Attesting to a value of a register and/or memory region

US 7,356,682 B2
Filed: 05/07/2003
Issued: 04/08/2008
Est. Priority Date: 10/26/1998
Status: Expired due to Fees

First Claim

Patent Images

1. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by a processor, causes the processor to:

receive a request at the processor to make a signed attestation of a current value of a register; and

return a signed statement from the processor of the current value of the register including a boot log, wherein the statement is signed using a private key of a pair of public and private keys of the processor, and wherein the signed statement includes a public key of the pair of public and private keys of the processor, and wherein the private key resides on at least one of the computer readable memories.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with one aspect of attesting to a value of a register and/or memory region, an operating system of a device receives a request, in response to an ATTEST operation being invoked, to make a signed attestation of a value. The operating system signs a statement that includes the value using a private key of a pair of public and private keys of a processor of the device. The value may be stored in a register and/or a region of memory.

Citations

16 Claims

1. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by a processor, causes the processor to:
- receive a request at the processor to make a signed attestation of a current value of a register; and
  
  return a signed statement from the processor of the current value of the register including a boot log, wherein the statement is signed using a private key of a pair of public and private keys of the processor, and wherein the signed statement includes a public key of the pair of public and private keys of the processor, and wherein the private key resides on at least one of the computer readable memories.
- View Dependent Claims (2, 3, 4)
- - 2. One or more computer readable memories as recited in claim 1, wherein the signed statement further includes a value “
    - ATTEST”
      
      .
  - 3. One or more computer readable memories as recited in claim 1, wherein the signed statement further includes a name of the register.
  - 4. One or more computer readable memories as recited in claim 1, wherein the signed statement further includes a current value of a region of memory identified in the request.

5. A method implemented in a device having a processor, the method comprising:
- receiving a request at the processor to make a signed attestation of a current value of a register; and
  
  returning a signed statement from the processor of the current value of the register including a boot log, wherein the statement is signed using a private key of a pair of public and private keys of the processor, and wherein the signed statement includes a public key of the pair of public and private keys of the processor, and wherein the private key resides on a computer readable memory of the device.
- View Dependent Claims (6, 7, 8)
- - 6. A method as recited in claim 5, wherein the signed statement further includes a value “
    - ATTEST”
      
      .
  - 7. A method as recited in claim 5, wherein the signed statement further includes a name of the register.
  - 8. A method as recited in claim 5, wherein the signed statement further includes a current value of a region of memory identified in the request.

9. A device comprising:
- a processor; and
  
  one or more computer readable memories having stored thereon a plurality of instructions that, when executed by the processor, causes the processor to;
  
  receive a request at the processor to make a signed attestation of a current value of a register; and
  
  return a signed statement from the processor of the current value of the register including a boot log, wherein the statement is signed using a private key of a pair of public and private keys of the processor, and wherein the signed statement includes a public key of the pair of public and private keys of the processor, and wherein the private key resides on at least one of the computer readable memories.
- View Dependent Claims (10, 11, 12)
- - 10. A device as recited in claim 9, wherein the signed statement further includes a value “
    - ATTEST”
      
      .
  - 11. A device as recited in claim 9, wherein the signed statement further includes a name of the register.
  - 12. A device as recited in claim 9, wherein the signed statement further includes a current value of a region of memory identified in the request.

13. A device comprising:
- means for receiving a request at a processor to make a signed attestation of a current value of a register; and
  
  means for returning a signed statement from the processor of the current value of the register including a boot log, wherein the statement is signed using a private key of a pair of public and private keys of the processor, and wherein the signed statement includes a public key of the pair of public and private keys of the processor, and wherein the private key resides on a computer readable memory of the device.
- View Dependent Claims (14, 15, 16)
- - 14. A device as recited in claim 13, wherein the signed statement further includes a value “
    - ATTEST”
      
      .
  - 15. A device as recited in claim 13, wherein the signed statement further includes a name of the register.
  - 16. A device as recited in claim 13, wherein the signed statement further includes a current value of a region of memory identified in the request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
England, Paul, Lampson, Butler W., DeTreville, John D.
Primary Examiner(s)
Vu; Kim
Assistant Examiner(s)
KLIMACH, PAULA W

Application Number

US10/431,309
Publication Number

US 20030196111A1
Time in Patent Office

1,798 Days
Field of Search

713/202, 713 1- 2, 711/164, 711/202, 711/103, 726 34- 35, 726 27- 28
US Class Current

713/2
CPC Class Codes

G06F 21/1011   to devices

G06F 21/445   by mutual authentication, e...

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 2221/2103   Challenge-response

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2129   Authenticate client device ...

G06F 9/4406   Loading of operating system

G06F 9/468   Specific access rights for ...

Attesting to a value of a register and/or memory region

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Attesting to a value of a register and/or memory region

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links