HARDWARE-BASED DEVICE AUTHENTICATION
9 Assignments
0 Petitions
Accused Products
Abstract
An opportunity for a computing device to participate in a secure session with a particular domain is identified. A secured microcontroller of the computing device is used to identify a secured, persistent seed corresponding to the particular domain and stored in secured memory of the computing device. A secure identifier is derived based on the seed and sent for use by the particular domain in authenticating the computing device to the particular domain for the secure session. The particular domain can further apply security policies to transactions involving the computing device and particular domain based at least in part on the secure identifier.
34 Citations
49 Claims
-
1-29. -29. (canceled)
-
30. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
access, in secured memory of a secured microcontroller of a computing device, a persistent seed corresponding to a particular domain, wherein the persistent seed is to be accessed in association with an attempt to establish a secure session between the with the computing device and the particular domain; derive, using the secured microcontroller, a one-time password based on the seed; and send, using the secured microcontroller, the one-time password to another device associated with the particular domain to authenticate the computing device to the particular domain, wherein the one-time password is sent independent of a processor and operating system of the computing device. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. A method comprising:
-
accessing, in secured memory of a secured microcontroller of a computing device, a persistent seed corresponding to a particular domain, wherein the persistent seed is to be accessed in association with an attempt to establish a secure session between the with the computing device and the particular domain; deriving, using the secured microcontroller, a one-time password based on the seed; and sending, using the secured microcontroller, the one-time password to another device associated with the particular domain to authenticate the computing device to the particular domain, wherein the one-time password is sent independent of a processor and operating system of the computing device
-
-
48. An apparatus comprising:
-
secured memory; a secured microcontroller, wherein the secured microcontroller is configured to access a network interface of a computing device independent of a processor and operating system of the computing device; code, executable by the secured microcontroller, to; access, in secured memory of a secured microcontroller of a computing device, a persistent seed corresponding to a particular domain, wherein the persistent seed is to be accessed in association with an attempt to establish a secure session between the with the computing device and the particular domain; derive, using the secured microcontroller, a one-time password based on the seed; and send, using the secured microcontroller, the one-time password to another device associated with the particular domain to authenticate the computing device to the particular domain, wherein the one-time password is sent independent of a processor and operating system of the computing device. - View Dependent Claims (49)
-
Specification