Methods and apparatus for generating endorsement credentials for software-based security coprocessors
First Claim
1. A method comprising:
- launching a virtual manufacturer authority in a protected portion of a processing system;
creating a key for the virtual manufacturer authority, wherein the key is protected by a trusted platform module (TPM) of the processing system, and the key is bound to a current state of the virtual manufacturer authority;
creating a virtual security coprocessor in the processing system;
transmitting a delegation request from the processing system to an external certificate authority (CA); and
after transmitting the delegation request, using the key to attest to trustworthiness of the virtual security coprocessor.
2 Assignments
0 Petitions
Accused Products
Abstract
A virtual manufacturer authority is launched in a protected portion of a processing system. A key for the virtual manufacturer authority is created. The key is protected by a security coprocessor of the processing system, such as a trusted platform module (TPM). Also, the key is bound to a current state of the virtual manufacturer authority. A virtual security coprocessor is created in the processing system. A delegation request is transmitted from the processing system to an external processing system, such as a certificate authority (CA). After transmission of the delegation request, the key is used to attest to trustworthiness of the virtual security coprocessor. Other embodiments are described and claimed.
-
Citations
20 Claims
-
1. A method comprising:
-
launching a virtual manufacturer authority in a protected portion of a processing system;
creating a key for the virtual manufacturer authority, wherein the key is protected by a trusted platform module (TPM) of the processing system, and the key is bound to a current state of the virtual manufacturer authority;
creating a virtual security coprocessor in the processing system;
transmitting a delegation request from the processing system to an external certificate authority (CA); and
after transmitting the delegation request, using the key to attest to trustworthiness of the virtual security coprocessor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus comprising:
-
a machine accessible medium; and
instructions encoded in the machine accessible medium, wherein the instructions, when executed by a processing system having a hardware trusted platform module (TPM), cause the processing system to perform operations comprising;
launching a virtual manufacturer authority in a protected portion of the processing system;
creating a key for the virtual manufacturer authority, wherein the key is protected by the TPM, and the key is bound to a current state of the virtual manufacturer authority;
creating a virtual security coprocessor in the processing system;
transmitting a delegation request from the processing system to an external certificate authority (CA); and
after transmitting the delegation request, using the key to attest to trustworthiness of the virtual security coprocessor. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A processing system comprising:
-
a processor;
a security coprocessor communicatively coupled to the processor;
a machine accessible medium communicatively coupled to the processor; and
instructions in the machine accessible medium, wherein the instructions, when executed, cause the processing system to perform operations comprising;
launching a virtual manufacturer authority in a protected portion of the processing system;
creating a key for the virtual manufacturer authority, wherein the key is protected by the security coprocessor, and the key is bound to a current state of the virtual manufacturer authority;
creating a virtual security coprocessor in the processing system;
transmitting a delegation request from the processing system to an external processing system; and
after transmitting the delegation request, using the key to attest to trustworthiness of the virtual security coprocessor. - View Dependent Claims (19, 20)
-
Specification