System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party

US 7,415,620 B2
Filed: 12/22/2006
Issued: 08/19/2008
Est. Priority Date: 10/26/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A method implemented in a subscriber unit for establishing a chain of trust between the subscriber unit and a content provider, the subscriber unit having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys, a manufacturer certificate supplied by a manufacturer of the CPU, and a software identity register that holds an identity of the operating system, the method comprising:

submitting a request to the content provider, the request specifying a particular content;

receiving, from the content provider, a challenge nonce generated at the content provider;

forming an OS certificate containing the identity from the software identity register, information describing the operating system, the challenge nonce, and the CPU public key and signing the OS certificate using the CPU private key, wherein the forming comprises forming the OS certificate with one or more items from a boot log containing identities of software components that are executing on the CPU;

passing the OS certificate and the CPU manufacturer certificate to the content provider for the content provider to evaluate the OS certificate and the CPU manufacturer to determine whether to reject or fulfill the request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with certain aspects, a chain of trust is established between a subscriber unit and a content provider. A request is submitted from the subscriber unit to the content provider. A challenge nonce is generated at the content provider and returned to the subscriber unit. At the subscriber unit, an operating system (OS) certificate containing an identity of the operating system from the software identity register, information describing the operating system, the challenge nonce, and a CPU public key is formed, and the OS certificate is signed using a CPU private key. The OS certificate and a CPU manufacturer certificate supplied by a manufacturer of the CPU are passed from the subscriber unit to the content provider, and are evaluated at the content provider to determine whether to reject or fulfill the request.

131 Citations

22 Claims

1. A method implemented in a subscriber unit for establishing a chain of trust between the subscriber unit and a content provider, the subscriber unit having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys, a manufacturer certificate supplied by a manufacturer of the CPU, and a software identity register that holds an identity of the operating system, the method comprising:
- submitting a request to the content provider, the request specifying a particular content;
  
  receiving, from the content provider, a challenge nonce generated at the content provider;
  
  forming an OS certificate containing the identity from the software identity register, information describing the operating system, the challenge nonce, and the CPU public key and signing the OS certificate using the CPU private key, wherein the forming comprises forming the OS certificate with one or more items from a boot log containing identities of software components that are executing on the CPU;
  
  passing the OS certificate and the CPU manufacturer certificate to the content provider for the content provider to evaluate the OS certificate and the CPU manufacturer to determine whether to reject or fulfill the request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as recited in claim 1, wherein the content provider evaluates the OS certificate by determining whether to trust the identity in the OS certificate.
  - 3. The method as recited in claim 1, wherein the content provider evaluates the OS certificate by determining whether the challenge nonce returned in the OS certificate is the challenge nonce generated by the content provider.
  - 4. The method as recited in claim 1, wherein the content provider evaluates the OS certificate by verifying the signature on the OS certificate using the CPU public key contained in the OS certificate.
  - 5. The method as recited in claim 1, wherein the content provider evaluates the OS certificate by determining whether the OS certificate and the manufacturer certificate contain an identical CPU public key.
  - 6. The method as recited in claim 1, wherein the content provider evaluates the OS certificate by verifying a manufacturer signature on the manufacturer certificate.
  - 7. The method as recited in claim 1, wherein the content provider evaluates the OS certificate by determining whether to trust the manufacturer of the CPU.
  - 8. The method as recited in claim 1, further comprising downloading the content specified in the request in an event that the content provider elects to fulfill the request.
  - 9. The method as recited in claim 8, the content provider having encrypted the content using a storage key derived in part from the identity of the operating system.

10. A method implemented in a content provider for establishing a chain of trust between the content provider and a subscriber unit, in which the subscriber unit has a central processing unit (CPU) and an operating system (OS) and the CPU further includes a pair of private and public keys, a manufacturer certificate supplied by a manufacturer of the CPU, and a software identity register that holds an identity of the operating system, the method comprising:
- receiving a request from the subscriber unit, the request specifying a particular content;
  
  generating a challenge nonce;
  
  returning the challenge nonce to the subscriber unit;
  
  receiving, from the subscriber unit, the CPU manufacturer certificate and an OS certificate containing the identity from the software identity register, information describing the operating system, the challenge nonce, and the CPU public key, the OS certificate having been signed using the CPU private key, wherein the identity from the software identity register comprises one or more items from a boot log containing identities of software components executing on the CPU; and
  
  evaluating the OS certificate and the CPU manufacturer certificate at the content provider to determine whether to reject or fulfill the request.

11. A method implemented by a third party for associating a level of trust with a user computer, the user computer having a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys, a manufacturer certificate supplied by a manufacturer of the CPU, and a software identity register that holds an identity of an operating system executing on the CPU, the method comprising:
- establishing a secure connection between the user computer and the third party;
  
  generating a challenge nonce;
  
  transmitting the challenge nonce to the user computer over the secure connection;
  
  receiving, from the user computer, an OS certificate and the challenge nonce, wherein the OS certificate comprises one or more items from a boot log containing identities of software components executing on the CPU, and wherein the OS certificate and the challenge nonce are signed by the user computer using the CPU private key;
  
  associating the level of trust for the user computer using the signed OS certificate.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 12. The method as recited in claim 11, wherein the identities of the software components executing on the CPU are held in the software identity register.
  - 13. The method as recited in claim 11, wherein the level of trust is based on the operating system identified by the software identity register.
  - 14. The method as recited in claim 11, wherein the OS certificate comprises a boot log.
  - 15. The method as recited in claim 11, wherein the OS certificate comprises a value of a register containing a value associated with a boot log.
  - 16. The method as recited in claim 11, wherein the level of trust is based on the identities of the software components executing on the CPU.
  - 17. The method as recited in claim 11, wherein the software components include device drivers executing on the CPU.
  - 18. The method as recited in claim 17, wherein the level of trust is based on the identities of the device drivers executing on the CPU.
  - 19. The method as recited in claim 11, further comprising:
    - receiving, from the user computer, a request for access to specific content;
      
      evaluating whether to permit access based on the level of trust associated with the user computer.
  - 20. The method as recited in claim 19, wherein the access comprises:
    - transmitting the specific content to the user computer through the secure connection.
  - 21. The method as recited in claim 19, wherein the access comprises:
    - transmitting a storage key for the specific content to the user computer through the secure connection, wherein the specific content was previously stored on the user computer.
  - 22. The method as recited in claim 21, wherein the specific content was obtained outside the secure connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
England, Paul, Lampson, Butler W., DeTreville, John D.
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
Dada; Beemnet W

Application Number

US11/615,361
Publication Number

US 20070118769A1
Time in Patent Office

606 Days
Field of Search

713164-168, 713/173, 713/189, 713/193, 726/2, 726/10, 726/18, 726/26, 726/27
US Class Current

713/193
CPC Class Codes

G06F 21/1011   to devices

G06F 21/445   by mutual authentication, e...

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 2221/2103   Challenge-response

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2129   Authenticate client device ...

G06F 9/4406   Loading of operating system

G06F 9/468   Specific access rights for ...

System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

131 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

131 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links