KR102396070B1 - 신뢰가능 플랫폼 모듈에서의 운영 체제 컨텍스트 표현 기법 - Google Patents

신뢰가능 플랫폼 모듈에서의 운영 체제 컨텍스트 표현 기법 Download PDF

Info

Publication number
KR102396070B1
KR102396070B1 KR1020177008058A KR20177008058A KR102396070B1 KR 102396070 B1 KR102396070 B1 KR 102396070B1 KR 1020177008058 A KR1020177008058 A KR 1020177008058A KR 20177008058 A KR20177008058 A KR 20177008058A KR 102396070 B1 KR102396070 B1 KR 102396070B1
Authority
KR
South Korea
Prior art keywords
authorization
principal
request
trusted platform
platform module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
KR1020177008058A
Other languages
English (en)
Korean (ko)
Other versions
KR20170059447A (ko
Inventor
스테판 톰
로날드 아이그너
나빈 파이
Original Assignee
마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 filed Critical 마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Publication of KR20170059447A publication Critical patent/KR20170059447A/ko
Application granted granted Critical
Publication of KR102396070B1 publication Critical patent/KR102396070B1/ko
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)
KR1020177008058A 2014-09-25 2015-09-23 신뢰가능 플랫폼 모듈에서의 운영 체제 컨텍스트 표현 기법 Active KR102396070B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/497,221 2014-09-25
US14/497,221 US9767304B2 (en) 2014-09-25 2014-09-25 Representation of operating system context in a trusted platform module
PCT/US2015/051683 WO2016049157A1 (en) 2014-09-25 2015-09-23 Representation of operating system context in a trusted platform module

Publications (2)

Publication Number Publication Date
KR20170059447A KR20170059447A (ko) 2017-05-30
KR102396070B1 true KR102396070B1 (ko) 2022-05-09

Family

ID=54325669

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020177008058A Active KR102396070B1 (ko) 2014-09-25 2015-09-23 신뢰가능 플랫폼 모듈에서의 운영 체제 컨텍스트 표현 기법

Country Status (11)

Country Link
US (1) US9767304B2 (enExample)
EP (1) EP3198511B1 (enExample)
JP (1) JP6584500B2 (enExample)
KR (1) KR102396070B1 (enExample)
CN (1) CN107077571B (enExample)
AU (1) AU2015320713B2 (enExample)
BR (1) BR112017004416B1 (enExample)
CA (1) CA2959735C (enExample)
MX (1) MX381685B (enExample)
RU (1) RU2702276C2 (enExample)
WO (1) WO2016049157A1 (enExample)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3038394A1 (en) * 2014-12-22 2016-06-29 Gemalto Sa Method of restoring a secure element to a factory state
US10586076B2 (en) * 2015-08-24 2020-03-10 Acronis International Gmbh System and method for controlling access to OS resources
US11243782B2 (en) 2016-12-14 2022-02-08 Microsoft Technology Licensing, Llc Kernel soft reset using non-volatile RAM
CN111557012B (zh) * 2018-12-03 2023-09-15 戴斯数字有限责任公司 跨传感器预测性推断
US12367320B2 (en) * 2021-09-22 2025-07-22 Ridgeline, Inc. Mechanism for real-time identity resolution in a distributed system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6119230A (en) 1997-10-01 2000-09-12 Novell, Inc. Distributed dynamic security capabilities
US7275263B2 (en) 2003-08-11 2007-09-25 Intel Corporation Method and system and authenticating a user of a computer system that has a trusted platform module (TPM)
US20080040613A1 (en) 2006-08-14 2008-02-14 David Carroll Challener Apparatus, system, and method for secure password reset
US20090172328A1 (en) 2007-12-31 2009-07-02 Ravi Sahita System and method for high performance secure access to a trusted platform module on a hardware virtualization platform
US20120297455A1 (en) 2011-05-17 2012-11-22 Microsoft Corporation Target-based access check independent of access request

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6A (en) * 1836-08-10 Thomas Blanchard Machine for forming end pieces of plank blocks for ships
JPH11175402A (ja) * 1997-12-10 1999-07-02 Fujitsu Ltd カード型記憶媒体及びカード型記憶媒体のアクセス制御方法並びにカード型記憶媒体用アクセス制御プログラムを記録したコンピュータ読み取り可能な記録媒体
US7716494B2 (en) 2004-07-15 2010-05-11 Sony Corporation Establishing a trusted platform in a digital processing system
US7836299B2 (en) 2005-03-15 2010-11-16 Microsoft Corporation Virtualization of software configuration registers of the TPM cryptographic processor
US7930733B1 (en) 2006-04-10 2011-04-19 At&T Intellectual Property Ii, L.P. Method and system for execution monitor-based trusted computing
US7841000B2 (en) * 2006-10-16 2010-11-23 Lenovo (Singapore) Pte. Ltd. Authentication password storage method and generation method, user authentication method, and computer
JP5116325B2 (ja) * 2007-03-15 2013-01-09 株式会社リコー 情報処理装置、ソフトウェア更新方法及び画像処理装置
US8032741B2 (en) * 2007-08-22 2011-10-04 Intel Corporation Method and apparatus for virtualization of a multi-context hardware trusted platform module (TPM)
US8544092B2 (en) * 2009-03-12 2013-09-24 International Business Machines Corporation Integrity verification using a peripheral device
CA2789243A1 (en) 2009-03-13 2010-09-16 Rutgers, The State University Of New Jersey Systems and methods for the detection of malware
US20100318782A1 (en) * 2009-06-12 2010-12-16 Microsoft Corporation Secure and private backup storage and processing for trusted computing and data services
US8560839B2 (en) * 2010-12-20 2013-10-15 Microsoft Corporation Tamper proof location services

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6119230A (en) 1997-10-01 2000-09-12 Novell, Inc. Distributed dynamic security capabilities
US7275263B2 (en) 2003-08-11 2007-09-25 Intel Corporation Method and system and authenticating a user of a computer system that has a trusted platform module (TPM)
US20080040613A1 (en) 2006-08-14 2008-02-14 David Carroll Challener Apparatus, system, and method for secure password reset
US20090172328A1 (en) 2007-12-31 2009-07-02 Ravi Sahita System and method for high performance secure access to a trusted platform module on a hardware virtualization platform
US20120297455A1 (en) 2011-05-17 2012-11-22 Microsoft Corporation Target-based access check independent of access request

Also Published As

Publication number Publication date
KR20170059447A (ko) 2017-05-30
EP3198511B1 (en) 2020-07-15
CN107077571B (zh) 2020-03-27
MX381685B (es) 2025-03-04
JP6584500B2 (ja) 2019-10-02
BR112017004416A2 (pt) 2017-12-05
RU2702276C2 (ru) 2019-10-07
CN107077571A (zh) 2017-08-18
RU2017109885A (ru) 2018-09-24
BR112017004416B1 (pt) 2022-12-06
RU2017109885A3 (enExample) 2019-04-01
AU2015320713B2 (en) 2020-11-05
WO2016049157A1 (en) 2016-03-31
AU2015320713A1 (en) 2017-03-16
JP2017530471A (ja) 2017-10-12
MX2017003931A (es) 2017-06-26
US20160092691A1 (en) 2016-03-31
EP3198511A1 (en) 2017-08-02
CA2959735A1 (en) 2016-03-31
US9767304B2 (en) 2017-09-19
CA2959735C (en) 2022-10-18

Similar Documents

Publication Publication Date Title
EP3830733B1 (en) Personalized and cryptographically secure access control in trusted execution environment
US10831886B2 (en) Virtual machine manager facilitated selective code integrity enforcement
CN107408183B (zh) 通过安全硬化管理代理进行的设备证实
CN105408912B (zh) 处理认证和资源许可
US9762396B2 (en) Device theft protection associating a device identifier and a user identifier
KR102396070B1 (ko) 신뢰가능 플랫폼 모듈에서의 운영 체제 컨텍스트 표현 기법
KR102028670B1 (ko) 클락 윌슨 모델을 적용한 모바일 장치 및 그것의 동작 방법
US10043018B2 (en) Access privilege analysis for a securable asset
HK40054283B (en) Personalized and cryptographically secure access control in trusted execution environment
HK40054283A (en) Personalized and cryptographically secure access control in trusted execution environment

Legal Events

Date Code Title Description
PA0105 International application

Patent event date: 20170323

Patent event code: PA01051R01D

Comment text: International Patent Application

PG1501 Laying open of application
PA0201 Request for examination

Patent event code: PA02012R01D

Patent event date: 20200827

Comment text: Request for Examination of Application

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

Comment text: Notification of reason for refusal

Patent event date: 20210813

Patent event code: PE09021S01D

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

Patent event code: PE07011S01D

Comment text: Decision to Grant Registration

Patent event date: 20220204

GRNT Written decision to grant
PR0701 Registration of establishment

Comment text: Registration of Establishment

Patent event date: 20220504

Patent event code: PR07011E01D

PR1002 Payment of registration fee

Payment date: 20220504

End annual number: 3

Start annual number: 1

PG1601 Publication of registration