Master-Slave Protocol for Security Devices

US 20080184341A1
Filed: 01/29/2007
Published: 07/31/2008
Est. Priority Date: 01/29/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method of managing a master-slave relationship between security devices in an electronic device comprising:

disposing a master device in the electronic device;

disposing a plurality of slave devices, each of the slave devices in independent communication with the master device and each of the slave devices operable to disable a respective functional element of the electronic device;

sending a message from the master device to each of the slave devices at an interval;

determining when a reply message from each of the slave devices, responsive to the message, is timely and correct; and

sending a shutdown message that instructs each slave device to disable its respective functional element when a threshold of reply messages from the slave devices are one of untimely and incorrect.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer or electronic device uses a dedicated communication protocol for configuring, managing, and end-of-life operation of a master device controlling a plurality of security devices. The protocol includes messages for binding each security device to the master, for installing cryptographic keys, periodic heartbeat signals, as well as shutdown and disable-security messages.

47 Citations

View as Search Results

20 Claims

1. A method of managing a master-slave relationship between security devices in an electronic device comprising:
- disposing a master device in the electronic device;
  
  disposing a plurality of slave devices, each of the slave devices in independent communication with the master device and each of the slave devices operable to disable a respective functional element of the electronic device;
  
  sending a message from the master device to each of the slave devices at an interval;
  
  determining when a reply message from each of the slave devices, responsive to the message, is timely and correct; and
  
  sending a shutdown message that instructs each slave device to disable its respective functional element when a threshold of reply messages from the slave devices are one of untimely and incorrect.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising acquiring a master key into the master device and communicating a symmetric key based on the master key, the symmetric key unique to each slave device.
  - 3. The method of claim 2, wherein sending a message comprises sending a message from the master device to each of the slave devices at an interval, the message cryptographically authenticated with a key corresponding to the symmetric key unique to each slave device.
  - 4. The method of claim 2, wherein determining when the reply message from each of the slave devices, responsive to the message, is timely and correct comprises determining when a reply message from each of the slave devices, responsive to the message, is timely when received during a reply message timing window and is correct when cryptographically authenticated.
  - 5. The method of claim 1, wherein sending a message comprises sending a timer reset message to each slave device prior to a timeout period, thereby preventing in each slave device from disabling a respective component at the end of the timeout period.
  - 6. The method of claim 1, further comprising issuing a slave detect message from the master device and receiving a slave detect response message from each slave device.
  - 7. The method of claim 1, further comprising issuing a key establish message from the master device to each slave device individually, the key establish message including a derived device key based on a master key of the master device.
  - 8. The method of claim 7, further comprising receiving at the master device a key establish acknowledgement message from each of the slave devices upon successful installation of the derived device key by each respective slave device.
  - 9. The method of claim 7, wherein sending the message from the master device to each of the slave devices at an interval comprises sending a ping message from the master device to each respective slave device, each ping message cryptographically authenticated using a key corresponding to the derived device key of each respective slave device.
  - 10. The method of claim 9, wherein determining when the reply message from each of the slave devices, responsive to the message, is timely and correct comprises determining when a ping response message from each of the slave devices is received during a timed response window and is cryptographically authenticated using the key corresponding to the derived device key.
  - 11. The method of claim 1, further comprising receiving a shutdown message acknowledgement at the master device from each slave device, acknowledging receipt of the shutdown message.
  - 12. The method of claim 1, further comprising sending a perpetual message from the master device to each slave device, instructing each slave device to permanently enable its respective functional element and to ignore further messages from the master device.
  - 13. The method of claim 12, further comprising receiving a perpetual message acknowledgement at the master device from each slave device, acknowledging receipt of the perpetual message.

14. A computer-readable medium having computer-executable instructions for executing a method on a master device for securing an electronic device having at least one master device and a plurality of slave devices, the master device having a manufacturing transport key, the method comprising:
- installing a master key responsive to a signal authenticated with the manufacturing transport key;
  
  issuing a slave-detect message;
  
  receiving a slave-detect response message from each of the plurality of slave devices;
  
  developing a unique derived key for each of the plurality of slave devices;
  
  installing the unique derived key in each of the plurality of slave devices using a separate key-establish message for each of the plurality of slave devices, the separate key establish message containing the respective unique derived key for each of the plurality of slave devices;
  
  receiving a key-establish acknowledgement message from each of the plurality of slave devices; and
  
  sending a message periodically to each of the plurality of slave devices, the message cryptographically authenticated and part of a protocol for detecting and sanctioning tampering in the electronic device.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The computer-readable medium of claim 14, wherein the method further comprises:
    - sending a ping message to each of plurality of slave devices;
      
      receiving a ping message response from a set of the plurality of slave devices; and
      
      sending a shutdown message to each of the plurality of slave devices when a number of ping response messages received from the set of the plurality of slave devices fails to reach a threshold level.
  - 16. The computer-readable medium of claim 14, wherein the method further comprises issuing a firmware update message including a firmware update to each of the plurality of slave devices.
  - 17. The computer-readable medium of claim 16, wherein the method further comprises receiving a firmware update acknowledgement message from each of the plurality of slave devices acknowledging successful installation of the firmware update.
  - 18. The computer-readable medium of claim 14, wherein sending a message periodically to each of the plurality of slave devices comprises sending periodically one of a ping message that generates a ping response message and a timer reset message that causes a target slave device to reset its watchdog timer.

19. A computer-readable medium having computer-executable instructions for executing a method on a slave device for securing an electronic device having at least one master device and a plurality of slave devices, the method comprising:
- receiving a key from the master device for use in authenticating communication with the master device;
  
  receiving a periodic message from the master device for use in determining health of the system;
  
  disabling a functional element of the electronic device after receiving an authenticated shutdown message from the master device.
- View Dependent Claims (20)
- - 20. The computer-readable medium of claim 19, wherein the method further comprises permanently enabling the functional element of the electronic device responsive to an authenticated perpetual message from the master device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Westerinen, William I., Carpenter, Todd L., Schmidt, Shon, Xu, Zhangwei, Sebesta, David Jaroslav

Application Number

US11/668,445
Publication Number

US 20080184341A1
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

H04L 63/0807 using tickets, e.g. Kerbero...

Master-Slave Protocol for Security Devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

47 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Master-Slave Protocol for Security Devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links