公开(公告)号：US20180183586A1

公开(公告)日：2018-06-28

申请号：US15392205

申请日：2016-12-28

Applicant: Intel Corporation

Inventor： Abhilasha Bhargav-Spantzel ,  Ned M. Smith ,  Hormuzd M. Khosravi ,  Sze Yiu Chau

IPC: H04L9/08 ,  G06F21/32 ,  H04L9/32

CPC classification number: H04L9/0861 ,  G06F21/32 ,  G06F21/33 ,  G06F2221/2111 ,  H04L9/0866 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/0823 ,  H04L2463/082

Abstract: Various systems and methods for performing cryptographic operations based on an authentication policy are discussed. In an example, an authentication policy for implementing a user authentication factor (or multiple factors) may be deployed at a client computing device to control generation and use of a cryptographic key. Operations for generating a cryptographic key in accordance with an authentication policy may include: receiving the authentication policy from a policy broker, generating the cryptographic key in response to receipt of the user authentication factor defined by the authentication policy, generating attestation data that indicates compliance with the authentication policy, and communicating the attestation data to the policy broker. Operations for using the cryptographic key in accordance with the authentication policy may include: receiving a request to access the cryptographic key, and accessing the cryptographic key in response to successful receipt of the user authentication factor defined by the authentication policy.