Secure clock on computing device such as may be required in connection with a trust-based system

US 20030233553A1
Filed: 06/13/2002
Published: 12/18/2003
Est. Priority Date: 06/13/2002
Status: Active Grant

First Claim

Patent Images

1. A computing device having:

a running real-time secure clock that can only be adjusted according to trusted time as received from a trusted time authority external to the computing device, whereby a user of the computing device cannot adjust the secure clock;

a time offset within which is stored a time value that can be adjusted by at least one of the user and the trusted time authority; and

a time display for displaying a running real-time display time to the user of such computing device, the display time being calculated as the trusted time from the secure clock plus the stored time value in the time offset. wherein reference may be made to the secure clock to evaluate a temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing device has a running real-time secure clock adjustable only according to trusted time as received from an external trusted time authority, a time offset within which is stored a time value adjustable by at least one of the user and the trusted time authority, and a time display for displaying a running real-time display time calculated as the trusted time from the secure clock plus the stored time value in the time offset. Reference thus may be made to the secure clock to evaluate a temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement. The computing device sends a request for secure time and the trusted time authority sends same. The computing device receives the secure time, sets the secure clock according to same, and sends confirmation to the trusted time authority that the secure time has been received.

Citations

31 Claims

1. A computing device having:
- a running real-time secure clock that can only be adjusted according to trusted time as received from a trusted time authority external to the computing device, whereby a user of the computing device cannot adjust the secure clock;
  
  a time offset within which is stored a time value that can be adjusted by at least one of the user and the trusted time authority; and
  
  a time display for displaying a running real-time display time to the user of such computing device, the display time being calculated as the trusted time from the secure clock plus the stored time value in the time offset. wherein reference may be made to the secure clock to evaluate a temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computing device of claim 1 wherein the time value stored in the time offset is limited to a set of pre-determined values.
  - 3. The computing device of claim 2 wherein the trusted time as maintained by the secure clock corresponds to a pre-determined time zone and wherein the time value stored in the time offset is limited to a set of pre-determined values corresponding to time differences that arise from time zones.
  - 4. The computing device of claim 1 further comprising a trusted component of a digital rights management (DRM) system for ensuring that digital content on the computing device is rendered only in accordance with a corresponding digital license on the computing device, the digital license including the temporal requirement and the trusted component referring to the secure clock to evaluate such temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement.
  - 5. The computing device of claim 4 wherein the trusted component obtains the trusted time from the trusted time authority and adjusts the secure clock according to the obtained trusted time.

6. A method in combination with a computing device having a running real-time secure clock that a user of the computing device cannot adjust, the secure clock for maintaining trusted time employed to evaluate a temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement, the method for obtaining the trusted time from a trusted time authority external to the computing device and comprising the computing device in response to sending a request for secure time:
- receiving new secure time for the secure clock;
  
  setting the secure clock according to the received current secure time; and
  
  sending confirmation that the new secure time has been received.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The method of claim 6 wherein the computing device further has a trusted component of a digital rights management (DRM) system for ensuring that digital content on the computing device is rendered only in accordance with a corresponding digital license on the computing device, the digital license including the temporal requirement, the method further comprising the trusted component referring to the secure clock to evaluate such temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement.
  - 8. The method of claim 7 comprising the trusted component sending the request for secure time to the trusted time authority, receiving the new secure time for the secure clock from the trusted time authority, setting the secure clock according to the received current secure time, and sending to the trusted time authority confirmation that the new secure time has been received.
  - 9. The method of claim 6 wherein the trusted time authority upon receiving the request for secure time retrieves a current secure time from a running real-time authority clock and transmits the retrieved current secure time to the computing device, the method comprising the computing device thereafter:
    - receiving the transmitted current secure time;
      
      setting the secure clock according to the received current secure time; and
      
      returning a representation of received current secure time to the trusted time authority, whereby the trusted time authority upon receiving the returned representation of the current secure time compares the returned representation of the current secure time with a like representation of the transmitted current secure time, determines that the current secure time as transmitted was properly received if the compare results in a match, and determines that the current secure time as transmitted was not properly received if the compare results in a mismatch.
  - 10. The method of claim 9 wherein the trusted time authority upon receiving the request for secure time retrieves the current secure time from the running real-time authority clock, signs the current secure time, and transmits the signed current secure time to the computing device, the method comprising the computing device thereafter:
    - receiving the signed current secure time;
      
      verifying same;
      
      setting the secure clock according to the received current secure time, performing a predetermined function on the received current secure time to result in a first output value;
      
      signing the first output value, and returning the signed first output value to the trusted time authority, whereby the trusted time authority receives the signed first output value, verifies same, performs the predetermined function on the retrieved current secure time to result in a second output value, compares the first and second output values, determines that the current secure time as transmitted was properly received if the compare results in a match, and determines that the current secure time as transmitted was not properly received if the compare results in a mismatch.
  - 11. The method of claim 6 wherein the computing device further has a time offset within which is stored a time value that can be adjusted by at least one of the user and the trusted time authority, and a time display for displaying a running real-time display time to the user of such computing device, the display time being calculated as the trusted time from the secure clock plus the stored time value in the time offset, the method further comprising the computing device adjusting the time value in the time offset such that the display time in the time display does not change.
  - 12. The method of claim 11 comprising:
    - obtaining a non-current secure time (T-OLD) from the secure clock;
      
      obtaining an old time value (O-OLD) in the time offset;
      
      calculating the received new secure time (T-NEW) minus (T-OLD) as (DELTA);
      
      calculating (O-OLD) minus (DELTA) as a new time value (O-NEW) for the time offset; and
      
      setting (O-NEW) as the new time value for the time offset, whereby the display time in the time display does not change.
  - 13. The method of claim 6 for obtaining the trusted time from a trusted time authority external to the computing device and comprising the computing device in response to sending a request for secure time:
    - receiving new secure time for the secure clock;
      
      setting the secure clock according to the received current secure time; and
      
      sending confirmation that the new secure time has been received.

14. A method in combination with a computing device having a running real-time secure clock that a user of the computing device cannot adjust, the secure clock for maintaining trusted time employed to evaluate a temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement, the method for transmitting the trusted time from a trusted time authority external to the computing device and comprising the trusted time authority in response to a received request for secure time:
- sending secure time for the secure clock; and
  
  receiving in response confirmation that the sent secure time has been received.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The method of claim 14 comprising:
    - retrieving a current secure time from a running real-time authority clock;
      
      transmitting the retrieved current secure time to the computing device, the computing device thereafter receiving the transmitted current secure time, setting the secure clock according to the received current secure time, and returning a representation of received current secure time to the trusted time authority;
      
      receiving the returned representation of the current secure time;
      
      comparing the returned representation of the current secure time with a like representation of the transmitted current secure time;
      
      if the compare results in a match, determining that the current secure time as transmitted was properly received; and
      
      if the compare results in a mismatch, determining that the current secure time as transmitted was not properly received.
  - 16. The method of claim 15 further comprising the trusted time authority:
    - obtaining the secure time from a trusted source; and
      
      storing the obtained secure time in the authority clock.
  - 17. The method of claim 15 comprising if the compare results in a mismatch, determining that the current secure time as transmitted was not properly received and again performing the method.
  - 18. The method of claim 15 comprising:
    - retrieving a current secure time from a running real-time authority clock;
      
      signing the current secure time;
      
      transmitting the signed current secure time to the computing device, the computing device thereafter receiving the signed current secure time, verifying same, setting the secure clock according to the received current secure time, performing a predetermined function on the received current secure time to result in a first output value, signing the first output value, and returning the signed first output value to the trusted time authority;
      
      receiving the signed first output value;
      
      verifying same;
      
      performing the predetermined function on the retrieved current secure time to result in a second output value;
      
      comparing the first and second output values;
      
      if the compare results in a match, determining that the current secure time as transmitted was properly received; and
      
      if the compare results in a mismatch, determining that the current secure time as transmitted was not properly received.

19. A computer-readable medium having stored thereon computer-executable instructions for performing a method in combination with a computing device having a running real-time secure clock that a user of the computing device cannot adjust, the secure clock for maintaining trusted time employed to evaluate a temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement, the method for obtaining the trusted time from a trusted time authority external to the computing device and comprising the computing device in response to sending a request for secure time:
- receiving new secure time for the secure clock;
  
  setting the secure clock according to the received current secure time; and
  
  sending confirmation that the new secure time has been received.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
- - 20. The medium of claim 19 wherein the computing device further has a trusted component of a digital rights management (DRM) system for ensuring that digital content on the computing device is rendered only in accordance with a corresponding digital license on the computing device, the digital license including the temporal requirement, the method further comprising the trusted component referring to the secure clock to evaluate such temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement.
  - 21. The medium of claim 20 wherein the method comprises the trusted component sending the request for secure time to the trusted time authority, receiving the new secure time for the secure clock from the trusted time authority, setting the secure clock according to the received current secure time, and sending to the trusted time authority confirmation that the new secure time has been received.
  - 22. The medium of claim 19 wherein the trusted time authority upon receiving the request for secure time retrieves a current secure time from a running real-time authority clock and transmits the retrieved current secure time to the computing device, the method comprising the computing device thereafter:
    - receiving the transmitted current secure time;
      
      setting the secure clock according to the received current secure time; and
      
      returning a representation of received current secure time to the trusted time authority, whereby the trusted time authority upon receiving the returned representation of the current secure time compares the returned representation of the current secure time with a like representation of the transmitted current secure time, determines that the current secure time as transmitted was properly received if the compare results in a match, and determines that the current secure time as transmitted was not properly received if the compare results in a mismatch.
  - 23. The medium of claim 22 wherein the trusted time authority upon receiving the request for secure time retrieves the current secure time from the running real-time authority clock, signs the current secure time, and transmits the signed current secure time to the computing device, the method comprising the computing device thereafter:
    - receiving the signed current secure time;
      
      verifying same;
      
      setting the secure clock according to the received current secure time, performing a predetermined function on the received current secure time to result in a first output value;
      
      signing the first output value, and returning the signed first output value to the trusted time authority, whereby the trusted time authority receives the signed first output value, verifies same, performs the predetermined function on the retrieved current secure time to result in a second output value, compares the first and second output values, determines that the current secure time as transmitted was properly received if the compare results in a match, and determines that the current secure time as transmitted was not properly received if the compare results in a mismatch.
  - 24. The medium of claim 19 wherein the computing device further has a time offset within which is stored a time value that can be adjusted by at least one of the user and the trusted time authority, and a time display for displaying a running real-time display time to the user of such computing device, the display time being calculated as the trusted time from the secure clock plus the stored time value in the time offset, the method further comprising the computing device adjusting the time value in the time offset such that the display time in the time display does not change.
  - 25. The medium of claim 24 wherein the method comprises:
    - obtaining a non-current secure time (T-OLD) from the secure clock;
      
      obtaining an old time value (O-OLD) in the time offset;
      
      calculating the received new secure time (T-NEW) minus (T-OLD) as (DELTA);
      
      calculating (O-OLD) minus (DELTA) as a new time value (O-NEW) for the time offset; and
      
      setting (O-NEW) as the new time value for the time offset, whereby the display time in the time display does not change.
  - 26. The medium of claim 19 wherein the method is for obtaining the trusted time from a trusted time authority external to the computing device and comprises the computing device in response to sending a request for secure time:
    - receiving new secure time for the secure clock;
      
      setting the secure clock according to the received current secure time; and
      
      sending confirmation that the new secure time has been received.

27. A computer-readable medium having stored thereon computer-executable instructions for performing a method in combination with a computing device having a running real-time secure clock that a user of the computing device cannot adjust, the secure clock for maintaining trusted time employed to evaluate a temporal requirement without concern that the user has adjusted the secure clock to subvert the temporal requirement, the method for transmitting the trusted time from a trusted time authority external to the computing device and comprising the trusted time authority in response to a received request for secure time:
- sending secure time for the secure clock; and
  
  receiving in response confirmation that the sent secure time has been received.
- View Dependent Claims (28, 29, 30, 31)
- - 28. The medium of claim 27 wherein the method comprises:
    - retrieving a current secure time from a running real-time authority clock;
      
      transmitting the retrieved current secure time to the computing device, the computing device thereafter receiving the transmitted current secure time, setting the secure clock according to the received current secure time, and returning a representation of received current secure time to the trusted time authority;
      
      receiving the returned representation of the current secure time;
      
      comparing the returned representation of the current secure time with a like representation of the transmitted current secure time;
      
      if the compare results in a match, determining that the current secure time as transmitted was properly received; and
      
      if the compare results in a mismatch, determining that the current secure time as transmitted was not properly received.
  - 29. The medium of claim 28 wherein the method further comprises the trusted time authority:
    - obtaining the secure time from a trusted source; and
      
      storing the obtained secure time in the authority clock.
  - 30. The medium of claim 28 wherein the method comprises if the compare results in a mismatch, determining that the current secure time as transmitted was not properly received and again performing the method.
  - 31. The medium of claim 28 wherein the method comprises:
    - retrieving a current secure time from a running real-time authority clock;
      
      signing the current secure time;
      
      transmitting the signed current secure time to the computing device, the computing device thereafter receiving the signed current secure time, verifying same, setting the secure clock according to the received current secure time, performing a predetermined function on the received current secure time to result in a first output value, signing the first output value, and returning the signed first output value to the trusted time authority;
      
      receiving the signed first output value;
      
      verifying same;
      
      performing the predetermined function on the retrieved current secure time to result in a second output value;
      
      comparing the first and second output values;
      
      if the compare results in a match, determining that the current secure time as transmitted was properly received; and
      
      if the compare results in a mismatch, determining that the current secure time as transmitted was not properly received.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Helin, Jonas Fredrik, Parks, M. Jay

Granted Patent

US 7,146,504 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/178
CPC Class Codes

G06F 21/725 operating on a secure refer...

Secure clock on computing device such as may be required in connection with a trust-based system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Secure clock on computing device such as may be required in connection with a trust-based system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links