System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS with Secure Storage, and Authenticating the CPU/OS to a Third Party
First Claim
Patent Images
1. In a computer system having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system, a method comprising:
- creating an OS certificate including the identity from the software identity register, information describing the operating system, and the CPU public key; and
signing the OS certificate using the CPU private key.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with certain aspects, a computer system has a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system. An OS certificate is created including the identity from the software identity register, information describing the operating system, and the CPU public key. The created OS certificate is signed using the CPU private key.
88 Citations
8 Claims
-
1. In a computer system having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system, a method comprising:
-
creating an OS certificate including the identity from the software identity register, information describing the operating system, and the CPU public key; and
signing the OS certificate using the CPU private key. - View Dependent Claims (2, 3, 4)
-
-
5. In a computer system having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system, the computer system further maintaining a boot log that holds identities of software components that are currently executing, a method comprising:
-
forming a generator seed from a CPU-specific secret, a user-supplied seed, and OS-specific data from the boot log; and
generating a storage key based on a function of the generator seed. - View Dependent Claims (6, 7)
-
-
8. For execution on a computer system having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system, a computer program stored on one or more computer-readable storage media of the computer system, the program comprising:
-
forming an OS certificate containing the identity from the software identity register, information describing the operating system, and the CPU public key; and
signing the OS certificate using the CPU private key.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsEngland, Paul, DeTreville, John, Lampson, Butler
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current713/156
-
CPC Class CodesG06F 21/1011 to devicesG06F 21/445 by mutual authentication, e...G06F 21/57 Certifying or maintaining t...G06F 21/575 Secure bootG06F 2221/2103 Challenge-responseG06F 2221/2113 Multi-level security, e.g. ...G06F 2221/2129 Authenticate client device ...G06F 9/4406 Loading of operating systemG06F 9/468 Specific access rights for ...
