CRYPTOGRAPHIC EVIDENCE OF PERSISTED CAPABILITIES

US 20180063158A1
Filed: 08/31/2016
Published: 03/01/2018
Est. Priority Date: 08/31/2016
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a processing resource; and

a non-transitory machine readable medium storing instructions that, when executed, cause the processing resource to;

in response to a request to access a persisted capability stored in a globally shared memory, decide whether to trust the persisted capability by verification of cryptographic evidence accompanying the persisted capability, andload the persisted capability upon a decision to trust the persisted capability based on successful verification.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example implementations relate to cryptographic evidence of persisted capabilities. In an example implementation, in response to a request to access a persisted capability stored in a globally shared memory, a system may decide whether to trust the persisted capability by verification of cryptographic evidence accompanying the persisted capability. The system may load the persisted capability upon a decision to trust the persisted capability based on successful verification.

Citations

20 Claims

1. A system comprising:
- a processing resource; and
  
  a non-transitory machine readable medium storing instructions that, when executed, cause the processing resource to;
  
  in response to a request to access a persisted capability stored in a globally shared memory, decide whether to trust the persisted capability by verification of cryptographic evidence accompanying the persisted capability, andload the persisted capability upon a decision to trust the persisted capability based on successful verification.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein the persisted capability stored in the globally shared memory is a second persisted capability, andthe non-transitory machine readable medium stores instructions that, when executed, cause the processing resource to:
    - store a local capability into the globally shared memory as a first persisted capability, andextend a trust domain of the local capability to the first persisted capability via cryptographic evidence of authenticity and integrity of the first persisted capability.
  - 3. The system of claim 2, wherein to extend the trust domain, the processing resource is caused by the instructions to:
    - cryptographically sign the local capability using a private key of an asymmetric key pair to generate a digital signature, andstore the digital signature into the globally shared memory, the digital signature to serve as the cryptographic evidence of authenticity and integrity of the first persisted capability.
  - 4. The system of claim 2, wherein to extend the trust domain, the processing resource is caused by the instructions to:
    - generate a keyed-hash message authentication code based on the local capability, andstore the HMAC into the globally shared memory, the HMAC to serve as the cryptographic evidence of authenticity and integrity of the first persisted capability.
  - 5. The system of claim 1, wherein the non-transitory machine readable medium stores instructions that, when executed, cause the processing resource to:
    - establish trusted communication with a fabric that includes the globally shared memory, andupon establishment of the trusted communication;
      
      provide a public key of an asymmetric key pair to a key management system, andretrieve another public key from the key management system,the another public key provided to the key management system by a node in communication with the globally shared memory, and the another public key for verification of cryptographic evidence accompanying a persisted capability stored to the globally shared memory by the node.
  - 6. The system of claim 1, wherein the non-transitory machine readable medium stores instructions that, when executed, cause the processing resource to:
    - establish trusted communication with a fabric that includes the globally shared memory, andupon establishment of the trusted communication;
      
      provide to a key management system a key for calculation of keyed-hash message authentication codes (HMACs),retrieve another key from the key management system, the another key provided to the key management system by a node in communication with the globally shared memory, and the another key for generating an HMAC of a persisted capability stored by the node to the globally shared memory, the generated HMAC for comparison-based verification of cryptographic evidence accompanying the persisted capability of the node by the node.
  - 7. The system of claim 1, wherein the cryptographic evidence accompanying the first persisted capability includes a digital signature or keyed-hash message authentication code based on metadata, the metadata including state information of a node that created the persisted capability.
  - 8. The system of claim 2, wherein the non-transitory machine readable medium stores instructions that, when executed, cause the processing resource to revoke access to the first persisted capability by replacement of a key that verifies the first persisted capability with a different key or no key.
  - 9. The system of claim 2, wherein the second persisted capability is the first persisted capability, andthe request to access the second persisted capability is issued by a process executing on the processing resource after a reboot of the processing resource.

10. A method for establishing trust in persisted capabilities by a system including physical processing resource implementing machine readable instructions, the method comprising:
- generating first cryptographic evidence of authenticity and integrity of a first persisted capability;
  
  storing the first cryptographic evidence and the first persisted capability into globally shared memory connected to the system via a fabric;
  
  when a process executing on the system attempts to access a second persisted capability in the globally shared memory, verifying a second cryptographic evidence accompanying the second persisted capability; and
  
  loading the second persisted capability upon successful verification of the second cryptographic evidence.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, further comprising:
    - establishing trusted communication with the fabric;
      
      accessing a key management system on the basis of establishment of trusted communication with the fabric; and
      
      retrieving from the key management system a cryptographic key for verifying the second cryptographic evidence.
  - 12. The method of claim 11, further comprising storing at the key management system another cryptographic key for verification of the first cryptographic evidence.
  - 13. The method of claim 10, wherein the retrieved cryptographic key is for verifying the second cryptographic evidence by generating a keyed-hash message authentication code (HMAC) based on the second persisted capability and the cryptographic key together, and causing a successful verification if the HMAC matches the second cryptographic evidence.
  - 14. The method of claim 10, wherein the second cryptographic evidence includes a digital signature generated using a private key on metadata that identifies a state of the system, andthe retrieved cryptographic key for verifying the second cryptographic evidence is a public key that pairs with the private key.
  - 15. The method of claim 10, further comprising:
    - storing in a key management server a cryptographic key for verifying the first cryptographic evidence; and
      
      revoking access to the first persisted capability by altering the cryptographic key stored in the key management server.
  - 16. The method of claim 10, wherein the second cryptographic evidence is associated with a timestamp indicating when the second persistent capability was created, and the verifying the second cryptographic evidence includes confirming whether the timestamp is within a predetermined time window.
  - 17. The method of claim 10, wherein the second persisted capability is the first persisted capability, andthe verifying a second cryptographic evidence is enforced after a reboot of the system.

18. A non-transitory machine readable medium storing instructions executable by a processing resource of a system, the non-transitory machine readable medium comprising:
- instructions to generate first cryptographic evidence of authenticity and integrity of a first persisted capability;
  
  instructions to store the first cryptographic evidence and the first persisted capability into globally shared memory connected to the system via a fabric;
  
  instructions to send to a key management server a cryptographic key to be used to verify the first cryptographic evidence;
  
  instructions to revoke access to the first persisted capability by alteration of the cryptographic key at the key management server;
  
  instructions, triggered when a process executing on the system attempts to access a second persisted capability in the globally shared memory, to verify second cryptographic evidence accompanying the second persisted capability; and
  
  instructions to load the second persisted capability upon successful verification of the second cryptographic evidence.
- View Dependent Claims (19, 20)
- - 19. The non-transitory machine readable medium of claim 18, further comprising:
    - instructions to establish trusted communication with the fabric;
      
      instructions to access the key management system on the basis of establishment of trusted communication with the fabric; and
      
      instructions to retrieve from the key management system, another cryptographic key for verification of the second cryptographic evidence.
  - 20. The non-transitory machine readable medium of claim 18, wherein the instructions to generate first cryptographic evidence includes:
    - instructions to generate a keyed-hash message authentication code (HMAC) based on the first persisted capability and the cryptographic key, the HMAC to serve as the first cryptographic evidence of authenticity and integrity of a first persisted capability, orinstructions to cryptographically sign the first persisted capability using a private key of an asymmetric key pair to generate a digital signature, the digital signature to serve as the first cryptographic evidence of authenticity and integrity of a first persisted capability, and the cryptographic key includes a public key of the asymmetric key pair.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Inventors
Dalton, Chris I., Milojicic, Dejan S.

Granted Patent

US 10,461,926 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/575   Secure boot

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3242   involving keyed hash functi...

CRYPTOGRAPHIC EVIDENCE OF PERSISTED CAPABILITIES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

CRYPTOGRAPHIC EVIDENCE OF PERSISTED CAPABILITIES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links