KR102030858B1 - 디지털 서명 권한자 의존형 플랫폼 기밀 생성 기법 - Google Patents

디지털 서명 권한자 의존형 플랫폼 기밀 생성 기법 Download PDF

Info

Publication number
KR102030858B1
KR102030858B1 KR1020147004666A KR20147004666A KR102030858B1 KR 102030858 B1 KR102030858 B1 KR 102030858B1 KR 1020147004666 A KR1020147004666 A KR 1020147004666A KR 20147004666 A KR20147004666 A KR 20147004666A KR 102030858 B1 KR102030858 B1 KR 102030858B1
Authority
KR
South Korea
Prior art keywords
confidentiality
platform
firmware
list
computing device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
KR1020147004666A
Other languages
English (en)
Korean (ko)
Other versions
KR20140051350A (ko
Inventor
스테판 톰
로버트 칼 스피거
마그너스 보 구스타프 니스트롬
데이비드 알 우텐
Original Assignee
마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 filed Critical 마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Publication of KR20140051350A publication Critical patent/KR20140051350A/ko
Application granted granted Critical
Publication of KR102030858B1 publication Critical patent/KR102030858B1/ko
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
KR1020147004666A 2011-08-25 2012-08-08 디지털 서명 권한자 의존형 플랫폼 기밀 생성 기법 Active KR102030858B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/218,029 2011-08-25
US13/218,029 US8924737B2 (en) 2011-08-25 2011-08-25 Digital signing authority dependent platform secret
PCT/US2012/049880 WO2013028353A1 (en) 2011-08-25 2012-08-08 Digital signing authority dependent platform secret

Publications (2)

Publication Number Publication Date
KR20140051350A KR20140051350A (ko) 2014-04-30
KR102030858B1 true KR102030858B1 (ko) 2019-10-10

Family

ID=47745392

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020147004666A Active KR102030858B1 (ko) 2011-08-25 2012-08-08 디지털 서명 권한자 의존형 플랫폼 기밀 생성 기법

Country Status (6)

Country Link
US (1) US8924737B2 (enExample)
EP (1) EP2748752B1 (enExample)
JP (1) JP6073320B2 (enExample)
KR (1) KR102030858B1 (enExample)
CN (1) CN103765429B (enExample)
WO (1) WO2013028353A1 (enExample)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9477848B2 (en) * 2013-03-15 2016-10-25 Insyde Software Corp. System and method for managing and diagnosing a computing device equipped with unified extensible firmware interface (UEFI)-compliant firmware
US9384351B2 (en) * 2013-03-15 2016-07-05 Intel Corporation Method and apparatus for implementing a secure boot using multiple firmware sources
KR20140136166A (ko) * 2013-05-20 2014-11-28 삼성전자주식회사 관리자 권한 획득 방지 방법 및 장치
US10360370B2 (en) * 2016-07-22 2019-07-23 Hewlett Packard Enterprise Development Lp Authenticated access to manageability hardware components
CN108933788B (zh) * 2018-07-03 2020-11-06 西南交通大学 一种基于fpga的rssp-ii协议mac码快速验证装置
US11361660B2 (en) * 2019-03-25 2022-06-14 Micron Technology, Inc. Verifying identity of an emergency vehicle during operation
US11323275B2 (en) 2019-03-25 2022-05-03 Micron Technology, Inc. Verification of identity using a secret key
US11233650B2 (en) 2019-03-25 2022-01-25 Micron Technology, Inc. Verifying identity of a vehicle entering a trust zone
US11218330B2 (en) 2019-03-25 2022-01-04 Micron Technology, Inc. Generating an identity for a computing device using a physical unclonable function
US11025422B2 (en) * 2019-07-23 2021-06-01 Nasuni Corporation Cloud-native global file system with constant-time rekeying
GB201913144D0 (en) * 2019-09-12 2019-10-30 Nchain Holdings Ltd Sharing data via transactions of a blockchain
US11340797B2 (en) * 2019-10-04 2022-05-24 Zettaset, Inc. Dedicated encrypted container storage
US11893118B2 (en) * 2021-05-25 2024-02-06 Microsoft Technology Licensing, Llc Transfer of ownership of a computing device via a security processor

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7216369B2 (en) 2002-06-28 2007-05-08 Intel Corporation Trusted platform apparatus, system, and method
US20070127719A1 (en) * 2003-10-14 2007-06-07 Goran Selander Efficient management of cryptographic key generations
US7458002B2 (en) 2003-08-19 2008-11-25 Infineon Technologies Ag Processor having electronic fuses for storing secret data

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3581001B2 (ja) * 1998-01-20 2004-10-27 富士通株式会社 記憶装置、記憶媒体及び識別情報記録方法
EP1030237A1 (en) * 1999-02-15 2000-08-23 Hewlett-Packard Company Trusted hardware device in a computer
DE19935286A1 (de) * 1999-07-27 2001-02-01 Deutsche Telekom Ag Verfahren zur sicheren verteilten Generierung eines Chiffrierschlüssels
EP1429224A1 (en) 2002-12-10 2004-06-16 Texas Instruments Incorporated Firmware run-time authentication
DE10238095B4 (de) * 2002-08-21 2007-08-30 Audi Ag Verfahren zum Schutz vor Manipulationen an einem Steuergerät für mindestens eine Kfz-Komponente und Steuergerät
US20050010811A1 (en) 2003-06-16 2005-01-13 Zimmer Vincent J. Method and system to support network port authentication from out-of-band firmware
JP2005038411A (ja) * 2003-06-30 2005-02-10 Sony Corp 機器認証情報組込システム、端末機器、機器認証情報処理方法、機器認証情報処理プログラム、提供サーバ、機器認証情報提供方法、機器認証情報提供プログラム、及び記憶媒体
US7318150B2 (en) 2004-02-25 2008-01-08 Intel Corporation System and method to support platform firmware as a trusted process
US7490245B2 (en) * 2004-07-24 2009-02-10 Lenovo (Singapore) Pte. Ltd. System and method for data processing system planar authentication
US8181020B2 (en) 2005-02-02 2012-05-15 Insyde Software Corp. System and method for securely storing firmware
US8738822B2 (en) * 2005-05-03 2014-05-27 Flexera Software Llc System and method for controlling operation of a component on a computer system
US7908483B2 (en) * 2005-06-30 2011-03-15 Intel Corporation Method and apparatus for binding TPM keys to execution entities
US8429724B2 (en) * 2006-04-25 2013-04-23 Seagate Technology Llc Versatile access control system
JP2008055849A (ja) * 2006-09-01 2008-03-13 Ricoh Co Ltd 画像形成装置及びその管理方法
JP5096022B2 (ja) * 2007-03-15 2012-12-12 株式会社リコー 情報処理装置、ソフトウェア検証方法及びソフトウェア検証プログラム
US7836309B2 (en) 2007-07-20 2010-11-16 Microsoft Corporation Generic extensible pre-operating system cryptographic infrastructure
JP4991592B2 (ja) * 2008-02-18 2012-08-01 株式会社リコー ソフトウェア改ざん検知方法、ソフトウェア改ざん検知プログラム及び機器
JP2009244827A (ja) * 2008-03-13 2009-10-22 Ricoh Co Ltd 画像記録装置、画像表示装置及び画像暗号化システム
US8201239B2 (en) 2008-06-23 2012-06-12 Intel Corporation Extensible pre-boot authentication
US20090327741A1 (en) 2008-06-30 2009-12-31 Zimmer Vincent J System and method to secure boot uefi firmware and uefi-aware operating systems on a mobile internet device (mid)
GB2466071B (en) 2008-12-15 2013-11-13 Hewlett Packard Development Co Associating a signing key with a software component of a computing platform
US8086839B2 (en) 2008-12-30 2011-12-27 Intel Corporation Authentication for resume boot path
US8566613B2 (en) * 2010-06-11 2013-10-22 Intel Corporation Multi-owner deployment of firmware images

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7216369B2 (en) 2002-06-28 2007-05-08 Intel Corporation Trusted platform apparatus, system, and method
US7458002B2 (en) 2003-08-19 2008-11-25 Infineon Technologies Ag Processor having electronic fuses for storing secret data
US20070127719A1 (en) * 2003-10-14 2007-06-07 Goran Selander Efficient management of cryptographic key generations

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Patrick Röder 외3인, "Hades-Hardware Assisted Document Security", Second Workshop on Advances in Trusted Computing (WATC 2006 Fall), pp.1-13.

Also Published As

Publication number Publication date
EP2748752B1 (en) 2017-09-27
CN103765429B (zh) 2016-08-31
WO2013028353A1 (en) 2013-02-28
EP2748752A1 (en) 2014-07-02
CN103765429A (zh) 2014-04-30
EP2748752A4 (en) 2015-04-22
JP2014524628A (ja) 2014-09-22
US20130054946A1 (en) 2013-02-28
US8924737B2 (en) 2014-12-30
KR20140051350A (ko) 2014-04-30
JP6073320B2 (ja) 2017-02-01

Similar Documents

Publication Publication Date Title
KR102030858B1 (ko) 디지털 서명 권한자 의존형 플랫폼 기밀 생성 기법
EP3120291B1 (en) Rapid data protection for storage devices
US9424431B2 (en) Protecting operating system configuration values using a policy identifying operating system configuration settings
EP3047375B1 (en) Virtual machine manager facilitated selective code integrity enforcement
US10803175B2 (en) Device attestation through security hardened management agent
JP4982825B2 (ja) コンピュータおよび共有パスワードの管理方法
EP2583410B1 (en) Single-use authentication methods for accessing encrypted data
CN111723383B (zh) 数据存储、验证方法及装置
CN112513857A (zh) 可信执行环境中的个性化密码安全访问控制
CN113141610B (zh) 将设备标识符和用户标识符相关联的设备盗窃防护
US10423791B2 (en) Enabling offline restart of shielded virtual machines using key caching
US8607071B2 (en) Preventing replay attacks in encrypted file systems
CN114244565B (zh) 密钥分发方法、装置、设备及存储介质
CN116089967B (zh) 数据防回滚方法和电子设备
CN115470525B (zh) 一种文件保护方法、系统、计算设备及存储介质
CN108985079A (zh) 数据验证方法和验证系统
CN114117460A (zh) 数据保护方法、装置、电子设备及存储介质

Legal Events

Date Code Title Description
PA0105 International application

Patent event date: 20140224

Patent event code: PA01051R01D

Comment text: International Patent Application

PG1501 Laying open of application
N231 Notification of change of applicant
PN2301 Change of applicant

Patent event date: 20150715

Comment text: Notification of Change of Applicant

Patent event code: PN23011R01D

A201 Request for examination
PA0201 Request for examination

Patent event code: PA02012R01D

Patent event date: 20170706

Comment text: Request for Examination of Application

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

Comment text: Notification of reason for refusal

Patent event date: 20190110

Patent event code: PE09021S01D

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

Patent event code: PE07011S01D

Comment text: Decision to Grant Registration

Patent event date: 20190703

GRNT Written decision to grant
PR0701 Registration of establishment

Comment text: Registration of Establishment

Patent event date: 20191002

Patent event code: PR07011E01D

PR1002 Payment of registration fee

Payment date: 20191002

End annual number: 3

Start annual number: 1

PG1601 Publication of registration
PR1001 Payment of annual fee

Payment date: 20220915

Start annual number: 4

End annual number: 4

PR1001 Payment of annual fee

Payment date: 20230921

Start annual number: 5

End annual number: 5

PR1001 Payment of annual fee