Stateless attestation system
First Claim
1. A method, comprising:
- running on a user computer a first operating environment for performing general purpose operations and a second operating environment configured exclusively for providing a secure communication session, wherein the second operating environment is isolated from the first operating environment, wherein general-purpose operations performed in the first operating environment do not affect operation of the second operating environment;
communicating between the user computer and a first server to assess a trustworthiness level of the second operating environment of the user computer by communication between the second operating environment of the user computer and the first server;
receiving by the user computer, a record from the first server indicating the trustworthiness level for storage by the second operating environment of the user computer;
sending a request from the user computer to a second server, different from the first server, for a service to be provided to the user computer by the second server; and
providing the record from the user computer to the second server by communicating between the user computer andthe second server, to cause the second server to extract the trustworthiness level from the record, and conditionally allow the requested service to be provided to the user computer depending on the extracted trustworthiness level.
2 Assignments
0 Petitions
Accused Products
Abstract
A method includes assessing a trustworthiness level of a user computer by communication between the user computer and a first server. A record indicating the trustworthiness level is sent from the first server to the user computer, for storage by the user computer. A request is sent from the user computer to a second server, different from the first server, for a service to be provided to the user computer by the second server. The record is provided from the user computer to the second server by communicating between the user computer and the second server. At the second server, the trustworthiness level is extracted from the record, and the requested service is conditionally allowed to be provided to the user computer depending on the extracted trustworthiness level.
-
Citations
23 Claims
-
1. A method, comprising:
-
running on a user computer a first operating environment for performing general purpose operations and a second operating environment configured exclusively for providing a secure communication session, wherein the second operating environment is isolated from the first operating environment, wherein general-purpose operations performed in the first operating environment do not affect operation of the second operating environment; communicating between the user computer and a first server to assess a trustworthiness level of the second operating environment of the user computer by communication between the second operating environment of the user computer and the first server; receiving by the user computer, a record from the first server indicating the trustworthiness level for storage by the second operating environment of the user computer; sending a request from the user computer to a second server, different from the first server, for a service to be provided to the user computer by the second server; and providing the record from the user computer to the second server by communicating between the user computer and the second server, to cause the second server to extract the trustworthiness level from the record, and conditionally allow the requested service to be provided to the user computer depending on the extracted trustworthiness level. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A networked computer system, comprising:
-
one or more user computers, each to run a first operating environment for performing general purpose operations and a second operating environment configured exclusively for providing a secure communication session, wherein the second operating environment is isolated from the first operating environment, wherein general-purpose operations performed in the first operating environment do not affect operation of the second operating environment; one or more first servers, which are configured to assess respective trustworthiness levels of the second operating environments of the respective user computers, and to forward records indicating the assessed trustworthiness levels to the user computers for storage by respective second operating environments of the user computers; and second server, separate from the first servers, which is configured to obtain the records from the user computers along with requests from the user computers for service to be provided by the second server, to extract the trustworthiness levels from the records, and to conditionally provide the service to the user computers depending on the extracted thustworthiness levels. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A user computer, comprising:
-
an network interface device, which is operative to communicate with multiple servers over a communication network; and a processor device, which is coupled to run a first operating environment configured to perform general-purpose operations, and a second operating environment configured exclusively for providing a secure communication session, wherein the second operating environment is isolated from the first operating environment, wherein general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, to communicate with a first server over the network interface device to assess a trustworthiness level of the second operating environment, to receive a record from the first server indicating the trustworthiness level for storage by the second operating environment of the user computer, send a request to a second server different from the first server for a service to be provided to the user computer by the second server, and provide the record to the second server to cause the second server to extract the trustworthiness level from the record and conditionally obtain the requested service depending on the extracted trustworthiness level.
-
Specification