Bi-directionally verifying measurable aspects associated with modules, pre-computing solutions to configuration challenges, and using configuration challenges along with other authentication mechanisms
First Claim
1. At a requesting computing system that is communicatively connectable to a providing computing system, the requesting computing system including requesting instructions that can attempt to interact with a providing application at the providing computing system, a method for providing information that can used to verify measurable aspects of the requesting computing system, the method comprising:
- an act of performing at least one of determining that the providing computing system is appropriately configured to issue challenges to components included in the requesting computing system and determining that the providing application is appropriately configured to issue challenges to the requesting instructions;
an act of subsequently accepting a challenge that was initiated by the providing application based at least in part on the providing computing system and the providing application being appropriately configured to issue challenges to the requesting instructions; and
an act of submitting an assertion that that can be used to verify that the requesting instructions are configured in accordance with one or more measurable aspects that are appropriate for interacting with the providing application.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention extends to validating measurable aspects of computing system. A provider causes a challenge to be issued to the requester, the challenge requesting proof that the requester is appropriately configured to access the resource. The requester accesses information that indicates how the requester is to prove an appropriate configuration for accessing the resource. The requester formulates and sends proof that one or more measurable aspects of the requester'"'"'s configuration are appropriate. The provider receives proof that one or more measurable aspects of the requester'"'"'s configuration are appropriate and authorizes the requester to access the resource. Proof of one more measurable aspects of a requester can be used along with other types of authentication to authorize a requester to access a resource of a provider. Solutions to challenges can be pre-computed and stored in a location accessible to a provider.
-
Citations
33 Claims
-
1. At a requesting computing system that is communicatively connectable to a providing computing system, the requesting computing system including requesting instructions that can attempt to interact with a providing application at the providing computing system, a method for providing information that can used to verify measurable aspects of the requesting computing system, the method comprising:
-
an act of performing at least one of determining that the providing computing system is appropriately configured to issue challenges to components included in the requesting computing system and determining that the providing application is appropriately configured to issue challenges to the requesting instructions;
an act of subsequently accepting a challenge that was initiated by the providing application based at least in part on the providing computing system and the providing application being appropriately configured to issue challenges to the requesting instructions; and
an act of submitting an assertion that that can be used to verify that the requesting instructions are configured in accordance with one or more measurable aspects that are appropriate for interacting with the providing application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. At a providing computing system that is communicatively connectable to a requesting computing system, the providing computing system including a providing application that can attempt to interact with a requesting instructions at the requesting computing system, a method for verifying measurable aspects of the requesting computing system, the method comprising:
-
an act of performing at least one of proving that the providing computing system is appropriately configured to issue challenges to components of the requesting computing system and proving that the providing application is appropriately configured to issue challenges to the requesting instructions;
an act of subsequently causing a configuration challenge to be issued to the requesting instructions;
an act of receiving an assertion that can be used to verify that the requesting instructions are configured in accordance with one or more measurable aspects that are appropriate for interacting with the providing application; and
an act of validating the assertion. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. At a computing system that is communicatively connectable to a network, a method for generating a challenge and pre-computing answers to the challenge, the method comprising:
-
an act of accessing a first random value;
an act of accessing a secret value;
an act of using the first random value and the secret value as input to a first hash algorithm to generate a second random value;
an act of using the first random value and the second random value as input to a second hash algorithm to identify one or more regions within a portion instructions;
an act of retrieving values from the identified regions; and
an act of pre-computing an answer to the challenge based on the retrieved values. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. At a requester that is communicatively connectable to a provider, a method for authorizing the requester to interact with the provider, the method comprising:
-
an act of sending a request to the provider;
an act of receiving a configuration challenge from the provider, the configuration challenge indicating how the requester is to prove that the requester is appropriately configured to interact with the provider;
an act of sending proof of the values of one or more measurable aspects of the requester to the provider; and
an act of receiving a token that can be used to prove that the requester is appropriately configured. - View Dependent Claims (22, 23, 24, 25)
-
-
26. At a provider that is communicatively connectable to a requester, a method for authorizing the requester and the provider to interact with the provider, the method comprising:
-
an act of receiving a request from the requester;
an act of causing a configuration challenge to be issued to the requester, the configuration challenge requesting proof that the requester is appropriately configured to interact with the provider;
an act of receiving proof of the values of one or more measurable aspects of the requester'"'"'s configuration; and
an act of sending a token that can subsequently be used to prove that the requester is appropriately configured. - View Dependent Claims (27, 28, 29, 30)
-
-
31. A computer program product for use in a computing system that is communicatively connectable to a network, the computer program product for implementing a method for generating a challenge and pre-computing answers to the challenge, the computer program product comprising one or more computer-readable media having stored thereon computer-executable instructions that, when executed by a processed, cause the computing system to perform the following:
-
access a first random value;
access a secret value;
use the first random value and the secret value as input to a first hash algorithm to generate a second random value;
use the first random value and the second random value as input to a second hash algorithm to identify one or more regions within a portion instructions;
retrieve values from the identified regions; and
pre-compute an answer to the challenge based on the retrieved values.
-
-
32. A computer program product for use in a computing system having a requester that is communicatively connectable to a provider, the computer program product for implementing a method for authorizing the requester to interact with the provider, the computer program product comprising one or more computer-readable media having stored thereon computer-executable instructions that, when executed by a processed, cause the computing system to perform the following:
-
send a request to the provider;
receive a configuration challenge from the provider, the configuration challenge indicating how the requester is to prove that the requester is appropriately configured to interact with the provider;
send proof of the values of one or more measurable aspects of the requester to the provider; and
receive a token that can be used to prove that the requester is appropriately configured.
-
-
33. A computer program product for use in a computing system having a provider that is communicatively connectable to a requester, the computer program product for implementing a method for authorizing the requester and the provider to interact with the provider, the computer program product comprising one or more computer-readable media having stored thereon computer-executable instructions that, when executed by a processed, cause the computing system to perform the following:
-
receive a request from the requester;
cause a configuration challenge to be issued to the requester, the configuration challenge requesting proof that the requester is appropriately configured to interact with the provider;
receive proof of the values of one or more measurable aspects of the requester'"'"'s configuration; and
send a token that can subsequently be used to prove that the requester is appropriately configured.
-
Specification