ROLLBACK PROTECTION FOR LOGIN SECURITY POLICY
First Claim
Patent Images
1. A machine-Implemented method, comprising:
- storing a user login metadata set for an operating system in a storage location;
registering a counter reading from a remote counter in a secure location separate from the storage location; and
determining a lockout state of the user login metadata set based on the counter reading.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, an encryption system may protect user login metadata from hammering attacks. A data storage 140 may store an integrity protected data set 602 for an operating system in a storage location. A processor 120 may register a counter reading from a remote counter 202 in a secure location 204 separate from the storage location. The processor 120 may determine a lockout state of the integrity protected data set 602 based on the counter reading.
38 Citations
20 Claims
-
1. A machine-Implemented method, comprising:
-
storing a user login metadata set for an operating system in a storage location; registering a counter reading from a remote counter in a secure location separate from the storage location; and determining a lockout state of the user login metadata set based on the counter reading. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A tangible machine-readable medium having a set of instructions detailing a method stored thereon that when executed by one or more processors cause the one or more processors to perform the method, the method comprising:
-
storing a user login metadata set for an operating system; protecting the user login metadata set using a protected module; and determining a lockout state of the user login metadata set using the protected module. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. An encryption system, comprising:
-
a protected module that executes a protected monotonic counter; a data storage that stores an Integrity protected data set having a version number created from a monotonic counter reading from the protected monotonic counter; and a processor that determines a lockout state of the integrity protected data set based in part on a comparison of the version number to a lockout counter reading of the protected monotonic counter. - View Dependent Claims (20)
-
Specification