Manifest-based trusted agent management in a trusted operating system environment
First Claim
Patent Images
1. A computer readable medium having stored thereon a data structure that describes what types of binaries can be loaded into a process space for a trusted application, the data structure comprising:
- a first portion including data representing a unique identifier of the trusted application;
a second portion including data indicating whether a particular one or more binaries can be loaded into the process space for the trusted application; and
a third portion derived from the data in both the first portion and the second portion by generating a digital signature over the first and second portions.
2 Assignments
0 Petitions
Accused Products
Abstract
Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
186 Citations
76 Claims
-
1. A computer readable medium having stored thereon a data structure that describes what types of binaries can be loaded into a process space for a trusted application, the data structure comprising:
-
a first portion including data representing a unique identifier of the trusted application;
a second portion including data indicating whether a particular one or more binaries can be loaded into the process space for the trusted application; and
a third portion derived from the data in both the first portion and the second portion by generating a digital signature over the first and second portions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of generating a new manifest to facilitate upgrading a trusted application on a computing device to a new trusted application, the method comprising:
-
receiving a request to upgrade the trusted application to the new trusted application;
receiving one or more new components to be included in the new trusted application; and
generating a manifest for the new trusted application, wherein the manifest allows the one or more new components to be loaded on the computing device. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method comprising:
-
receiving a request to execute a process;
setting up a memory space for the process;
accessing a manifest corresponding to the process; and
limiting which of a plurality of binaries can be executed in the memory space based on indicators, of the binaries, that are included in the manifest. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
-
-
48. One or more computer readable media having stored thereon a plurality of instructions that, when executed by one or more processors, causes the one or more processors to:
-
set up a virtual memory space for a trusted application process;
obtain a manifest corresponding to the trusted application process;
identify, from the manifest, a plurality of binary indicators; and
restrict which of multiple binaries can be executed in the virtual memory space based on the plurality of binary indictors. - View Dependent Claims (49, 50, 51, 52, 53, 54, 55)
-
-
56. One or more computer readable media having stored thereon a plurality of instructions to implement a trusted core of a computing device that, when executed by one or more processors of the computing device, causes the one or more processors to:
-
receive, from a trusted agent executing on the computing device, a request to securely store a secret, wherein the request includes, the secret, and an identifier of a manifest that should be allowed to retrieve the secret; and
have the secret encrypted. - View Dependent Claims (57)
-
-
58. One or more computer readable media having stored thereon a plurality of instructions to implement a trusted core of a computing device that, when executed by one or more processors of the computing device, causes the one or more processors to:
-
receive, from a trusted application executing on the computing device, a request to retrieve a secret securely stored by a previous trusted application executing on the computing device;
compare a first manifest identifier of the trusted application to a second manifest identifier corresponding to the previous trusted application; and
determine whether to reveal the secret to the trusted application based at least in part on whether the first manifest identifier and the second manifest identifier are the same. - View Dependent Claims (59, 60, 61, 62, 63)
-
-
64. One or more computer readable media having stored thereon a plurality of instructions to implement a trusted core of a computing device that, when executed by one or more processors of the computing device, causes the one or more processors to:
-
receive encrypted data;
decrypt the data;
identify a plurality of conditions in the data;
check whether a manifest associated with a trusted application process satisfies all of the plurality of conditions; and
allow the trusted application process to retrieve a secret in the encrypted data only if the manifest satisfies all of the plurality of conditions. - View Dependent Claims (65, 66, 67, 68)
-
-
69. One or more computer readable media having stored thereon a plurality of instructions to implement a trusted core of a computing device that, when executed by one or more processors of the computing device, causes the one or more processors to:
-
receive, from a trusted application, a request to generate a digitally signed statement; and
generate a digitally signed statement including an identifier of a manifest corresponding to the trusted application. - View Dependent Claims (70, 71, 72)
-
-
73. A computer readable medium having stored thereon a data structure that allows a secret associated with a trusted application to be exported to another trusted application, the data structure comprising:
-
a first portion including an identifier of a manifest associated with the application;
a second portion including an identifier of a manifest associated with the other application; and
a third portion derived from the identifiers in both the first portion and the second portion by generating a digital signature over the first and second portions. - View Dependent Claims (74, 75, 76)
-
Specification