Ensuring the integrity of remote boot client data
First Claim
Patent Images
1. A computerized method for ensuring the integrity of remote boot client data comprising:
- obtaining, by a process executing on a client, credentials and presenting the credentials to a server;
authenticating, by a process executing on the server, the credentials, and generating a secret, sealing the secret with the credentials, and sending the sealed secret to the client;
receiving, by the client process, the sealed secret, and unsealing the secret, signing a file transfer request using the secret, and sending the signed file transfer request to the server;
receiving, by the server process, the signed file transfer request, and verifying the file transfer request using the secret, sealing the requested files using the secret, and sending the sealed files to the client;
receiving, by the client process, the sealed files;
unsealing the files using the secret; and
using the files to boot the client.
2 Assignments
0 Petitions
Accused Products
Abstract
A remote boot process uses a secret to sign and/or seal the data necessary to remotely boot a client from a server on a network to ensure the integrity of the data. The secret is generated by the server and securely delivered to the client during the initial setup of the client. The secret contains a one-way encryption of the password for the client account on the server. Each side balances a signed message with a verify and a sealed message with an unseal. Subsequent transactions between the client and server are conducted using messages encrypted with a key generated by the server and securely delivered to the client in a message sealed using the secret. The secret can also be used in conjunction with an access data structure to prevent unauthorized users from accessing data stored on the server on behalf of the client or other users. In other aspects of the invention, the secret is replaced by a client private/public key pair.
-
Citations
27 Claims
-
1. A computerized method for ensuring the integrity of remote boot client data comprising:
-
obtaining, by a process executing on a client, credentials and presenting the credentials to a server;
authenticating, by a process executing on the server, the credentials, and generating a secret, sealing the secret with the credentials, and sending the sealed secret to the client;
receiving, by the client process, the sealed secret, and unsealing the secret, signing a file transfer request using the secret, and sending the signed file transfer request to the server;
receiving, by the server process, the signed file transfer request, and verifying the file transfer request using the secret, sealing the requested files using the secret, and sending the sealed files to the client;
receiving, by the client process, the sealed files;
unsealing the files using the secret; and
using the files to boot the client. - View Dependent Claims (2, 3, 4)
sending, by the server process, a sealed key to the client;
receiving, by the client process, the sealed key from the server, unsealing the key, sealing a request to the server with the key, and sending the sealed request to the server;
receiving, by the server process, the request sealed with the key, unsealing the request with the key, creating a response to fulfill the request, sealing the response with the key, and sending the sealed response to the client; and
receiving, by the client process, the sealed response and unsealing the response with the key for further processing.
-
-
3. The computerized method of claim 1, further comprising:
-
securing, by the server process, a client file stored on the server with an access control list data structure and sending the access control list data structure to the client; and
validating, by the client process, access requests for the file against the access control list data structure received from the server.
-
-
4. The computerized method of claim 1, further comprising:
-
saving, by the client process, an original signed request and resending the saved signed request when an expected response to the original signed request is not received; and
saving, by the server process, an original sealed response sent in response to a first request and resending the saved sealed response when a second request duplicating the first request is received.
-
-
5. A computer-readable medium having computer-executable instructions stored thereon to cause a client computer to perform a method comprising:
-
presenting credentials to a server computer;
receiving a sealed secret in response;
unsealing the secret using the credentials;
signing a file request;
sending the signed file request to the server computer;
receiving sealed boot files in response;
unsealing the boot files using the secret; and
completing a boot process using the unsealed boot files. - View Dependent Claims (6, 7, 8)
receiving a sealed key from the server;
unsealing the key;
sealing a request to the server with the key;
sending the sealed request to the server;
receiving a sealed response to the request; and
unsealing the response with the key for further processing.
-
-
7. The computer-readable medium of claim 5, further comprising:
validating access requests for a file stored on the server against an access data structure received from the server, wherein the access data structure is associated with the file to secure the file.
-
8. The computer-readable medium of claim 5, further comprising:
saving an original signed request and resending the saved signed request when a response to the original sealed request is not received.
-
9. A computer-readable medium having computer-executable instructions stored thereon to a cause a server computer to perform a method comprising:
-
authenticating credentials presented by a client computer;
generating a secret in response;
sealing the secret with the credentials;
sending the sealed secret to the client computer;
receiving a signed file request from the client computer;
verifying the file request using the secret;
sealing, using the secret, the files requested in the unsealed file request; and
sending the sealed files to the client computer. - View Dependent Claims (10, 11, 12)
sending a sealed key to the client; and
receiving a request sealed with the key, unsealing the request with the key, creating a response to fulfill the request, sealing the response with the key, and sending the sealed response to the client.
-
-
11. The computer-readable medium of claim 9, further comprising:
securing a client file stored on the server with an access data structure and sending the access data structure to the client.
-
12. The computer-readable medium of claim 9, further comprising:
saving an original sealed response sent in response to a first request and resending the saved sealed response when a second request duplicating the first request is received.
-
13. A computerized system comprising:
-
a plurality of loader modules downloaded from a server to a client;
a secured file transfer service executing on the server and coupled to one of the plurality of loader modules, wherein the file transfer service is secured with a secret generated by the server and shared with the client; and
a secure conversation coupling the client and the server, wherein the secure conversation comprises corresponding secured network protocol modules executing on the client and the server based on a key securely shared between the client and server using the secret. - View Dependent Claims (14, 15)
an initialization loader for obtaining and presenting credentials to the server to authenticate the client and for receiving the secret from the server;
a setup loader initially coupled to the secured file transport service for obtaining boot files sealed using the secret from the server, for unsealing the boot files and booting the computer, wherein the unsealed boot files are stored on the client; and
an OS loader for booting the computer using the unsealed boot files stored on the client.
-
-
15. The computerized system of claim 13, wherein the plurality of loaders comprises:
-
an initialization loader for obtaining and presenting credentials to the server to authenticate the client and for receiving the secret from the server;
a setup loader initially coupled to the secured file transport service for obtaining boot files sealed using the secret from the server, for unsealing the boot files and booting the computer; and
an OS loader subsequently coupled to the secured file transport service for obtaining the boot files sealed using the secret from the server, for unsealing the boot files and booting the computer.
-
-
16. A computer-readable medium having stored thereon a storage management data structure comprising:
-
a first field containing data representing an association between a file stored on a server and an access control list data structure used to control access to the file, wherein the access control list data structure comprises a first access control entry; and
a second field containing data representing the first access control entry, wherein the first access control entry is a privacy access control entry giving a client account full access to the file. - View Dependent Claims (17, 18, 19)
-
-
20. A computerized method for ensuring the integrity of remote boot client data comprising:
-
obtaining, by a process executing on a client, credentials and presenting the credentials to a server;
authenticating, by a process executing on the server, the credentials, and generating a key pair, sealing the key pair with the credentials, and sending the sealed key pair to the client, wherein the key pair comprises a client public key and a client private key;
receiving, by the client process, the sealed key pair, and unsealing the key pair, signing a file transfer request with the client private key, and sending the signed file transfer request to the server;
receiving, by the server process, the signed file transfer request, and verifying the file transfer request using the client public key, sealing the requested files with the client public key, and sending the sealed files to the client; and
receiving, by the client process, the sealed files, and, in unsealing the files using the client private key, and using the files to boot the client. - View Dependent Claims (21, 22, 23)
sending, by the server process, a sealed key to the client;
receiving, by the client process, the sealed key from the server, unsealing the key, sealing a request to the server with the key, and sending the sealed request to the server;
receiving, by the server process, the request sealed with the key, unsealing the request with the key, creating a response to fulfill the request, sealing the response with the key, and sending the sealed response to the client; and
receiving, by the client process, the sealed response and unsealing the response with the key for further processing.
-
-
22. The computerized method of claim 20, further comprising:
-
securing, by the server process, a client file stored on the server with an access control list data structure and sending the access control list data structure to the client in response to a request authenticated with the client private key; and
validating, by the client process, access requests for the file against the access control list data structure received from the server.
-
-
23. The computerized method of claim 20, further comprising:
-
saving, by the client process, an original signed request and resending the saved signed request when an expected response to the original signed request is not received; and
saving, by the server process, an original sealed response sent in response to a first request and resending the saved sealed response when a second request duplicating the first request is received.
-
-
24. A method implemented by a client computer, the method comprising:
-
presenting credentials to a server computer;
receiving a sealed secret in response;
unsealing the secret using the credentials;
signing a file request;
sending the signed file request to the server computer;
receiving sealed boot files in response;
unsealing the boot files using the secret; and
completing a boot process using the unsealed boot files. - View Dependent Claims (25, 26, 27)
receiving a sealed key from the server;
unsealing the key;
sealing a request to the server with the key;
sending the sealed request to the server;
receiving a sealed response to the request; and
unsealing the response with the key for further processing.
-
-
26. The method of claim 24, further comprising:
validating access requests for a file stored on the server against an access data structure received from the server, wherein the access data structure is associated with the file to secure the file.
-
27. The method of claim 24, further comprising:
saving an original signed request and resending the saved signed request when a response to the original sealed request is not received.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsLenzmeier, Charles T., Swift, Michael M., Barr, Adam D.
-
Primary Examiner(s)Peeso, Thomas R.
-
Application NumberUS09/107,007Time in Patent Office959 DaysField of Search380/255, 380/270, 380/278, 380/283, 713/150, 713/161, 713/168, 713/171, 713/184, 713/200, 713/201, 713/182US Class Current713/182CPC Class CodesG06F 21/575 Secure bootG06F 2211/1097 Boot, Start, Initialise, PowerG06F 2221/2103 Challenge-response
