CRYPTOGRAPHIC CERTIFICATION OF SECURE HOSTED EXECUTION ENVIRONMENTS

US 20130151848A1
Filed: 02/13/2012
Published: 06/13/2013
Est. Priority Date: 12/12/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

initializing, by a security-enabled processor of a computing system, a secure execution environment cryptographically certifiable as including a hardware-protected memory area established in an activation state to refrain from executing software not trusted by a client system, the hardware-protected memory area inaccessible to code that executes outside of the hardware-protected memory area, the hardware-protected memory area executing non-kernel mode code; and

providing, by a host operating system of the computing system, a persistence module executing in the secure execution environment with an encrypted checkpoint, the encrypted checkpoint derived at least partly from another secure execution environment cryptographically certifiable as including another hardware-protected memory area established in an activation state to refrain from executing software not trusted by the client system.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Implementations for providing a persistent secure execution environment with a hosted computer are described. A host operating system of a computing system provides an encrypted checkpoint to a persistence module that executes in a secure execution environment of a hardware-protected memory area initialized by a security-enabled processor. The encrypted checkpoint is derived at least partly from another secure execution environment that is cryptographically certifiable as including another hardware-protected memory area established in an activation state to refrain from executing software not trusted by the client system.

159 Citations

20 Claims

1. A method comprising:
- initializing, by a security-enabled processor of a computing system, a secure execution environment cryptographically certifiable as including a hardware-protected memory area established in an activation state to refrain from executing software not trusted by a client system, the hardware-protected memory area inaccessible to code that executes outside of the hardware-protected memory area, the hardware-protected memory area executing non-kernel mode code; and
  
  providing, by a host operating system of the computing system, a persistence module executing in the secure execution environment with an encrypted checkpoint, the encrypted checkpoint derived at least partly from another secure execution environment cryptographically certifiable as including another hardware-protected memory area established in an activation state to refrain from executing software not trusted by the client system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the encrypted checkpoint is encrypted with a persistence key, wherein the persistence key is sealed, and wherein the method further comprises providing the persistence module with the sealed persistence key.
  - 3. The method of claim 2, wherein the persistence key is sealed with a public key of the client system.
  - 4. The method of claim 2, wherein the persistence key is sealed with a public key of the security-enabled processor.
  - 5. The method of claim 1, wherein the other secure execution environment was established on another computing system, and wherein the providing is performed as part of a migration of the other secure execution environment to the computing system.
  - 6. The method of claim 1, wherein the encrypted checkpoint includes state information of the other protected memory area prior to a shut-down of execution of the other secure execution environment.
  - 7. The method of claim 1, wherein the other secure execution environment was established on the computing system, and wherein the providing is performed as part of a re-creation of the other secure execution environment.

8. Computer-readable media comprising a plurality of programming instructions that are executable by one or more processors to cause a computing system to:
- execute a secure execution environment that is cryptographically certifiable as including a hardware-protected memory area that is established in an activation state to refrain from executing software not trusted by a client system, the hardware-protected memory area inaccessible to code that executes outside of the hardware-protected memory area, the hardware-protected memory area configured to execute non-kernel mode code;
  
  provide a persistence module in the secure execution environment with an encrypted checkpoint and a sealed persistence key, the encrypted checkpoint derived at least partly from another secure execution environment that is cryptographically certifiable as including another hardware-protected memory area that includes no software untrusted by the client system.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-readable media of claim 8, wherein the persistence key is sealed with a public key of the client system.
  - 10. The computer-readable media of claim 8, wherein the persistence key is sealed with a public key of the security-enabled processor.
  - 11. The computer-readable media of claim 8, wherein the persistence module is configured to transmit the sealed persistence key to the client system, and to cause the persistence module to receive an unsealed persistence key from the client system.
  - 12. The computer-readable media of claim 8, wherein persistence module is configured to unseal the sealed persistence key and to decrypt the encrypted checkpoint using the unsealed persistence key.
  - 13. The computer-readable media of claim 8, wherein the other secure execution environment was established on another computing system, and wherein the encrypted checkpoint and the sealed persistence key are provided as part of a migration of the other secure execution environment to the computing system.
  - 14. The computer-readable media of claim 8, wherein the other secure execution environment was established on the computing system, and wherein the encrypted checkpoint and the sealed persistence key are provided as part of a re-creation of the other secure execution environment.

15. A computing system comprising:
- memory;
  
  one or more processors, including a security-enabled processor configured to establish at least a hardware-protected memory area on the memory in an activation state to refrain from executing software not trusted by a client system, the hardware-protected memory area inaccessible to code that executes outside of the hardware-protected memory area, the hardware-protected memory area configured to execute non-kernel mode code; and
  
  a persistence module stored in the protected memory area and executable by the one or more processors to;
  
  receive from a host Operating System a request to persist an execution state of a secure execution environment executing within the protected memory area;
  
  cause, at least partly in response to the request, one or more threads associated with the execution state of the secure execution environment to quiesce;
  
  store state information of the execution state to the protected memory area;
  
  encrypt contents of the protected memory area, including the state information, to form an encrypted checkpoint, the encrypted checkpoint encrypted with a persistence key; and
  
  transmit to persistent storage the encrypted checkpoint and a sealed persistence key, the sealed persistence key derived at least partly from the persistence key.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computing system of claim 15, wherein the persistence key is sealed with a public key of the client system.
  - 17. The computing system of claim 15, wherein the persistence key is sealed with a public key of the security-enabled processor.
  - 18. The computing system of claim 15, wherein the request to persist the execution state is a request to migrate the secure execution environment to another computing system.
  - 19. The computing system of claim 15, wherein the request to persist the execution state is a request to re-create the secure execution environment on the computing system.
  - 20. The computing system of claim 19, wherein the hardware-protected memory area comprises a first hardware-protected memory area, and further comprising another persistence module stored on a second hardware-protected memory area established by the security-enabled processor, the other persistence module configured to:
    - receive the encrypted checkpoint and the sealed persistence key from persistent storage; and
      
      cause the sealed persistence key to be unsealed and to decrypt the encrypted checkpoint using the unsealed persistence key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Baumann, Andrew A., Hunt, Galen C., Peinado, Marcus

Granted Patent

US 9,425,965 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/164
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

H04L 9/3263   involving certificates, e.g...

CRYPTOGRAPHIC CERTIFICATION OF SECURE HOSTED EXECUTION ENVIRONMENTS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

159 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

CRYPTOGRAPHIC CERTIFICATION OF SECURE HOSTED EXECUTION ENVIRONMENTS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

159 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others