公开(公告)号：EP3210155B1

公开(公告)日：2019-08-07

申请号：EP15788524.5

申请日：2015-10-18

申请人： Microsoft Technology Licensing, LLC

发明人： THOM, Stefan ,  AIGNER, Ronald ,  MATTOON, Dennis J. ,  SCHAEFER, Stuart H. ,  KAPADIA, Merzin ,  SPIGER, Robert Karl ,  WOOTEN, David R. ,  ENGLAND, Paul

IPC分类号： G06F21/62 ,  G06F21/72 ,  H04L29/06 ,  G06F21/53 ,  H04L9/32

公开(公告)号：EP3097504A2

公开(公告)日：2016-11-30

申请号：EP15705111.1

申请日：2015-01-14

申请人： Microsoft Technology Licensing, LLC

发明人： AIGNER, Ronald ,  KANE, Kevin ,  THOM, Stefan

IPC分类号： G06F21/34 ,  G06F21/35 ,  H04L29/06 ,  G06F9/50

CPC分类号： H04L63/0853 ,  G06F9/5033 ,  G06F21/34 ,  G06F21/35 ,  H04L63/0823 ,  H04L63/0884 ,  H04L63/10 ,  H04W12/08

摘要： A computing device described herein utilizes a secure cryptoprocessor of the computing device to compute a response to a request for authorization received from another local or remote device. The secure cryptoprocessor computes the response based on protected authorization credentials stored by the secure cryptoprocessor for one or more devices. The computing device then provides the computed response to the other device to cause the other device to grant or deny authorization. The computing device may also display information associated with the request for authorization, receive input indicating approval of the request, and utilize the secure cryptoprocessor in response to the received input.

公开(公告)号：EP4384931A1

公开(公告)日：2024-06-19

申请号：EP22748133.0

申请日：2022-06-28

申请人： Microsoft Technology Licensing, LLC

发明人： SAKIB, Md. Nazmus ,  AIGNER, Ronald ,  CHEN, Ling Tony ,  WAXMAN, Peter David ,  WESTON, David Guy ,  KELLY, Bryan David

IPC分类号： G06F21/57 ,  G06F21/72

CPC分类号： G06F21/57 ,  G06F21/72

公开(公告)号：EP3033710B1

公开(公告)日：2020-09-23

申请号：EP14758738.0

申请日：2014-08-13

申请人： Microsoft Technology Licensing, LLC

发明人： THOM, Stefan ,  AIGNER, Ronald

IPC分类号： G06F21/57 ,  G06F21/62 ,  G06F21/12

公开(公告)号：EP3479283A1

公开(公告)日：2019-05-08

申请号：EP17735717.5

申请日：2017-06-22

申请人： Microsoft Technology Licensing, LLC

发明人： YOUNG, Robert D. ,  BARKELEW, Jonathan Bret ,  AIGNER, Ronald ,  MICHAUD, Alain L. ,  COX, Jeremiah J.

IPC分类号： G06F21/57 ,  G06F9/44 ,  H04L9/08

摘要： A device includes a reset resistant store and a trusted key service. The reset resistant store maintains data across various different device reset or data invalidation operations. The trusted key service maintains, for each of one or more operating systems that run on the device from a boot configuration, an encrypted key associated with the boot configuration. The device also has a master key that is specific to the device. Each of the keys associated with a boot configuration is encrypted using the master key. When booting the device, the boot configuration being run on the device is identified, and the key associated with that boot configuration is obtained (e.g., from the reset resistant store or the encrypted key vault). The master key is used to decrypt the obtained key, and the obtained key is used to decrypt secrets associated with the operating system run from the boot configuration.

公开(公告)号：EP4392886A1

公开(公告)日：2024-07-03

申请号：EP22747896.3

申请日：2022-07-05

申请人： Microsoft Technology Licensing, LLC

发明人： AIGNER, Ronald ,  VISWANATHAN, Giridhar ,  REUTHER, Lars ,  CARO, Alvin, Morales ,  ALTOBELLI, David, Kimler ,  MA, Dan

IPC分类号： G06F21/57 ,  G06F21/53 ,  G06F9/455

CPC分类号： G06F21/57 ,  G06F21/53 ,  G06F9/45558 ,  G06F2009/455720130101 ,  G06F2009/4558720130101

公开(公告)号：EP3227823A1

公开(公告)日：2017-10-11

申请号：EP15813949.3

申请日：2015-11-20

申请人： Microsoft Technology Licensing, LLC

发明人： THOM, Stefan ,  AIGNER, Ronald ,  KAPADIA, Merzin ,  SCHAEFER, Stuart H. ,  SPIGER, Robert Karl

IPC分类号： G06F21/64 ,  H04L9/08 ,  G06F21/57

摘要： Techniques for utilizing a trusted platform module of a host device are described. According to various embodiments, a client device that does not include a trusted platform module (TPM) may leverage a TPM of a host device to provide trust services to the client device.

摘要翻译： 描述了用于利用主机设备的可信平台模块的技术。 根据各种实施例，不包括可信平台模块（TPM）的客户端设备可以利用主机设备的TPM向客户端设备提供信任服务。

公开(公告)号：EP3210155A1

公开(公告)日：2017-08-30

申请号：EP15788524.5

申请日：2015-10-18

申请人： Microsoft Technology Licensing, LLC

发明人： THOM, Stefan ,  AIGNER, Ronald ,  MATTOON, Dennis J. ,  SCHAEFER, Stuart H. ,  KAPADIA, Merzin ,  SPIGER, Robert Karl ,  WOOTEN, David R. ,  ENGLAND, Paul

IPC分类号： G06F21/62 ,  G06F21/72 ,  H04L29/06

CPC分类号： H04L9/3247 ,  G06F21/53 ,  G06F21/629 ,  G06F21/72 ,  G06F2221/034 ,  H04L63/0428 ,  H04L63/0876 ,  H04L63/102

摘要： Techniques for a trust service for a client device are described. In various implementations, a trust service is implemented remotely from a client device and provides various trust-related functions to the client device. According to various implementations, communication between a client device and a remote trust service is authenticated by a client identifier (ID) that is maintained by both the client device and the remote trust service. In at least some implementations, the client ID is stored on a location of the client device that is protected from access by (e.g., is inaccessible to) device components such as an operating system, applications, and so forth. Thus, the client ID may be utilized to generate signatures to authenticate communications between the client device and the remote trust service.

摘要翻译： 描述了用于客户端设备的信任服务的技术。 在各种实现中，信任服务从客户端设备远程实现，并向客户端设备提供各种信任相关功能。 根据各种实现，客户端设备和远程信任服务之间的通信由客户端设备和远程信任服务两者维护的客户端标识符（ID）进行认证。 在至少一些实施方式中，客户端ID被存储在客户端设备的位置上，该位置被设备组件（诸如操作系统，应用等）（例如，不可访问）保护以免被访问。 因此，可以利用客户端ID来生成签名以认证客户端设备和远程信任服务之间的通信。

公开(公告)号：EP4081917A1

公开(公告)日：2022-11-02

申请号：EP20819992.7

申请日：2020-11-11

申请人： Microsoft Technology Licensing, LLC

发明人： AIGNER, Ronald ,  BALASUBRAMANYAN, Balaji

IPC分类号： G06F21/10

公开(公告)号：EP3251044B1

公开(公告)日：2020-10-21

申请号：EP16701221.0

申请日：2016-01-06

申请人： Microsoft Technology Licensing, LLC

发明人： THOM, Stefan ,  AIGNER, Ronald

IPC分类号： H04L9/32 ,  G06F21/57 ,  H04L9/08