System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS with Secure Storage, and Authenticating the CPU/OS to a Third Party
First Claim
1. In a computer system having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system, a method comprising:
- creating an OS certificate including the identity from the software identity register, information describing the operating system, and the CPU public key; and
signing the OS certificate using the CPU private key.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with certain aspects, a computer system has a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system. An OS certificate is created including the identity from the software identity register, information describing the operating system, and the CPU public key. The created OS certificate is signed using the CPU private key.
88 Citations
8 Claims
-
1. In a computer system having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system, a method comprising:
-
creating an OS certificate including the identity from the software identity register, information describing the operating system, and the CPU public key; and
signing the OS certificate using the CPU private key. - View Dependent Claims (2, 3, 4)
-
-
5. In a computer system having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system, the computer system further maintaining a boot log that holds identities of software components that are currently executing, a method comprising:
-
forming a generator seed from a CPU-specific secret, a user-supplied seed, and OS-specific data from the boot log; and
generating a storage key based on a function of the generator seed. - View Dependent Claims (6, 7)
-
-
8. For execution on a computer system having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system, a computer program stored on one or more computer-readable storage media of the computer system, the program comprising:
-
forming an OS certificate containing the identity from the software identity register, information describing the operating system, and the CPU public key; and
signing the OS certificate using the CPU private key.
-
Specification