Attesting to a value of a register and/or memory region

US 20030196111A1
Filed: 05/07/2003
Published: 10/16/2003
Est. Priority Date: 10/26/1998
Status: Active Grant

First Claim

Patent Images

1. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by a processor, causes the processor to:

receive a request to make a signed attestation of a current value of a register; and

return a signed statement of the current value of the register, wherein the statement is signed using a private key of a pair of public and private keys of the processor.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with one aspect of attesting to a value of a register and/or memory region, an operating system of a device receives a request, in response to an ATTEST operation being invoked, to make a signed attestation of a value. The operating system signs a statement that includes the value using a private key of a pair of public and private keys of a processor of the device. The value may be stored in a register and/or a region of memory.

Citations

33 Claims

1. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by a processor, causes the processor to:
- receive a request to make a signed attestation of a current value of a register; and
  
  return a signed statement of the current value of the register, wherein the statement is signed using a private key of a pair of public and private keys of the processor.
- View Dependent Claims (2, 3, 4, 5)
- - 2. One or more computer readable memories as recited in claim 1, wherein the signed statement further includes a public key of the pair of public and private keys of the processor.
  - 3. One or more computer readable memories as recited in claim 1, wherein the signed statement further includes a value “
    - ATTEST”
      
      .
  - 4. One or more computer readable memories as recited in claim 1, wherein the signed statement further includes a name of the register.
  - 5. One or more computer readable memories as recited in claim 1, wherein the signed statement further includes a current value of a region of memory identified in the request.

6. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by a processor, causes the processor to:
- receive a request to make a signed attestation of a current value of a region of memory;
  
  return a signed statement of the current value of the region of memory, wherein the statement is signed using a private key of a pair of public and private keys of the processor.
- View Dependent Claims (7, 8, 9, 10)
- - 7. One or more computer readable memories as recited in claim 6, wherein the signed statement further includes a public key of the pair of public and private keys of the processor.
  - 8. One or more computer readable memories as recited in claim 6, wherein the signed statement further includes a value “
    - ATTEST”
      
      .
  - 9. One or more computer readable memories as recited in claim 6, wherein the value comprises a challenge nonce received from a content provider.
  - 10. One or more computer readable memories as recited in claim 6, wherein the signed statement further includes:
    - a value of a register identified in the request; and
      
      a name of the register.

11. A method, implemented by an operating system of a device, the method comprising:
- receiving, in response to an ATTEST operation being invoked, a request to make a signed attestation of a value; and
  
  signing, using a private key of a pair of public and private keys of a processor of the device, a statement including the value.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. A method as recited in claim 11, wherein the value to be signed is the value of a register.
  - 13. A method as recited in claim 12, wherein the statement further includes a name of the register.
  - 14. A method as recited in claim 11, wherein the value to be signed is the value of a region of memory.
  - 15. A method as recited in claim 14, wherein the value comprises a challenge nonce received from a content provider.
  - 16. A method as recited in claim 11, wherein the value to be signed is the value of a register and the value of a region of memory.

17. A system comprising:
- means for receiving, in response to an ATTEST operation being invoked, a request to make a signed attestation of a value; and
  
  means for signing, using a private key of a pair of public and private keys of a processor of the system, a statement including the value.
- View Dependent Claims (18, 19, 20)
- - 18. A system as recited in claim 17, wherein the value to be signed is the value of a register.
  - 19. A method as recited in claim 17, wherein the value to be signed is the value of a region of memory.
  - 20. A method as recited in claim 17, wherein the value to be signed is the value of a register and the value of a region of memory.

21. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by a processor of a device, causes the processor to implement an ATTEST operation that causes the processor to make a signed attestation of a current value of a region of memory or a register, the signed attestation being signed with a private key of a pair of public and private keys of the processor, and the signed attestation including the current value.
- View Dependent Claims (22, 23)
- - 22. One or more computer readable memories as recited in claim 21, wherein the ATTEST operation causes the processor to make a signed attestation of both the current value of the region of memory and the current value of the register, the signed attestation including both the current value of the region of memory and the current value of the register, the signed attestation further including a name of the register.
  - 23. One or more computer readable memories as recited in claim 21, wherein the value of the region of memory comprises a challenge nonce received from a content provider.

24. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors, causes the one or more processors to:
- invoke an attest operation in order to have a signed attestation of a current value of a register made; and
  
  receive, in response to invoking the attest operation, a signed statement of the current value of the register, wherein the statement is signed using a private key of a pair of public and private keys of a processor of a device generating the signed statement.
- View Dependent Claims (25, 26, 27, 28)
- - 25. One or more computer readable memories as recited in claim 24, wherein the signed statement further includes a public key of the pair of public and private keys of the processor of the device generating the signed statement.
  - 26. One or more computer readable memories as recited in claim 24, wherein the signed statement further includes a value “
    - ATTEST”
      
      .
  - 27. One or more computer readable memories as recited in claim 24, wherein the signed statement further includes a name of the register.
  - 28. One or more computer readable memories as recited in claim 24, wherein the signed statement further includes a current value of a region of memory identified in the request.

29. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors, causes the one or more processors to:
- invoke an attest operation in order to have a signed attestation of a current value of a region of memory made; and
  
  receive, in response to invoking the attest operation, a signed statement of the current value of the region of memory, wherein the statement is signed using a private key of a pair of public and private keys of a processor of a device generating the signed statement.
- View Dependent Claims (30, 31, 32, 33)
- - 30. One or more computer readable memories as recited in claim 29, wherein the signed statement further includes a public key of the pair of public and private keys of the processor of the device generating the signed statement.
  - 31. One or more computer readable memories as recited in claim 29, wherein the signed statement further includes a value “
    - ATTEST”
      
      .
  - 32. One or more computer readable memories as recited in claim 29, wherein the value comprises a challenge nonce received from a content provider.
  - 33. One or more computer readable memories as recited in claim 29, wherein the signed statement further includes:
    - a value of a register identified in the request; and
      
      a name of the register.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
England, Paul, Lampson, Butler W., DeTreville, John D.

Granted Patent

US 7,356,682 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/34
CPC Class Codes

G06F 21/1011   to devices

G06F 21/445   by mutual authentication, e...

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 2221/2103   Challenge-response

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2129   Authenticate client device ...

G06F 9/4406   Loading of operating system

G06F 9/468   Specific access rights for ...

Attesting to a value of a register and/or memory region

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Attesting to a value of a register and/or memory region

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links