ROOT OF TRUST OF GEOLOCATION
First Claim
1. An apparatus comprising:
- a network interface unit configured to enable network communications;
a trust anchor module including a cryptographic processor and a secure memory; and
a main processor coupled to the network interface unit and the trust anchor module and configured to;
receive, via the network interface unit, a digital geolocation certificate, the digital geolocation certificate including information identifying the apparatus, information regarding a physical location of the apparatus, information identifying an authorized entity that has verified the physical location of the apparatus, and a digital signature of the authorized entity; and
cause the trust anchor module to store the digital geolocation certificate in the secure memory such that the digital geolocation certificate is cryptographically bound to the apparatus.
1 Assignment
0 Petitions
Accused Products
Abstract
A root-of-trust of geolocation is provided for an apparatus that includes a trust anchor module with a cryptographic processor and a secure memory. The apparatus further includes a main processor coupled to the trust anchor module and configured to receive a digital geolocation certificate, the geolocation certificate including information identifying the apparatus, information regarding a physical location of the apparatus, information identifying an authorized entity that has verified the physical location of the apparatus, and a digital signature of the authorized entity. The main processor is further configured to cause the trust anchor module to store the digital geolocation certificate in the secure memory such that the digital geolocation certificate is cryptographically bound to the apparatus. The trust anchor module may also include, or otherwise communicate over a secure channel with, a movement sensor associated with the apparatus.
24 Citations
21 Claims
-
1. An apparatus comprising:
-
a network interface unit configured to enable network communications; a trust anchor module including a cryptographic processor and a secure memory; and a main processor coupled to the network interface unit and the trust anchor module and configured to; receive, via the network interface unit, a digital geolocation certificate, the digital geolocation certificate including information identifying the apparatus, information regarding a physical location of the apparatus, information identifying an authorized entity that has verified the physical location of the apparatus, and a digital signature of the authorized entity; and cause the trust anchor module to store the digital geolocation certificate in the secure memory such that the digital geolocation certificate is cryptographically bound to the apparatus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of establishing a root of trust of geolocation for an apparatus including a trust anchor module having a cryptographic processor and a secure memory, the method comprising:
-
receiving, at the apparatus, a digital geolocation certificate, the digital geolocation certificate including information identifying the apparatus, information regarding a physical location of the apparatus, information identifying an authorized entity that has verified the physical location of the apparatus, and a digital signature of the authorized entity; and storing the digital geolocation certificate in the secure memory of the apparatus such that the digital geolocation certificate is cryptographically bound to the apparatus. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage media encoded with software comprising computer executable instructions and when the software is executed operable to:
-
receive, at an apparatus including a trust anchor module having a cryptographic processor and a secure memory, a digital geolocation certificate, the digital geolocation certificate including information identifying the apparatus, information regarding a physical location of the apparatus, information identifying an authorized entity that has verified the physical location of the apparatus, and a digital signature of the authorized entity; and store the digital geolocation certificate in the secure memory of the apparatus such that the digital geolocation certificate is cryptographically bound to the apparatus. - View Dependent Claims (18, 19, 20, 21)
-
Specification