Transferring application secrets in a trusted operating system environment

US 20050144448A1
Filed: 02/28/2005
Published: 06/30/2005
Est. Priority Date: 11/16/2001
Status: Active Grant

First Claim

Patent Images

1. A method, implemented on a computing device, the method comprising:

generating a gatekeeper storage key;

sealing the gatekeeper storage key to a trusted core executing on the computing device;

receiving a request to store an application secret;

receiving a type of the application secret;

selecting an appropriate hive key based at least in part on the type of the application secret;

encrypting the application secret using the hive key; and

encrypting the hive key using the gatekeeper storage key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Transferring application secrets in a trusted operating system environment involves receiving a request to transfer application data from a source computing device to a destination computing device. A check is made as to whether the application data can be transferred to the destination computing device, and if so, whether the application data can be transferred under control of the user or a third party. If these checks succeed, a check is also made as to whether the destination computing device is a trustworthy device running known trustworthy software. Input is also received from the appropriate one of the user or third party to control transferring of the application data to the destination computing device. Furthermore, application data is stored on the source computing device in a manner that facilitates determining whether the application data can be transferred, and that facilitates transferring the application data if it can be transferred.

28 Citations

View as Search Results

19 Claims

1. A method, implemented on a computing device, the method comprising:
- generating a gatekeeper storage key;
  
  sealing the gatekeeper storage key to a trusted core executing on the computing device;
  
  receiving a request to store an application secret;
  
  receiving a type of the application secret;
  
  selecting an appropriate hive key based at least in part on the type of the application secret;
  
  encrypting the application secret using the hive key; and
  
  encrypting the hive key using the gatekeeper storage key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method as recited in claim 1, wherein selecting the appropriate hive key comprises:
    - checking whether a hive key corresponding to the type of the application secret already exists;
      
      if the hive key does not already exist, then creating a hive key corresponding to the type of the application secret and selecting the newly created hive key; and
      
      if the hive key does already exist, then selecting the already existing hive key.
  - 3. A method as recited in claim 1, wherein selecting the appropriate hive key comprises:
    - selecting an appropriate hive key based at least in part on both the application from which the request is received and the type of the application secret.
  - 4. A method as recited in claim 1, wherein selecting the appropriate hive key further comprises selecting different hive keys for different application secrets received from the same application.
  - 5. A method as recited in claim 1, wherein the type of the application secret comprises one of:
    - a non-migrateable secret, a user-migrateable secret, and a third party-migrateable secret.
  - 6. A method as recited in claim 1, further comprising:
    - receiving a request to transfer the encrypted application secret to another computing device; and
      
      determining whether to allow the encrypted application secret to be transferred to another computing device based at least in part on the type of the application secret.
  - 7. A method as recited in claim 6, wherein the determining comprises:
    - if the type of the application secret is non-migrateable, then not allowing the application secret to be transferred;
      
      if the type of the application secret is user-migrateable, then allowing the application secret to be transferred under control of a user; and
      
      if the type of the application secret is third party-migrateable, then allowing the application secret to be transferred under control of a third party.
  - 8. A method as recited in claim 1, wherein receiving the request to store an application secret comprises:
    - receiving, from a trusted application executing on the computing device, a request to store an application secret.

9. One or more computer readable media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to:
- receive application data to be encrypted and stored;
  
  identify how the application data is to be allowed to be transferred to another computing device if a request to transfer the application data is received; and
  
  select a particular one of a plurality of encryption keys to encrypt the application data, wherein the selecting is based at least in part on how the application data is to be allowed to be transferred to another computing device.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. One or more computer readable media as recited in claim 9, wherein the plurality of instructions that cause the one or more processors to select the particular one of the plurality of encryption keys comprise instructions to:
    - check whether an encryption key corresponding to a type of the application data already exists;
      
      if the encryption key does not already exist, then create an encryption key corresponding to the type of the application data and select the newly created encryption key; and
      
      if the encryption key does already exist, then selecting the already existing encryption key.
  - 11. One or more computer readable media as recited in claim 9, wherein:
    - the application data comprises one of;
      
      non-migrateable data, user-migrateable data, and third party-migrateable data.
  - 12. One or more computer readable media as recited in claim 9, further comprising instructions that, when executed by the one or more processors, cause the one or more processors to:
    - receive a request to transfer the encrypted application data to another computing device; and
      
      determine whether to allow the encrypted application data to be transferred to the other computing device based at least in part on whether the application data is non-migrateable data, user-migrateable data, or third party-migrateable data.
  - 13. One or more computer readable media as recited in claim 12, wherein the instructions to determine whether to allow the encrypted application data to be transferred to the other computing device comprises instructions that, when executed by the one or more processors, cause the one or more processors to:
    - if the application data is non-migrateable, then not allow the application secret to be transferred;
      
      if the application data is user-migrateable, then allow the application secret to be transferred under control of a user; and
      
      if the application data is third party-migrateable, then allow the application secret to be transferred under control of a third party.
  - 14. One or more computer readable media as recited in claim 9, wherein the application data is received from a trusted application executing on the computing device.

15. A system comprising:
- a processor; and
  
  a memory, coupled to the processor, to store a plurality of instructions that, when executed by the processor, causes the processor to, receive an application secret to be securely stored, identify a secret type that indicates how the application secret is to be allowed to be transferred to another system if a request to transfer the application secret is received, and select a particular one of a plurality of encryption keys to encrypt the application secret, wherein the selecting is based at least in part on the secret type.
- View Dependent Claims (16, 17, 18, 19)
- - 16. A system as recited in claim 15, wherein the plurality of instructions that cause the processor to select the particular one of the plurality of encryption keys comprise instructions to:
    - check whether an encryption key corresponding to the type of the application secret already exists;
      
      if the encryption key does not already exist, then create an encryption key corresponding to the type of the application secret and select the newly created encryption key; and
      
      if the encryption key does already exist, then selecting the already existing encryption key.
  - 17. A system as recited in claim 15, wherein:
    - the secret type comprises one of;
      
      a non-migrateable secret, a user-migrateable secret, and a third party-migrateable secret.
  - 18. A system as recited in claim 15, wherein the memory further stores instructions that, when executed by the processor, cause the processor to:
    - receive a request to transfer the encrypted application secret to another system; and
      
      determine whether to allow the encrypted application data to be transferred to the other system based at least in part on the secret type.
  - 19. A system as recited in claim 18, wherein the instructions to determine whether to allow the encrypted application data to be transferred to the other system comprises instructions that, when executed by the processor, cause the processor to:
    - if the secret type is non-migrateable, then not allow the application secret to be transferred;
      
      if the secret type is user-migrateable, then allow the application secret to be transferred under control of a user; and
      
      if the secret type is third party-migrateable, then allow the application secret to be transferred under control of a third party.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Simon, Daniel R., England, Paul, Peinado, Marcus, Benaloh, Josh D.

Granted Patent

US 7,577,840 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

G06F 21/606 by securing the transmissio...

Transferring application secrets in a trusted operating system environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Transferring application secrets in a trusted operating system environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links