发明授权
US07174457B1 System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party
有权
将操作系统认证到中央处理单元的系统和方法,向CPU / OS提供安全存储,并将CPU / OS认证给第三方
- 专利标题: System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party
- 专利标题(中): 将操作系统认证到中央处理单元的系统和方法,向CPU / OS提供安全存储,并将CPU / OS认证给第三方
-
申请号: US09266207申请日: 1999-03-10
-
公开(公告)号: US07174457B1公开(公告)日: 2007-02-06
- 发明人: Paul England , John D. DeTreville , Butler W. Lampson
- 申请人: Paul England , John D. DeTreville , Butler W. Lampson
- 申请人地址: US WA Redmond
- 专利权人: Microsoft Corporation
- 当前专利权人: Microsoft Corporation
- 当前专利权人地址: US WA Redmond
- 代理机构: Lee & Hayes, PLLC
- 主分类号: H04L9/00
- IPC分类号: H04L9/00
摘要:
A general-purpose processor (CPU) is configured with a new mechanism facilitating an authenticated boot sequence that provides building blocks for client-side rights management when the system is online, and provides continued protection of persistent data even when the system goes offline or is rebooted. The CPU includes a cryptographic key pair, and a manufacturer certificate testifying that the manufacturer built the CPU according to a known specification. The operating system (OS) includes a unique block of code, or “boot block” that can establish OS identity by extraction from a digitally signed boot block or by computing a hash digest of the boot block. During booting, the CPU executes a single opcode, followed by the boot block, as an atomic operation to set the identity of the OS into the software identity register. The subscriber unit then can establish a chain of trust to a content provider.
信息查询
