method for replacing cryptographic keys |
US7600123B2 (en) * | 2005-12-22 | 2009-10-06 | Microsoft Corporation | Certificate registration after issuance for secure communication |
US8145917B2 (en) * | 2005-12-30 | 2012-03-27 | Nokia Corporation | Security bootstrapping for distributed architecture devices |
US9135444B2 (en) * | 2006-10-19 | 2015-09-15 | Novell, Inc. | Trusted platform module (TPM) assisted data center management |
US8281389B2 (en) * | 2006-12-21 | 2012-10-02 | Seagate Technology Llc | System and method for tamper evident certification |
US8984280B2 (en) * | 2007-02-16 | 2015-03-17 | Tibco Software Inc. | Systems and methods for automating certification authority practices |
US7975290B2 (en) * | 2007-06-07 | 2011-07-05 | Alcatel Lucent | Verifying authenticity of instant messaging messages |
US7971261B2 (en) * | 2007-06-12 | 2011-06-28 | Microsoft Corporation | Domain management for digital media |
CN100566251C (zh) * | 2007-08-01 | 2009-12-02 | 西安西电捷通无线网络通信有限公司 | 一种增强安全性的可信网络连接方法 |
US20090125996A1 (en) * | 2007-09-19 | 2009-05-14 | Interdigital Patent Holdings, Inc. | Virtual subscriber identity module |
DE102007044905A1 (de) * | 2007-09-19 | 2009-04-09 | InterDigital Patent Holdings, Inc., Wilmington | Verfahren und Vorrichtung zur Ermöglichung einer Dienstnutzung und Feststellung der Teilnehmeridentität in Kommunikationsnetzen mittels softwarebasierten Zugangsberechtigungsausweisen (vSIM) |
US8862874B2 (en) * | 2008-05-09 | 2014-10-14 | International Business Machines Corporation | Certificate distribution using secure handshake |
FR2932229B1 (fr) | 2008-06-05 | 2011-06-24 | Renault Sas | Pilotage de l'alimentation electrique d'une bougie d'allumage d'un moteur a combustion interne |
US9122895B2 (en) * | 2008-06-25 | 2015-09-01 | Microsoft Technology Licensing, Llc | Authorization for transient storage devices with multiple authentication silos |
US8538890B2 (en) * | 2008-08-28 | 2013-09-17 | Motorola Mobility Llc | Encrypting a unique cryptographic entity |
US8751791B2 (en) * | 2008-09-17 | 2014-06-10 | Motorola Solutions, Inc. | Method and device for confirming authenticity of a public key infrastructure (PKI) transaction event |
US20120137364A1 (en) | 2008-10-07 | 2012-05-31 | Mocana Corporation | Remote attestation of a mobile device |
US9621341B2 (en) * | 2008-11-26 | 2017-04-11 | Microsoft Technology Licensing, Llc | Anonymous verifiable public key certificates |
US8738932B2 (en) * | 2009-01-16 | 2014-05-27 | Teleputers, Llc | System and method for processor-based security |
CN101807998A (zh) | 2009-02-13 | 2010-08-18 | 英飞凌科技股份有限公司 | 认证 |
US8544092B2 (en) | 2009-03-12 | 2013-09-24 | International Business Machines Corporation | Integrity verification using a peripheral device |
US8509448B2 (en) * | 2009-07-29 | 2013-08-13 | Motorola Solutions, Inc. | Methods and device for secure transfer of symmetric encryption keys |
US9490984B2 (en) * | 2009-09-14 | 2016-11-08 | Interdigital Patent Holdings, Inc. | Method and apparatus for trusted authentication and logon |
CN101699891B (zh) * | 2009-10-21 | 2012-07-25 | 西安西电捷通无线网络通信股份有限公司 | 一种传感器网络密钥管理和节点鉴别方法 |
US8700893B2 (en) * | 2009-10-28 | 2014-04-15 | Microsoft Corporation | Key certification in one round trip |
US8327424B2 (en) * | 2009-12-22 | 2012-12-04 | Motorola Solutions, Inc. | Method and apparatus for selecting a certificate authority |
MY151315A (en) | 2010-05-07 | 2014-05-15 | Mimos Berhad | System and method for issuing endorsement key credential in trusted computing environment using local certificate authority |
US8788811B2 (en) | 2010-05-28 | 2014-07-22 | Red Hat, Inc. | Server-side key generation for non-token clients |
US20120174196A1 (en) * | 2010-12-30 | 2012-07-05 | Suresh Bhogavilli | Active validation for ddos and ssl ddos attacks |
US8806196B2 (en) * | 2011-11-04 | 2014-08-12 | Motorola Solutions, Inc. | Method and apparatus for authenticating a digital certificate status and authorization credentials |
US9754253B1 (en) * | 2011-11-28 | 2017-09-05 | Amazon Technologies, Inc. | Conditioned use of certificates |
US9413538B2 (en) * | 2011-12-12 | 2016-08-09 | Microsoft Technology Licensing, Llc | Cryptographic certification of secure hosted execution environments |
US9054871B2 (en) * | 2012-02-21 | 2015-06-09 | California Institute Of Technology | Physical key-protected one time pad |
US8782423B2 (en) | 2012-06-19 | 2014-07-15 | Microsoft Corporation | Network based management of protected data sets |
US20140006776A1 (en) * | 2012-06-29 | 2014-01-02 | Mark Scott-Nash | Certification of a virtual trusted platform module |
US9411962B2 (en) * | 2012-07-18 | 2016-08-09 | Sequitur Labs Inc. | System and methods for secure utilization of attestation in policy-based decision making for mobile device management and security |
US8782401B2 (en) | 2012-09-26 | 2014-07-15 | Intel Corporation | Enhanced privacy ID based platform attestation |
US9374228B2 (en) * | 2012-10-12 | 2016-06-21 | International Business Machines Corporation | Verifying a geographic location of a virtual disk image executing at a data center server within a data center |
US9794602B2 (en) * | 2012-10-29 | 2017-10-17 | Echostar Technologies L.L.C. | Systems and methods for securely providing streaming media content on-demand |
US9935953B1 (en) * | 2012-11-06 | 2018-04-03 | Behaviometrics Ab | Secure authenticating an user of a device during a session with a connected server |
US9077759B2 (en) * | 2013-01-18 | 2015-07-07 | Apple Inc. | Conflict resolution for keychain syncing |
US9594567B2 (en) * | 2013-02-21 | 2017-03-14 | Dell Products, Lp | Configuring a trusted platform module |
US20140259132A1 (en) * | 2013-03-06 | 2014-09-11 | Go Daddy Operating Company, LLC | System for creating a security certificate |
WO2014137338A1 (en) * | 2013-03-06 | 2014-09-12 | Intel Corporation | Roots-of-trust for measurement of virtual machines |
US20140281497A1 (en) * | 2013-03-13 | 2014-09-18 | General Instrument Corporation | Online personalization update system for externally acquired keys |
US9332002B1 (en) * | 2013-03-14 | 2016-05-03 | Amazon Technologies, Inc. | Authenticating and authorizing a user by way of a digital certificate |
US9219607B2 (en) * | 2013-03-14 | 2015-12-22 | Arris Technology, Inc. | Provisioning sensitive data into third party |
US20140281500A1 (en) * | 2013-03-15 | 2014-09-18 | Ologn Technologies Ag | Systems, methods and apparatuses for remote attestation |
DE102013205051A1 (de) * | 2013-03-21 | 2014-09-25 | Siemens Aktiengesellschaft | Aktualisieren eines digitalen Geräte-Zertifikats eines Automatisierungsgeräts |
JP6079394B2 (ja) * | 2013-04-11 | 2017-02-15 | 富士通株式会社 | 証明書生成方法、証明書生成装置、情報処理装置、通信機器、及びプログラム |
US9094377B2 (en) * | 2013-08-16 | 2015-07-28 | Netflix, Inc. | Key generation and broadcasting |
US9998438B2 (en) | 2013-10-23 | 2018-06-12 | Microsoft Technology Licensing, Llc | Verifying the security of a remote server |
US9391980B1 (en) | 2013-11-11 | 2016-07-12 | Google Inc. | Enterprise platform verification |
EP4027576B1 (en) * | 2014-01-13 | 2023-11-22 | Visa International Service Association | Efficient methods for protecting identity in authenticated transmissions |
US9652604B1 (en) * | 2014-03-25 | 2017-05-16 | Amazon Technologies, Inc. | Authentication objects with delegation |
US9680872B1 (en) * | 2014-03-25 | 2017-06-13 | Amazon Technologies, Inc. | Trusted-code generated requests |
US10050787B1 (en) * | 2014-03-25 | 2018-08-14 | Amazon Technologies, Inc. | Authentication objects with attestation |
US10049202B1 (en) * | 2014-03-25 | 2018-08-14 | Amazon Technologies, Inc. | Strong authentication using authentication objects |
US20160344725A1 (en) * | 2014-04-02 | 2016-11-24 | William B. SEVERIN | Signal haystacks |
EP2937806A1 (en) * | 2014-04-22 | 2015-10-28 | ALSTOM Renewable Technologies | Method and system for securing electronic data exchange between an industrial programmable device and a portable programmable device |
US9652631B2 (en) * | 2014-05-05 | 2017-05-16 | Microsoft Technology Licensing, Llc | Secure transport of encrypted virtual machines with continuous owner access |
US9692599B1 (en) * | 2014-09-16 | 2017-06-27 | Google Inc. | Security module endorsement |
US9705879B2 (en) * | 2014-09-17 | 2017-07-11 | Microsoft Technology Licensing, Llc | Efficient and reliable attestation |
US9716716B2 (en) * | 2014-09-17 | 2017-07-25 | Microsoft Technology Licensing, Llc | Establishing trust between two devices |
US9331989B2 (en) | 2014-10-06 | 2016-05-03 | Micron Technology, Inc. | Secure shared key sharing systems and methods |
US9900295B2 (en) * | 2014-11-05 | 2018-02-20 | Microsoft Technology Licensing, Llc | Roaming content wipe actions across devices |
US10348727B2 (en) * | 2015-02-13 | 2019-07-09 | International Business Machines Corporation | Automatic key management using enterprise user identity management |
US10015173B1 (en) * | 2015-03-10 | 2018-07-03 | Symantec Corporation | Systems and methods for location-aware access to cloud data stores |
RU2673842C1 (ru) | 2015-03-20 | 2018-11-30 | Ривец Корп. | Автоматическая аттестация сохранности устройства с применением цепочки блоков |
WO2016168503A1 (en) * | 2015-04-15 | 2016-10-20 | Melrok, Llc | Secure broadcast systems and methods for internet of things devices |
US20160364553A1 (en) * | 2015-06-09 | 2016-12-15 | Intel Corporation | System, Apparatus And Method For Providing Protected Content In An Internet Of Things (IOT) Network |
US10230696B2 (en) * | 2015-06-09 | 2019-03-12 | Intel Corporation | System, apparatus and method for managing lifecycle of secure publish-subscribe system |
CN107683599A (zh) * | 2015-06-11 | 2018-02-09 | 西门子公司 | 用于设备的认证令牌的授权发布的授权装置和方法 |
US10333903B1 (en) * | 2015-06-16 | 2019-06-25 | Amazon Technologies, Inc. | Provisioning network keys to devices to allow them to provide their identity |
US9923721B2 (en) * | 2015-06-22 | 2018-03-20 | Intel IP Corporation | Key agreement and authentication for wireless communication |
CN105141593A (zh) | 2015-08-10 | 2015-12-09 | 刘澄宇 | 一种私有云平台安全计算方法 |
US10397255B1 (en) * | 2015-09-23 | 2019-08-27 | StackRox, Inc. | System and method for providing security in a distributed computation system utilizing containers |
US20170093586A1 (en) * | 2015-09-25 | 2017-03-30 | Qualcomm Incorporated | Techniques for managing certificates on a computing device |
US9906513B2 (en) * | 2015-09-28 | 2018-02-27 | Bank Of America Corporation | Network authorization system |
US9917687B2 (en) * | 2015-10-12 | 2018-03-13 | Microsoft Technology Licensing, Llc | Migrating secrets using hardware roots of trust for devices |
US9832024B2 (en) * | 2015-11-13 | 2017-11-28 | Visa International Service Association | Methods and systems for PKI-based authentication |
US9740867B2 (en) * | 2015-11-16 | 2017-08-22 | Dell Products, L.P. | Securely passing user authentication data between a pre-boot authentication environment and an operating system |
US10009179B2 (en) * | 2015-11-30 | 2018-06-26 | Microsoft Technology Licensing, Llc | Trusted platform module (TPM) protected device |
US10169591B2 (en) * | 2015-12-07 | 2019-01-01 | Amazon Technologies, Inc. | Chained security systems |
US10536271B1 (en) * | 2016-01-10 | 2020-01-14 | Apple Inc. | Silicon key attestation |
US10341325B2 (en) * | 2016-01-29 | 2019-07-02 | Vmware, Inc. | System and method for transferring device identifying information |
US10169602B2 (en) * | 2016-02-22 | 2019-01-01 | Dell Products, L.P. | Method for local key management setup and recovery |
US10412191B1 (en) * | 2016-03-30 | 2019-09-10 | Amazon Technologies, Inc. | Hardware validation |
US10277407B2 (en) * | 2016-04-19 | 2019-04-30 | Microsoft Technology Licensing, Llc | Key-attestation-contingent certificate issuance |
US11256746B2 (en) * | 2016-04-25 | 2022-02-22 | Oracle International Corporation | Hash-based efficient secondary indexing for graph data stored in non-relational data stores |
GB201607476D0 (en) * | 2016-04-29 | 2016-06-15 | Eitc Holdings Ltd | Operating system for blockchain IOT devices |
US10447467B2 (en) * | 2016-05-04 | 2019-10-15 | International Business Machines Corporation | Revocable PKI signatures |
US9916452B2 (en) * | 2016-05-18 | 2018-03-13 | Microsoft Technology Licensing, Llc | Self-contained cryptographic boot policy validation |
US10115250B2 (en) * | 2016-05-23 | 2018-10-30 | Fuji Xerox Co., Ltd. | Systems and methods for location enabled electronic lock controls |
US10135622B2 (en) * | 2016-06-03 | 2018-11-20 | Intel Corporation | Flexible provisioning of attestation keys in secure enclaves |
US10601787B2 (en) * | 2016-06-06 | 2020-03-24 | Cisco Technology, Inc. | Root of trust of geolocation |
US10708067B2 (en) * | 2016-06-18 | 2020-07-07 | Intel Corporation | Platform attestation and registration for servers |
US20180007037A1 (en) * | 2016-07-01 | 2018-01-04 | Kenneth Wade Reese | Transaction-specific shared secret in one-time password device |
US10135921B2 (en) * | 2016-09-20 | 2018-11-20 | Keir Finlow-Bates | System and method for announcing cryptographic keys on a blockchain |
US10733284B2 (en) * | 2016-10-06 | 2020-08-04 | Samsung Electronics Co., Ltd. | Trusted execution environment secure element communication |
US10498712B2 (en) * | 2016-11-10 | 2019-12-03 | Ernest Brickell | Balancing public and personal security needs |
US10447681B2 (en) * | 2016-12-07 | 2019-10-15 | Vmware, Inc. | Secure asymmetric key application data sharing |
US10574648B2 (en) * | 2016-12-22 | 2020-02-25 | Dashlane SAS | Methods and systems for user authentication |
US10229270B2 (en) * | 2016-12-23 | 2019-03-12 | Amazon Technologies, Inc. | Host attestation |
US20180183578A1 (en) * | 2016-12-27 | 2018-06-28 | Intel Corporation | Provisioning keys for virtual machine scaling |
US20180183586A1 (en) * | 2016-12-28 | 2018-06-28 | Intel Corporation | Assigning user identity awareness to a cryptographic key |
US11443033B2 (en) * | 2017-01-24 | 2022-09-13 | Microsoft Technology Licensing, Llc | Abstract enclave identity |
US11405177B2 (en) * | 2017-01-24 | 2022-08-02 | Microsoft Technology Licensing, Llc | Nested enclave identity |
US11036875B2 (en) * | 2017-01-24 | 2021-06-15 | Microsoft Technology Licensing, Llc | Dependent enclave binaries |
US10530777B2 (en) * | 2017-01-24 | 2020-01-07 | Microsoft Technology Licensing, Llc | Data unsealing with a sealing enclave |
US20180241572A1 (en) * | 2017-02-22 | 2018-08-23 | Intel Corporation | Techniques for remote sgx enclave authentication |
US10341864B2 (en) * | 2017-03-03 | 2019-07-02 | Verizon Patent And Licensing Inc. | Network-based device registration for content distribution platforms |
US20180287920A1 (en) * | 2017-03-30 | 2018-10-04 | Ca, Inc. | Intercepting application traffic monitor and analyzer |
US10397005B2 (en) * | 2017-03-31 | 2019-08-27 | Intel Corporation | Using a trusted execution environment as a trusted third party providing privacy for attestation |
US10440006B2 (en) * | 2017-06-21 | 2019-10-08 | Microsoft Technology Licensing, Llc | Device with embedded certificate authority |
US10819696B2 (en) * | 2017-07-13 | 2020-10-27 | Microsoft Technology Licensing, Llc | Key attestation statement generation providing device anonymity |
-
2017
- 2017-07-13 US US15/649,085 patent/US10819696B2/en active Active
-
2018
- 2018-05-28 BR BR112020000220-8A patent/BR112020000220A2/pt unknown
- 2018-05-28 RU RU2020106575A patent/RU2763516C2/ru active
- 2018-05-28 WO PCT/US2018/034795 patent/WO2019013886A1/en unknown
- 2018-05-28 JP JP2020501161A patent/JP7077394B2/ja active Active
- 2018-05-28 CN CN201880046669.0A patent/CN110892672B/zh active Active
- 2018-05-28 EP EP18731699.7A patent/EP3652882A1/en active Pending
- 2018-05-28 CA CA3067540A patent/CA3067540A1/en active Pending
- 2018-05-28 IL IL271812A patent/IL271812B2/en unknown
- 2018-05-28 KR KR1020207000801A patent/KR102451109B1/ko active IP Right Grant
- 2018-05-28 MX MX2020000328A patent/MX2020000328A/es unknown
- 2018-05-28 AU AU2018299716A patent/AU2018299716B2/en active Active
- 2018-05-28 SG SG11201912738WA patent/SG11201912738WA/en unknown
-
2019
- 2019-12-19 ZA ZA2019/08494A patent/ZA201908494B/en unknown
-
2020
- 2020-01-02 PH PH12020550006A patent/PH12020550006A1/en unknown
- 2020-01-08 CO CONC2020/0000162A patent/CO2020000162A2/es unknown
- 2020-01-10 CL CL2020000081A patent/CL2020000081A1/es unknown
- 2020-08-27 US US17/004,929 patent/US11750591B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
RU2020106575A (ru) | 2021-08-13 |
BR112020000220A2 (pt) | 2020-07-07 |
IL271812A (en) | 2020-02-27 |
US10819696B2 (en) | 2020-10-27 |
PH12020550006A1 (en) | 2020-10-12 |
SG11201912738WA (en) | 2020-01-30 |
US11750591B2 (en) | 2023-09-05 |
CN110892672B (zh) | 2023-10-20 |
KR20200027500A (ko) | 2020-03-12 |
AU2018299716A1 (en) | 2020-01-02 |
CA3067540A1 (en) | 2019-01-17 |
US20190020647A1 (en) | 2019-01-17 |
KR102451109B1 (ko) | 2022-10-07 |
WO2019013886A1 (en) | 2019-01-17 |
ZA201908494B (en) | 2021-03-31 |
JP2020527305A (ja) | 2020-09-03 |
IL271812B2 (en) | 2024-01-01 |
US20200396217A1 (en) | 2020-12-17 |
RU2763516C2 (ru) | 2021-12-30 |
JP7077394B2 (ja) | 2022-05-30 |
AU2018299716B2 (en) | 2023-09-21 |
NZ759830A (en) | 2023-10-27 |
RU2020106575A3 (es) | 2021-08-13 |
IL271812B1 (en) | 2023-09-01 |
CL2020000081A1 (es) | 2020-07-31 |
MX2020000328A (es) | 2020-07-13 |
CN110892672A (zh) | 2020-03-17 |
EP3652882A1 (en) | 2020-05-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CO2020000162A2 (es) | Generación de declaración de autenticación de claves que proporcionan el anonimato del dispositivo | |
ES2722533T3 (es) | Sistema y método para gestionar la instalación de un paquete de aplicación que requiera un acceso a permisos de riesgo alto | |
BR112018011353A2 (pt) | método e sistema para provisão e armazenamento de chave criptografada distribuída via criptografia de curva elíptica | |
RU2018103181A (ru) | Конфиденциальные аутентификация и обеспечение | |
GB2573666A (en) | Verifying authenticity of computer readable information using the blockchain | |
RU2017106105A (ru) | Способы безопасного генерирования криптограмм | |
WO2015134760A3 (en) | Secure hardware for cross-device trusted applications | |
RU2016104765A (ru) | Обработка защищенных удаленных платежных транзакций | |
DE602004020276D1 (de) | Anfrage-antwort-system und -verfahren | |
JP2013509089A5 (es) | ||
CN102355663B (zh) | 基于分离机制网络的可信域间快速认证方法 | |
CO2019007875A2 (es) | Direccionamiento de un entorno de ejecución confiable utilizando clave de firma | |
RU2008147897A (ru) | Управление цифровыми правами с использованием методик доверительной обработки | |
MX2016014461A (es) | Aprovisionamiento de licencias de gestion de derechos digitales (drm) en un dispositivo cliente que utiliza un servidor de actualizaciones. | |
RU2010100880A (ru) | Создание и проверка достоверности документов, защищенных криптографически | |
JP2016510564A5 (es) | ||
TW201403377A (zh) | 用於裝置之應用程式特定識別之系統、方法及設備 | |
RU2010145465A (ru) | Способы и устройство для аутентификации и идентификации с использованием инфраструктуры открытых ключей в среде ip-телефонии | |
RU2019117050A (ru) | Управление шифрованием данных посредством множества органов управления | |
NZ752240A (en) | Secure key management | |
RU2010100883A (ru) | Основание и проверка достоверности документов, защищенных криптографически | |
CY1121082T1 (el) | Συσκευη προστασιας και κλειδωτηρι και μεθοδος για τη χρηση τους | |
JP2017531951A5 (es) | ||
PH12021550562A1 (en) | Authentication of internet of things devices, including electronic locks | |
ES2400895R1 (es) | Metodo para realizar una firma digital de grupo |