Isolated persistent identity storage for authentication of computing devies
First Claim
Patent Images
1. A method, comprising:
- authenticating a computing device to access a secured resource based on a persistent identity that is associated with the computing device; and
maintaining the persistent identity in an isolated region of the computing device.
2 Assignments
0 Petitions
Accused Products
Abstract
A technique is provided for authenticating a computing device to access a secured resource based on a persistent identity that is associated with the computing device. The persistent identity is maintained in an isolated region of the computing device. In one aspect, a secure identity processing area (SIPA) is provided within the computing device to contain the persistent identity.
171 Citations
65 Claims
-
1. A method, comprising:
-
authenticating a computing device to access a secured resource based on a persistent identity that is associated with the computing device; and
maintaining the persistent identity in an isolated region of the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method, comprising:
-
authenticating a computing device at a security domain based on a persistent identity contained within the computing device; and
limiting access to a secured resource that is located in the security domain based on the persistent identity. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. A computer readable media having computer readable instructions that when executed by a processor causes the processor to:
-
authenticate a computing device with respect to a security domain, the authentication using a persistent identity associated with a computing device; and
allow the computing device to access a secured resource only if the computing device is authenticated, wherein the accessing of the secured resource creates a new machine account for the computing device within the security domain. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. An apparatus, comprising:
-
a Secure Identity Processing Area (SIPA) device located within a computing device, the SIPA includes a cryptographic processor and an isolated storage portion that includes a persistent identity that is associated with the apparatus;
the contents of both the cryptographic processor and the isolated storage portion are physically inaccessible from all of the locations outside of the computing device; and
a computer readable media containing instructions for authenticating the apparatus to access a secured resource based on the persistent identity. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45)
-
-
46. A method, comprising:
-
authenticating a computing device with respect to a security domain at a preboot execution (PXE) level based on a persistent identity located on, identified with, and unable to be accessed outside of the computing device; and
accessing a secured resource from the security domain in response to the authentication. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54)
-
-
55. A computer readable media having computer readable instructions that when executed by a processor causes the processor to:
-
obtain authentication for a computing device to access a secured resource at a preboot execution (PXE) level using a persistent identity located on, and identified with, the computing device;
access the secured resource to the security domain at the PXE level;
obtain authentication for the computing device to access a secured resource at an operating system level using the persistent identity, at least partially in response to the computing device accessing the secured resource at the PXE; and
access the secured resource by the computing device at the operating system level. - View Dependent Claims (56, 57, 58, 59)
-
-
60. A method, comprising:
-
turning on a computing device; and
attempting to authenticate the computing device to access a secured resource based on a persistent identity that is associated with the computing device, wherein the persistent identity is in an isolated region of the computing device. - View Dependent Claims (61, 62)
-
-
63. A method, comprising:
-
attempting to authenticate a computing device to access a secured resource based on a persistent identity that is associated with the computing device; and
maintaining the persistent identity in an isolated region of the computing device. - View Dependent Claims (64, 65)
-
Specification