Method and system for enforcing access to a computing resource using a licensing attribute certificate
First Claim
1. A method of enforcing access by a computer application to a computing resource controlled by a trusted computing base, comprising the steps of:
- generating enforcement data regarding allowable usage of said computing resource;
embedding said enforcement data in a licensing attribute certificate;
cryptographically binding said licensing attribute certificate to said computing resource using a private key;
associating said licensing attribute certificate with said computer application; and
authenticating in said trusted computing base the use of said computing resource by said computer application using a public hey corresponding to said private key, wherein access to the computing resource is restricted to computer applications authenticated by said trusted computing base.
1 Assignment
0 Petitions
Accused Products
Abstract
A licensing attribute certificate enables a trusted computing base to enforce access to a computing resource by a computer application. The licensing attribute certificate can contain enforcement data which limits the use of the computing resource. The licensing attribute certificate can also contain information allowing for the tracking of licensing data about the use of the computing resource. The use of a licensing attribute certificate to enforce access to a computing resource can allow products to be fielded which have their capability limited to a specific subset of functions. The enforcement data, the licensing data, and the data limiting the application to a specific subset of functions are cryptographically bound to the computing resource using a licensing attribute certificate according to the invention. Prior to allowing access to the computing resource by the computer application, a trusted computing base strongly authenticates that usage via the licensing attribute certificate.
57 Citations
48 Claims
-
1. A method of enforcing access by a computer application to a computing resource controlled by a trusted computing base, comprising the steps of:
-
generating enforcement data regarding allowable usage of said computing resource; embedding said enforcement data in a licensing attribute certificate; cryptographically binding said licensing attribute certificate to said computing resource using a private key; associating said licensing attribute certificate with said computer application; and authenticating in said trusted computing base the use of said computing resource by said computer application using a public hey corresponding to said private key, wherein access to the computing resource is restricted to computer applications authenticated by said trusted computing base. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A system for enforcing access by a computer application to a computing resource controlled by a trusted computing base, comprising:
-
means for generating enforcement data regarding allowable usage of said computing resource; means for embedding said enforcement data in a licensing attribute certificate; means for cryptographically binding said licensing attribute certificate to said computing resource using a private key; means for associating said licensing attribute certificate with said computer application; and the trusted computing base being operable to authenticate the use of said computing resource by said computer application using a public key corresponding to said private key, wherein the computing resource is arranged to be accessible only to computer applications authenticated by said trusted computing base. - View Dependent Claims (30, 31, 32, 33, 34)
-
-
35. A method of forming a licensing attribute certificate for enforcing access by a computer application to a computing resource, access to the computing resource being restricted to computer applications authenticated by a trusted computing base, the method comprising the steps of:
-
generating enforcement data regarding allowable usage of said computing resource; embedding said enforcement data in said licensing attribute certificate; cryptographically binding said licensing attribute certificate to said computing resource using a private key; and associating said licensing attribute certificate with said computer application, wherein the licensing attribute certificate is authenticatable by the trusted computing base, using a public key corresponding to said private key, to enable access by the computer application to the computing resource. - View Dependent Claims (36, 37, 38, 39, 40, 41)
-
-
42. A system for forming a licensing attribute certificate for enforcing access by a computer application to a computing resource, access to the computing resource being restricted to computer applications authenticated by a trusted computing base, comprising:
-
means for generating enforcement data regarding allowable usage of said computing resource; means for embedding said enforcement data in said licensing attribute certificate; means for cryptographically binding said licensing attribute certificate to said computing resource using a private key; and means for associating said licensing attribute certificate with said computer application, wherein the licensing attribute certificate is authenticatable by the trusted computing base, using a public key corresponding to said private key, to enable access by the computer application to the computing resource. - View Dependent Claims (43, 44, 45, 46, 47, 48)
-
Specification