发明授权
- 专利标题: Local secure service partitions for operating system security
- 专利标题(中): 用于操作系统安全的本地安全服务分区
-
申请号: US11097697申请日: 2005-04-01
-
公开(公告)号: US08619971B2公开(公告)日: 2013-12-31
- 发明人: Thekkthalackal Varugis Kurien , Paul England , Ravindra Nath Pandya , Niels Ferguson
- 申请人: Thekkthalackal Varugis Kurien , Paul England , Ravindra Nath Pandya , Niels Ferguson
- 申请人地址: US WA Redmond
- 专利权人: Microsoft Corporation
- 当前专利权人: Microsoft Corporation
- 当前专利权人地址: US WA Redmond
- 代理机构: Woodcock Washburn, LLC
- 主分类号: H04K1/04
- IPC分类号: H04K1/04 ; H04K1/06
摘要:
Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.