Location attestation service
First Claim
Patent Images
1. A method, comprising:
- initiating, in a client computing device, a location attestation operation during a boot operation of the computing device prior to initiating an operating system of the computer device;
in response to initiating the location attestation operation, requesting by the client computing device a location attestation certificate from a source external to the client computing device by transmitting an identifier associated with the client computing device to the source external to the client computing device;
monitoring a status of the location attestation certificate, and when the location attestation certificate is invalid, requesting a new location attestation certificate;
communicating with a location attestation service managing participation by the computing device as a blade computing device in a blade pool, wherein a set of certificate authorities is assigned as trusted third parties allowing the blade computing device and blades at different locations to join the blade pool; and
completing the boot operation only after the location attestation certificate is granted, and terminating the boot operation when the location attestation certificate is not granted.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment a computer system comprises a processor and a memory module coupled to the processor and comprising logic instructions stored in a computer readable medium. The logic instructions, when executed, configure the processor to initiate, in a client computing device, a service request, in response to the service request, initiate a request for a location attestation certificate, and complete the client service request when the location attestation certificate is granted.
16 Citations
19 Claims
-
1. A method, comprising:
-
initiating, in a client computing device, a location attestation operation during a boot operation of the computing device prior to initiating an operating system of the computer device; in response to initiating the location attestation operation, requesting by the client computing device a location attestation certificate from a source external to the client computing device by transmitting an identifier associated with the client computing device to the source external to the client computing device; monitoring a status of the location attestation certificate, and when the location attestation certificate is invalid, requesting a new location attestation certificate; communicating with a location attestation service managing participation by the computing device as a blade computing device in a blade pool, wherein a set of certificate authorities is assigned as trusted third parties allowing the blade computing device and blades at different locations to join the blade pool; and completing the boot operation only after the location attestation certificate is granted, and terminating the boot operation when the location attestation certificate is not granted. - View Dependent Claims (2, 3, 4, 5, 6, 15)
-
-
7. A computer system, comprising:
-
a processor; a memory module coupled to the processor and comprising logic instructions stored in a computer readable medium which, when executed, configure the processor to; initiate, in a client computing device, a location attestation operation during a boot operation of the client computing device prior to initiating an operating system of the client computing device; in response to initiating the location attestation operation requesting by the client computing device a location attestation certificate from a source external to the client computing device, wherein the location attestation certificate includes an indication of the location of the client computing device; monitoring a status of the location attestation certificate, and when the location attestation certificate is invalid, requesting a new location attestation certificate; communicating with a location attestation service managing participation by the client computing device as a computing device in a computing device pool, wherein a set of certificate authorities is assigned as trusted third parties allowing the computing device and computing devices at different locations to join the computing device pool; and complete the boot operation only after the location attestation certificate is granted, and terminating the boot operation when the location attestation certificate is not granted. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer system, comprising:
system hardware comprising; a basic input output system (BIOS) configured to perform a system initialization of the computer system and configured to complete a boot of the computer system to initiate an operating system of the computer system only with a valid local attestation certificate; a local attestation module configured to request the location attestation certificate from a location attestation interface device external to the computer system by transmitting an identifier associated with the computer system to the location attestation interface device; and wherein the computer system is configured as a blade computing device connecting with a location attestation service managing participation of blade computing devices in a blade pool, such that a set of certificate authorities is assigned as trusted third parties allowing the computer system and blades at different locations to join the blade pool. - View Dependent Claims (14, 16, 17, 18, 19)
Specification