Method and System for Device Integrity Authentication

US 20120047578A1
Filed: 11/16/2010
Published: 02/23/2012
Est. Priority Date: 08/20/2010
Status: Abandoned Application

First Claim

Patent Images

1. A method for device integrity authentication, comprising:

receiving, at a second device, data from a first device;

determining, at the second device, whether at least a portion of the data is associated with a protected datatype;

determining, at the second device, a measured integrity value of the first device in response to the portion of the data being associated with the protected datatype;

comparing, at the second device, the measured integrity value of the first device to an embedded integrity value associated with the second device;

facilitating, by the second device, application of at least one of a plurality of policies associated with processing the data based on the comparison and the protected datatype.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Device integrity authentication is performed by receiving, at a second device, data from a first device. A determination is made at the second device as to whether at least a portion of the data is associated with a protected datatype. A measured integrity value of the first device is determined in response to the portion of the data being associated with the protected datatype. The measured integrity value of the first device is compared to an embedded integrity value associated with the second device. Application of at least one of a plurality of policies associated with processing the data is facilitated at the second device based on the comparison and the protected datatype.

37 Citations

View as Search Results

24 Claims

1. A method for device integrity authentication, comprising:
- receiving, at a second device, data from a first device;
  
  determining, at the second device, whether at least a portion of the data is associated with a protected datatype;
  
  determining, at the second device, a measured integrity value of the first device in response to the portion of the data being associated with the protected datatype;
  
  comparing, at the second device, the measured integrity value of the first device to an embedded integrity value associated with the second device;
  
  facilitating, by the second device, application of at least one of a plurality of policies associated with processing the data based on the comparison and the protected datatype.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the data includes the measured integrity value of the first device.
  - 3. The method of claim 1, wherein determining the measured integrity value includes requesting the measured integrity value from the first device.
  - 4. The method of claim 1, wherein facilitating application of at least one of the plurality of policies includes processing the data under a normal processing policy in response to the data not being associated with the protected datatype.
  - 5. The method of claim 1, wherein facilitating application of at least one of the plurality of policies includes processing the data under a normal processing policy in response to the measured integrity value matching the embedded integrity value.
  - 6. The method of claim 1, wherein facilitating application of at least one of the plurality of policies includes processing the data under a restricted processing policy in response to the measured integrity value not matching the embedded integrity value.
  - 7. The method of claim 1, wherein facilitating application of at least one of the plurality of policies includes:
    - communicating, by the second device, with a backend server in response to the measured integrity value not matching the embedded integrity value;
      
      receiving, at the second device, a restricted processing policy from the backend server associated with processing the data from the first device.
  - 8. The method of claim 1, wherein facilitating application of at least one of the plurality of policies includes:
    - communicating, by the second device, with a backend server in response to the measured integrity value not matching the embedded integrity value;
      
      receiving, at the second device, a normal processing policy from the backend server associated with processing the data from the first device.

9. A computer readable storage medium including code for device integrity authentication, the code operable to:
- receive data from a first device for a second device;
  
  determine whether at least a portion of the data is associated with a protected datatype;
  
  determine a measured integrity value of the first device in response to the portion of the data being associated with the protected datatype;
  
  compare the measured integrity value of the first device to an embedded integrity value associated with the second device;
  
  facilitate application of at least one of a plurality of policies associated with processing the data at the second device based on the comparison and the protected datatype.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer readable storage medium of claim 9, wherein the data includes the measured integrity value of the first device.
  - 11. The computer readable storage medium of claim 9, wherein the code operable to determine the measured integrity value includes code operable to request the measured integrity value from the first device.
  - 12. The computer readable storage medium of claim 9, wherein the code operable to facilitate application of at least one of the plurality of policies includes code operable to process the data under a normal processing policy in response to the data not being associated with the protected datatype.
  - 13. The computer readable storage medium of claim 9, wherein the code operable to facilitate application of at least one of the plurality of policies includes code operable to process the data under a normal processing policy in response to the measured integrity value matching the embedded integrity value.
  - 14. The computer readable storage medium of claim 9, wherein the code operable to facilitate application of at least one of the plurality of policies includes code operable to process the data under a restricted processing policy in response to the measured integrity value not matching the embedded integrity value.
  - 15. The computer readable storage medium of claim 9, wherein the code operable to facilitate application of at least one of the plurality of policies includes code operable to:
    - communicate with a backend server in response to the measured integrity value not matching the embedded integrity value;
      
      receive a restricted processing policy from the backend server associated with processing the data from the first device.
  - 16. The computer readable storage medium of claim 9, wherein the code operable to facilitate application of at least one of the plurality of policies includes:
    - code operable to communicate with a backend server in response to the measured integrity value not matching the embedded integrity value;
      
      receive a normal processing policy from the backend server associated with processing the data from the first device.

17. A system for device integrity authentication, comprising:
- an integrity check processing module operable to;
  
  receive data from a first device for a second device;
  
  determine whether at least a portion of the data is associated with a protected datatype;
  
  determine a measured integrity value of the first device in response to the portion of the data being associated with the protected datatype;
  
  a control processing module operable to;
  
  compare the measured integrity value of the first device to an embedded integrity value associated with the second device;
  
  facilitate application of at least one of a plurality of policies associated with processing the data at the second device based on the comparison and the protected datatype.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The system of claim 17, wherein the data includes the measured integrity value of the first device.
  - 19. The system of claim 17, wherein the integrity check processing module is operable to request the measured integrity value from the first device.
  - 20. The system of claim 17, wherein the control processing module is further operable to process the data under a normal processing policy in response to the data not being associated with the protected datatype.
  - 21. The system of claim 17, wherein the control processing module is further operable to process the data under a normal processing policy in response to the measured integrity value matching the embedded integrity value.
  - 22. The system of claim 17, wherein the control processing module is further operable to process the data under a restricted processing policy in response to the measured integrity value not matching the embedded integrity value.
  - 23. The system medium of claim 17, wherein the control processing module is further operable to:
    - communicate with a backend server in response to the measured integrity value not matching the embedded integrity value;
      
      receive a restricted processing policy from the backend server associated with processing the data from the first device.
  - 24. The system of claim 17, wherein the control processing module is further operable to:
    - communicate with a backend server in response to the measured integrity value not matching the embedded integrity value;
      
      receive a normal processing policy from the backend server associated with processing the data from the first device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
Lee, Sung, Cardenas, Alvaro A., Masuoka, Ryusuke

Application Number

US12/947,687
Publication Number

US 20120047578A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

H04L 63/126   the source of the received ...

Y04S 40/20   Information technology spec...

Method and System for Device Integrity Authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

37 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method and System for Device Integrity Authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links