Hardware-based device authentication

US 9,928,360 B2
Filed: 02/19/2016
Issued: 03/27/2018
Est. Priority Date: 12/23/2012
Status: Active Grant

First Claim

Patent Images

1. A device comprising:

a microcontroller comprising a management controller;

secured memory; and

a network interface;

wherein the management controller is configured to;

identify a domain identifier of a first domain of a plurality of domains, the domain identifier included in a domain certificate received from the first domain;

identify a first permanent hardware identifier set as a fuse key value embedded in hardware of the device during fabrication, the first permanent hardware identifier being unique and private to the device;

identify a plurality of unique second private hardware identifiers stored in the secured memory, each derived from the first permanent hardware identifier for a corresponding one of a plurality of different services of the first domain;

derive a plurality of hardware-based root identifiers from the plurality of unique second private hardware identifiers respectively, wherein resetting and replacing each root identifier by a user disassociates the device from a corresponding user profile maintained by the first domain;

store the plurality of root identifiers in the secured memory;

derive a plurality of secure identifiers for a pairing of the device and the first domain based on the plurality of root identifiers respectively and the domain identifier, each of the plurality of secure identifiers being different and corresponding to one of the plurality of unique second private hardware identifiers;

cause a secure identifier of the plurality of secure identifiers to be sent over a secured channel to a domain computing device associated with the first domain;

responsive to a request received from the first domain, identify an initial set of security posture data for the device;

cause the initial set of security posture data for the device to be provided to the domain computing device over the secured channel;

identify an additional set of security posture data for the device based on a first interaction between the device and the first domain; and

cause the additional set of security posture data for the device to be provided to the domain computing device over the secured channel; and

wherein the network interface is configured to transmit the secure identifier, the initial set of security posture data, and the additional set of security posture data over the secured channel to the domain computing device.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An opportunity for a computing device to participate in a secure session with a particular domain is identified. A domain identifier of the particular domain is received and a secured microcontroller of the computing device is used to identify a secured, persistent hardware identifier of the computing device stored in secured memory of the computing device. A secure identifier is derived for a pairing of the computing device and the particular domain based on the hardware identifier and domain identifier of the particular domain and the secure identifier is transmitted over a secured channel to the particular domain. The particular domain can verify identity of the computing device from the secure identifier and apply security policies to transactions involving the computing device and the particular domain based at least in part on the secure identifier.

89 Citations

View as Search Results

20 Claims

1. A device comprising:
- a microcontroller comprising a management controller;
  
  secured memory; and
  
  a network interface;
  
  wherein the management controller is configured to;
  
  identify a domain identifier of a first domain of a plurality of domains, the domain identifier included in a domain certificate received from the first domain;
  
  identify a first permanent hardware identifier set as a fuse key value embedded in hardware of the device during fabrication, the first permanent hardware identifier being unique and private to the device;
  
  identify a plurality of unique second private hardware identifiers stored in the secured memory, each derived from the first permanent hardware identifier for a corresponding one of a plurality of different services of the first domain;
  
  derive a plurality of hardware-based root identifiers from the plurality of unique second private hardware identifiers respectively, wherein resetting and replacing each root identifier by a user disassociates the device from a corresponding user profile maintained by the first domain;
  
  store the plurality of root identifiers in the secured memory;
  
  derive a plurality of secure identifiers for a pairing of the device and the first domain based on the plurality of root identifiers respectively and the domain identifier, each of the plurality of secure identifiers being different and corresponding to one of the plurality of unique second private hardware identifiers;
  
  cause a secure identifier of the plurality of secure identifiers to be sent over a secured channel to a domain computing device associated with the first domain;
  
  responsive to a request received from the first domain, identify an initial set of security posture data for the device;
  
  cause the initial set of security posture data for the device to be provided to the domain computing device over the secured channel;
  
  identify an additional set of security posture data for the device based on a first interaction between the device and the first domain; and
  
  cause the additional set of security posture data for the device to be provided to the domain computing device over the secured channel; and
  
  wherein the network interface is configured to transmit the secure identifier, the initial set of security posture data, and the additional set of security posture data over the secured channel to the domain computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The device of claim 1, wherein the microcontroller is independent of an operating system of the device and values of the plurality of secure identifiers derived by the microcontroller are hidden from the operating system.
  - 3. The device of claim 2, wherein the management controller is further to query at least one of the secured memory of the device, the operating system of the device, a peripheral device associated with the device, a second processor of the device, or another entity of the device to collect the additional set of security posture data from the device.
  - 4. The device of claim 1, wherein the management controller is configured to re-derive the secure identifier when the device is to establish a second secure session with the domain computing device.
  - 5. The device of claim 1, further comprising a communication manager to enable a secured communication channel between the microcontroller and the plurality of domains.
  - 6. The device of claim 1, wherein the device comprises one or more of a computer-assisted appliance, an industrial device, a computing system of an automobile, a tablet computer, and a smartphone.
  - 7. The device of claim 1, where the management controller is configured to participate concurrently in a plurality of secure sessions with at least two of the plurality of domains.
  - 8. The device of claim 1, whereinthe initial set of security posture data comprises data describing persistent attributes of the device, andthe additional set of security posture data comprises data describing dynamic attributes of the device that can change based on the first interaction.
  - 9. The device of claim 1, whereinthe management controller is further to present information to a user of the device to determine whether to establish the secured channel between the device and the domain computing device, andthe management controller is further to use rules established by the user to determine whether to cause one or both of the initial set of security posture data and the additional set of security posture data to be provided to the domain computing device.
  - 10. The device of claim 1, whereinthe secure identifier enables the domain computing device to authenticate the device at the first domain,the device is to determine whether the first domain is trustworthy before providing the secure identifier to the first domain,the secured channel is to be established if the device is authenticated at the first domain and the device determines that the first domain is trustworthy,the secure identifier enables the domain computing device to re-authenticate the device and determine whether to perform a subsequent second interaction with the device, andthe additional set of security posture data for the device is provided to the domain computing device if the first domain needs or requests the additional set of security posture data to enable the subsequent second interaction.

11. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a device, cause the device to:
- detect that the device has entered a first domain;
  
  receive a domain identifier of the first domain over a network associated with the first domain, the domain identifier included in a domain certificate;
  
  identify, using a secured microcontroller of the device, a first permanent hardware identifier set as a fuse key value embedded in hardware of the device during fabrication, the first permanent hardware identifier being unique and private to the device;
  
  identify, using the secured microcontroller, a plurality of unique second private hardware identifiers of the device stored in a non-volatile memory of the device, each derived from the first permanent hardware identifier for a corresponding one of a plurality of different services of the first domain;
  
  derive, using the secured microcontroller, a plurality of hardware-based root identifiers from the plurality of unique second private hardware identifiers respectively, wherein resetting and replacing each root identifier by a user disassociates the device from a corresponding user profile maintained by the first domain;
  
  store the plurality of root identifiers in the non-volatile memory;
  
  derive, using the secured microcontroller, a plurality of secure identifiers for a pairing of the device and the first domain based on the plurality of root identifiers respectively and the domain identifier of the first domain, each of the plurality of secure identifiers being different and corresponding to one of the plurality of unique second private hardware identifiers;
  
  cause a secure identifier of the plurality of secure identifiers to be sent over a secured channel to a domain computing device associated with the first domain;
  
  responsive to a request received from the first domain, identify an initial set of security posture data for the device;
  
  cause the initial set of security posture data for the device to be provided to the domain computing device over the secured channel;
  
  identify an additional set of security posture data for the device based on a first interaction between the first domain and the device; and
  
  cause the additional set of security posture data for the device to be provided to the domain computing device over the secured channel.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The storage medium of claim 11, wherein the secured microcontroller is independent of an operating system of the device and values of the plurality of secure identifiers derived by the secured microcontroller are hidden from the operating system.
  - 13. The storage medium of claim 11, wherein the instructions, when executed, further cause the device to:
    - enter into a secure session with the domain computing device; and
      
      perform one or more transactions within the secure session with the domain computing device.
  - 14. The storage medium of claim 11, wherein the secured microcontroller is to derive a value of the secure identifier via a hash operation.
  - 15. The storage medium of claim 11, wherein the secure identifier is a unique identifier to correspond to the pairing of the device and the first domain.
  - 16. The storage medium of claim 11, wherein the instructions, when executed, further cause the device to:
    - receive a request to reset a given root identifier;
      
      reset the given root identifier;
      
      derive a replacement root identifier; and
      
      store the replacement root identifier in the non-volatile memory.
  - 17. The storage medium of claim 16, wherein the secure identifier is a first secure identifier, and the instructions, when executed, further cause the device to:
    - enter into a secure session with the first domain following the reset;
      
      derive a second secure identifier for the pairing of the device and the first domain based on the replacement root identifier and the domain identifier of the first domain, wherein the second secure identifier is different from the first secure identifier; and
      
      communicate the second secure identifier to the domain computing device.

18. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a device, cause the device to:
- identify, using a secured microcontroller of the device, a first permanent hardware identifier set as a fuse key value embedded in hardware of the device during fabrication, the first permanent hardware identifier being unique and private to the device;
  
  derive, using the secured microcontroller, a plurality of unique second private hardware identifiers of the device, each derived from the first permanent hardware identifier for a corresponding one of a plurality of different services of a first domain;
  
  store the plurality of unique second private hardware identifiers in a non-volatile memory of the device;
  
  derive, using the secured microcontroller, a plurality of hardware-based root identifiers from the plurality of unique second private hardware identifiers respectively, wherein resetting and replacing each root identifier by a user disassociates the device from a corresponding user profile maintained by the first domain;
  
  store the plurality of root identifiers in the non-volatile memory;
  
  receive a domain identifier of the first domain in a domain certificate of the first domain;
  
  derive, using the secured microcontroller, a plurality of secure identifiers for a pairing of the device and the first domain based on the plurality of root identifiers respectively and the domain identifier of the first domain, each of the plurality of secure identifiers being different and corresponding to one of the plurality of unique second private hardware identifiers;
  
  cause, using the secured microcontroller, a secure identifier of the plurality of secure identifiers to be sent over a secured channel to a domain computing device of the first domain;
  
  responsive to a request received from the first domain, identify, using the secured microcontroller, an initial set of security posture data for the device;
  
  cause, using the secured microcontroller, the initial set of security posture data for the device to be provided to the domain computing device over the secured channel;
  
  identify, using the secured microcontroller, an additional set of security posture data for the device based on a first interaction between the first domain and the device; and
  
  cause, using the secured microcontroller, the additional set of security posture data for the device to be provided to the domain computing device over the secured channel.
- View Dependent Claims (19, 20)
- - 19. The storage medium of claim 18, wherein the instructions, when executed, further cause the device to, re-derive, using the secured microcontroller, the secure identifier when the device is to establish another secure session with the domain computing device.
  - 20. The storage medium of claim 18, wherein the instructions, when executed, further cause the device to:
    - receive a request to reset a given root identifier;
      
      reset the given root identifier;
      
      derive a replacement root identifier;
      
      store the replacement root identifier in the non-volatile memory;
      
      identify an opportunity for the device to participate in a secure session with the first domain following the reset;
      
      derive a second secure identifier for the pairing of the device and the first domain based on the replacement root identifier and the domain identifier of the first domain, wherein the second secure identifier is different from the secure identifier; and
      
      communicate the second secure identifier to the domain computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, LLC
Inventors
Von Bokern, Vincent Edward, Goel, Purushottam, Schrecker, Sven, Smith, Ned McArthur
Primary Examiner(s)
SIMITOSKI, MICHAEL J

Application Number

US15/047,900
Publication Number

US 20160171206A1
Time in Patent Office

767 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/2255   Hash tables

G06F 21/305   by remotely controlling dev...

G06F 21/44   Program or device authentic...

H04L 63/0876   based on the identity of th...

H04L 63/102   Entity profiles

H04L 63/107   wherein the security polici...

H04L 63/20   for managing network securi...

H04L 9/0877   using additional device, e....

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

H04W 12/71   Hardware identity

Hardware-based device authentication

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

89 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Hardware-based device authentication

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

89 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links