Systems, methods and apparatuses for secure time management
First Claim
1. An apparatus for secure time management, comprising:
- a non-volatile storage to store a synchronization time;
a first counter configured to increment at a first predetermined frequency;
a second counter configured to increment at a second predetermined frequency, wherein the first predetermined frequency and the second predetermined frequency are different; and
a processor configured to;
generate a request for a current time, the request to include a nonce generated at the apparatus;
transmit the request to a trusted timekeeper;
receive a response containing a current, real-world time from the trusted timekeeper, the response being digitally signed with a digital signature;
verify the digital signature of the response;
verify that the response is received within a predefined time;
compare the nonce in the request to a nonce in the response;
determine that the current, real-world time received from the trusted timekeeper is within a range of a first current time calculated at the apparatus based on the synchronization time, numbers counted by the first and the second counters respectively, and switching event information; and
update the synchronization time with the current, real-world time in the response received from the trusted timekeeper, when the current, real-world time is within the range of the first current time.
1 Assignment
0 Petitions
Accused Products
Abstract
The systems, methods and apparatuses described herein provide a computing environment that includes secure time management. An apparatus according to the present disclosure may comprise a non-volatile storage to store a synchronization time and a processor. The processor may be configured to generate a request for a current time, transmit the request to a trusted timekeeper, receive a digitally signed response containing a current, real-world time from the trusted timekeeper, verify the digital signature of the response, verify that the response is received within a predefined time, compare a nonce in the request to a nonce in the response, determine that the current, real-world time received from the trusted timekeeper is within a range of a current time calculated at the apparatus and update the synchronization time with the current, real-world time in the response.
-
Citations
23 Claims
-
1. An apparatus for secure time management, comprising:
-
a non-volatile storage to store a synchronization time; a first counter configured to increment at a first predetermined frequency; a second counter configured to increment at a second predetermined frequency, wherein the first predetermined frequency and the second predetermined frequency are different; and a processor configured to; generate a request for a current time, the request to include a nonce generated at the apparatus; transmit the request to a trusted timekeeper; receive a response containing a current, real-world time from the trusted timekeeper, the response being digitally signed with a digital signature; verify the digital signature of the response; verify that the response is received within a predefined time; compare the nonce in the request to a nonce in the response; determine that the current, real-world time received from the trusted timekeeper is within a range of a first current time calculated at the apparatus based on the synchronization time, numbers counted by the first and the second counters respectively, and switching event information; and update the synchronization time with the current, real-world time in the response received from the trusted timekeeper, when the current, real-world time is within the range of the first current time. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method for secure time management, comprising:
-
generating, at an apparatus, a request for a current time, the request to include a nonce generated at the apparatus; transmitting the request to a trusted timekeeper; receiving a response containing a current, real-world time from the trusted timekeeper, the response being digitally signed with a digital signature; verifying the digital signature of the response; verifying that the response is received within a predefined time; comparing the nonce in the request to a nonce in the response; determining that the current, real-world time received from the trusted timekeeper is within a range of a first current time calculated at the apparatus based on a synchronization time stored in a non-volatile storage of the apparatus, a number counted by a first counter incremented at a first predetermined frequency, a number counted by a second counter incremented at a second predetermined frequency, and switching event information, wherein the first predetermined frequency and the second predetermined frequency are different; and updating the synchronization time with the current, real-world time in the response received from the trusted timekeeper when the current, real-world time is within the range of the first current time. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A non-transitory computer readable medium containing program instructions for a method for secure time management, the instructions causing a computer to execute the method, comprising:
-
generating, at an apparatus, a request for a current time, the request to include a nonce generated at the apparatus; transmitting the request to a trusted timekeeper; receiving a response containing a current, real-world time from the trusted timekeeper, the response being digitally signed with a digital signature; verifying the digital signature of the response; verifying that the response is received within a predefined time; comparing the nonce in the request to a nonce in the response; determining that the current, real-world time received from the trusted timekeeper is within a range of a first current time calculated at the apparatus based on a synchronization time stored in a non-volatile storage of the apparatus, a number counted by a first counter incremented at a first predetermined frequency, a number counted by a second counter incremented at a second predetermined frequency, and switching event information, wherein the first predetermined frequency and the second predetermined frequency are different; and updating the synchronization time with the current, real-world time in the response received from the trusted timekeeper when the current, real-world time is within the range of the first current time. - View Dependent Claims (22, 23)
-
Specification