STATELESS ATTESTATION SYSTEM
0 Assignments
0 Petitions
Accused Products
Abstract
A method includes assessing a trustworthiness level of a user computer by communication between the user computer and a first server. A record indicating the trustworthiness level is sent from the first server to the user computer, for storage by the user computer. A request is sent from the user computer to a second server, different from the first server, for a service to be provided to the user computer by the second server. The record is provided from the user computer to the second server by communicating between the user computer and the second server. At the second server, the trustworthiness level is extracted from the record, and the requested service is conditionally allowed to be provided to the user computer depending on the extracted trustworthiness level.
8 Citations
39 Claims
-
1-24. -24. (canceled)
-
25. A method comprising:
-
a mobile computing device receiving an attestation record from a first server via a first operating environment in response to the first server verifying trustworthiness of the mobile computing device, wherein the mobile computing device comprises the first operating environment and a second operating environment isolated from the first operating environment; the mobile computing device storing the attestation record within a trusted platform module (TPM) via the first operating environment; the mobile computing device requesting access to a service of a second server over a network via the second operating environment; the mobile computing device receiving an attestation request from the second server, via the second operating environment, in response to requesting access to the service; the mobile computing device obtaining the attestation record from the TPM, via the first operating environment; the mobile computing device transmitting the attestation record to the second server via the first operating environment; and the mobile computing device receiving access to the service in response to the second server verifying the attestation record. - View Dependent Claims (26, 27, 28, 29)
-
-
30. At least one computer readable storage medium that stores instructions, which when executed, cause one or more processors to:
-
receive an attestation record from a first server via a first operating environment in response to the first server verifying trustworthiness of a mobile computing device, wherein the mobile computing device comprises the first operating environment and a second operating environment isolated from the first operating environment; store the attestation record within a trusted platform module (TPM) via the first operating environment; request access to a service of a second server over a network via the second operating environment; receive an attestation request from the second server, via the second operating environment, in response to requesting access to the service; obtain the attestation record from the TPM, via the first operating environment; transmit the attestation record to the second server via the first operating environment; and receive access to the service in response to the second server verifying the attestation record. - View Dependent Claims (31, 32, 33, 34)
-
-
35. A mobile computing device comprising:
-
a first operating environment; a second operating environment isolated from the first operating environment; a secure storage device to locally store an attestation record received from a first server; and a network interface device to communicate with a first over a network and a second server separate from the second server, the mobile computing device to; communicate with the first server to verify a trustworthiness of the mobile computing device, receive the attestation record from the first server, via the first operating environment, in response to the first server verifying trustworthiness of the mobile computing device; store the attestation record within a trusted platform module (TPM) via the first operating environment; request access to a service of a second server over a network via the Second operating environment; receive an attestation request from the second server, via the second operating environment, in response to requesting access to the service; obtain the attestation record from the TPM, via the first operating environment; transmit the attestation record to the second server via the first operating environment; and receive access to the service in response to the second server verifying the attestation record. - View Dependent Claims (36, 37, 38, 39)
-
Specification