TW200638237A - Protected computing environment - Google Patents

Protected computing environment

Info

Publication number
TW200638237A
TW200638237A TW094130187A TW94130187A TW200638237A TW 200638237 A TW200638237 A TW 200638237A TW 094130187 A TW094130187 A TW 094130187A TW 94130187 A TW94130187 A TW 94130187A TW 200638237 A TW200638237 A TW 200638237A
Authority
TW
Taiwan
Prior art keywords
kernel
computing environment
security state
secure process
protected computing
Prior art date
Application number
TW094130187A
Other languages
Chinese (zh)
Other versions
TWI428786B (en
Inventor
Sumedh N Barde
Jonathan D Schwartz
Reid Joseph Kuhn
Alexandre Vicktorovich Grigorovitch
Kirt A Debique
Chadd B Knowlton
James M Alkove
Geoffrey T Dunbar
Michael J Grier
Ming Ma
Chaitanya D Upadhyat
Adil Ahmed Sherwani
Arun Upadhyaya Kishan
David R Marsh
David R Blythe
Frank D Yerrace
Jay Senior
Ketteth Reneris
Noel R Cross
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/116,598 external-priority patent/US20060242406A1/en
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of TW200638237A publication Critical patent/TW200638237A/en
Application granted granted Critical
Publication of TWI428786B publication Critical patent/TWI428786B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/106Enforcing content protection by specific content processing
    • G06F21/1064Restricting content processing at operating system level
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

A method of establishing a protected environment within a computing device including validating a kernel component loaded into a kernel of the computing device, establishing a security state for the kernel based on the validation, creating a secure process and loading a software component into the secure process, periodically checking the security state of the kernel, and notifying the secure process when the security state of the kernel has changed.
TW094130187A 2005-04-22 2005-09-02 Protected computing environment TWI428786B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US67397905P 2005-04-22 2005-04-22
US11/116,598 US20060242406A1 (en) 2005-04-22 2005-04-27 Protected computing environment

Publications (2)

Publication Number Publication Date
TW200638237A true TW200638237A (en) 2006-11-01
TWI428786B TWI428786B (en) 2014-03-01

Family

ID=46062814

Family Applications (1)

Application Number Title Priority Date Filing Date
TW094130187A TWI428786B (en) 2005-04-22 2005-09-02 Protected computing environment

Country Status (3)

Country Link
KR (1) KR101238496B1 (en)
TW (1) TWI428786B (en)
WO (1) WO2006115533A2 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9363481B2 (en) 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
CN109753347B (en) * 2017-11-06 2023-03-21 阿里巴巴集团控股有限公司 System and method for realizing driving

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6327652B1 (en) * 1998-10-26 2001-12-04 Microsoft Corporation Loading and identifying a digital rights management operating system
US20030005335A1 (en) * 2001-06-28 2003-01-02 Hidekazu Watanabe Protecting secured codes and circuits in an integrated circuit
US7343493B2 (en) * 2002-03-28 2008-03-11 Lenovo (Singapore) Pte. Ltd. Encrypted file system using TCPA
US7322042B2 (en) * 2003-02-07 2008-01-22 Broadon Communications Corp. Secure and backward-compatible processor and secure software execution thereon

Also Published As

Publication number Publication date
KR20080008337A (en) 2008-01-23
KR101238496B1 (en) 2013-03-04
TWI428786B (en) 2014-03-01
WO2006115533A2 (en) 2006-11-02
WO2006115533A3 (en) 2007-11-15

Similar Documents

Publication Publication Date Title
WO2009014779A3 (en) System for malware normalization and detection
WO2007146519A3 (en) Automated priority restores
WO2004055634A3 (en) Systems and methods for detecting a security breach in a computer system
WO2008042871A3 (en) Methods and apparatus for securely signing on to a website via a security website
GB2440697A (en) Computer security system and method
WO2005091757A3 (en) Autonomous memory checker for runtime security assurance and method therfore
WO2006074294A3 (en) Methods and apparatus providing security to computer systems and networks
WO2006133222A3 (en) Constraint injection system for immunizing software programs against vulnerabilities and attacks
WO2007050590A3 (en) Media content delivery audit and verification services
HK1167532A1 (en) System and method for handling data transfers
EP1934935A4 (en) Device, system and method for reducing an interaction time for a contactless transaction
WO2007065307A3 (en) Handling a device related operation in a virtualization environment
WO2012027701A3 (en) Parallel processing development environment and associated methods
WO2007141648A3 (en) Method, electronic device, apparatus, system and computer program product for updating an electronic device security policy
WO2008034009A3 (en) Method of randomly and dynamically checking configuration integrity of a gaming system
WO2012037422A3 (en) Improvements in watermark extraction efficiency
EP1708477A4 (en) Unauthorized copy preventing device and method thereof, and program
EP1796061A4 (en) Encryption computing method, encryption device, and computer program
WO2008055220A3 (en) Automated review and hold placement
EP1958118A4 (en) Computer program product, apparatus and method for secure http digest response verification and integrity protection in a mobile terminal
WO2008096078A3 (en) Portable electronic device and method for securing such device
GB0501878D0 (en) Article and a mobile networkable device for reading data from an article and system methods and software relating thereto
WO2005099334A3 (en) Event handling mechanism
TW200638237A (en) Protected computing environment
GB0615909D0 (en) Protected software identifiers for improving security in a computing device

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees