RU2702276C2 - Представление контекста операционной системы в доверенном платформенном модуле - Google Patents

Представление контекста операционной системы в доверенном платформенном модуле Download PDF

Info

Publication number
RU2702276C2
RU2702276C2 RU2017109885A RU2017109885A RU2702276C2 RU 2702276 C2 RU2702276 C2 RU 2702276C2 RU 2017109885 A RU2017109885 A RU 2017109885A RU 2017109885 A RU2017109885 A RU 2017109885A RU 2702276 C2 RU2702276 C2 RU 2702276C2
Authority
RU
Russia
Prior art keywords
authorization
request
access
trusted platform
subject
Prior art date
Application number
RU2017109885A
Other languages
English (en)
Russian (ru)
Other versions
RU2017109885A3 (enExample
RU2017109885A (ru
Inventor
Стефан Том
Рональд АЙГНЕР
Навин ПАИ
Original Assignee
МАЙКРОСОФТ ТЕКНОЛОДЖИ ЛАЙСЕНСИНГ, ЭлЭлСи
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by МАЙКРОСОФТ ТЕКНОЛОДЖИ ЛАЙСЕНСИНГ, ЭлЭлСи filed Critical МАЙКРОСОФТ ТЕКНОЛОДЖИ ЛАЙСЕНСИНГ, ЭлЭлСи
Publication of RU2017109885A publication Critical patent/RU2017109885A/ru
Publication of RU2017109885A3 publication Critical patent/RU2017109885A3/ru
Application granted granted Critical
Publication of RU2702276C2 publication Critical patent/RU2702276C2/ru

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)
RU2017109885A 2014-09-25 2015-09-23 Представление контекста операционной системы в доверенном платформенном модуле RU2702276C2 (ru)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/497,221 2014-09-25
US14/497,221 US9767304B2 (en) 2014-09-25 2014-09-25 Representation of operating system context in a trusted platform module
PCT/US2015/051683 WO2016049157A1 (en) 2014-09-25 2015-09-23 Representation of operating system context in a trusted platform module

Publications (3)

Publication Number Publication Date
RU2017109885A RU2017109885A (ru) 2018-09-24
RU2017109885A3 RU2017109885A3 (enExample) 2019-04-01
RU2702276C2 true RU2702276C2 (ru) 2019-10-07

Family

ID=54325669

Family Applications (1)

Application Number Title Priority Date Filing Date
RU2017109885A RU2702276C2 (ru) 2014-09-25 2015-09-23 Представление контекста операционной системы в доверенном платформенном модуле

Country Status (11)

Country Link
US (1) US9767304B2 (enExample)
EP (1) EP3198511B1 (enExample)
JP (1) JP6584500B2 (enExample)
KR (1) KR102396070B1 (enExample)
CN (1) CN107077571B (enExample)
AU (1) AU2015320713B2 (enExample)
BR (1) BR112017004416B1 (enExample)
CA (1) CA2959735C (enExample)
MX (1) MX381685B (enExample)
RU (1) RU2702276C2 (enExample)
WO (1) WO2016049157A1 (enExample)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3038394A1 (en) * 2014-12-22 2016-06-29 Gemalto Sa Method of restoring a secure element to a factory state
US10586076B2 (en) * 2015-08-24 2020-03-10 Acronis International Gmbh System and method for controlling access to OS resources
US11243782B2 (en) 2016-12-14 2022-02-08 Microsoft Technology Licensing, Llc Kernel soft reset using non-volatile RAM
CN111566678B (zh) 2018-12-03 2023-09-01 戴斯数字有限责任公司 利用动态关系认知的数据交互平台
US12367320B2 (en) * 2021-09-22 2025-07-22 Ridgeline, Inc. Mechanism for real-time identity resolution in a distributed system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6A (en) * 1836-08-10 Thomas Blanchard Machine for forming end pieces of plank blocks for ships
US6119230A (en) * 1997-10-01 2000-09-12 Novell, Inc. Distributed dynamic security capabilities
US7275263B2 (en) * 2003-08-11 2007-09-25 Intel Corporation Method and system and authenticating a user of a computer system that has a trusted platform module (TPM)
US20090172328A1 (en) * 2007-12-31 2009-07-02 Ravi Sahita System and method for high performance secure access to a trusted platform module on a hardware virtualization platform
US20120297455A1 (en) * 2011-05-17 2012-11-22 Microsoft Corporation Target-based access check independent of access request
RU2531569C2 (ru) * 2009-06-12 2014-10-20 Майкрософт Корпорейшн Защищенное и конфиденциальное хранение и обработка резервных копий для доверенных сервисов вычисления и данных

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11175402A (ja) * 1997-12-10 1999-07-02 Fujitsu Ltd カード型記憶媒体及びカード型記憶媒体のアクセス制御方法並びにカード型記憶媒体用アクセス制御プログラムを記録したコンピュータ読み取り可能な記録媒体
US7716494B2 (en) 2004-07-15 2010-05-11 Sony Corporation Establishing a trusted platform in a digital processing system
US7836299B2 (en) 2005-03-15 2010-11-16 Microsoft Corporation Virtualization of software configuration registers of the TPM cryptographic processor
US7930733B1 (en) 2006-04-10 2011-04-19 At&T Intellectual Property Ii, L.P. Method and system for execution monitor-based trusted computing
US20080040613A1 (en) 2006-08-14 2008-02-14 David Carroll Challener Apparatus, system, and method for secure password reset
US7841000B2 (en) * 2006-10-16 2010-11-23 Lenovo (Singapore) Pte. Ltd. Authentication password storage method and generation method, user authentication method, and computer
JP5116325B2 (ja) * 2007-03-15 2013-01-09 株式会社リコー 情報処理装置、ソフトウェア更新方法及び画像処理装置
US8032741B2 (en) * 2007-08-22 2011-10-04 Intel Corporation Method and apparatus for virtualization of a multi-context hardware trusted platform module (TPM)
US8544092B2 (en) * 2009-03-12 2013-09-24 International Business Machines Corporation Integrity verification using a peripheral device
EP2406717A4 (en) 2009-03-13 2012-12-26 Univ Rutgers SYSTEMS AND METHODS FOR DETECTING DAMAGE PROGRAMS
US8560839B2 (en) * 2010-12-20 2013-10-15 Microsoft Corporation Tamper proof location services

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6A (en) * 1836-08-10 Thomas Blanchard Machine for forming end pieces of plank blocks for ships
US6119230A (en) * 1997-10-01 2000-09-12 Novell, Inc. Distributed dynamic security capabilities
US7275263B2 (en) * 2003-08-11 2007-09-25 Intel Corporation Method and system and authenticating a user of a computer system that has a trusted platform module (TPM)
US20090172328A1 (en) * 2007-12-31 2009-07-02 Ravi Sahita System and method for high performance secure access to a trusted platform module on a hardware virtualization platform
RU2531569C2 (ru) * 2009-06-12 2014-10-20 Майкрософт Корпорейшн Защищенное и конфиденциальное хранение и обработка резервных копий для доверенных сервисов вычисления и данных
US20120297455A1 (en) * 2011-05-17 2012-11-22 Microsoft Corporation Target-based access check independent of access request

Also Published As

Publication number Publication date
KR102396070B1 (ko) 2022-05-09
BR112017004416B1 (pt) 2022-12-06
AU2015320713B2 (en) 2020-11-05
CA2959735A1 (en) 2016-03-31
MX2017003931A (es) 2017-06-26
BR112017004416A2 (pt) 2017-12-05
KR20170059447A (ko) 2017-05-30
US20160092691A1 (en) 2016-03-31
US9767304B2 (en) 2017-09-19
RU2017109885A3 (enExample) 2019-04-01
JP6584500B2 (ja) 2019-10-02
AU2015320713A1 (en) 2017-03-16
CN107077571A (zh) 2017-08-18
MX381685B (es) 2025-03-04
EP3198511B1 (en) 2020-07-15
JP2017530471A (ja) 2017-10-12
EP3198511A1 (en) 2017-08-02
CN107077571B (zh) 2020-03-27
WO2016049157A1 (en) 2016-03-31
CA2959735C (en) 2022-10-18
RU2017109885A (ru) 2018-09-24

Similar Documents

Publication Publication Date Title
US11093604B2 (en) Personalized and cryptographically secure access control in trusted execution environment
KR102451109B1 (ko) 디바이스 익명성을 제공하는 키 증명문 생성
CN111324895B (zh) 用于客户端设备的信任服务
EP3265950B1 (en) Device attestation through security hardened management agent
US9762396B2 (en) Device theft protection associating a device identifier and a user identifier
US9742762B2 (en) Utilizing a trusted platform module (TPM) of a host device
RU2702276C2 (ru) Представление контекста операционной системы в доверенном платформенном модуле
HK40024477A (en) Key attestation statement generation providing device anonymity