-
公开(公告)号:US09003513B1
公开(公告)日:2015-04-07
申请号:US13829585
申请日:2013-03-14
Applicant: Google Inc.
Inventor: Steven Paul Houtchens , Sumit Gwalani , Tan Gao , Willis Ransom Calkins
CPC classification number: G06F1/3206 , G06F21/57 , G06F21/72 , G06F21/81 , G06F2221/2107 , G06F2221/2153 , G09C1/00 , H04L9/00 , H04L43/50 , H04L2209/56
Abstract: Aspects of the subject technology relate to a compliance station including a test breakout board coupled to a computing device and a trusted platform module, wherein the test breakout board is configured to allow signaling to pass between the computing device and the trusted platform module and a test controller interface coupled to the test breakout board. In certain aspects, the test controller interface is configured to provide signaling to the trusted platform module and to receive signaling from the trusted platform module. A method and computer-readable medium are also provided.
Abstract translation: 主题技术的方面涉及包括耦合到计算设备和可信平台模块的测试分组板的合规站,其中测试分组板被配置为允许信令在计算设备和可信平台模块之间通过,并且测试 控制器接口耦合到测试分支板。 在某些方面,测试控制器接口被配置为向可信平台模块提供信令并从可信平台模块接收信令。 还提供了一种方法和计算机可读介质。
-
公开(公告)号:US20150012738A1
公开(公告)日:2015-01-08
申请号:US14330902
申请日:2014-07-14
Applicant: GOOGLE INC.
Inventor: Gaurav Shah , William Drewry , Randall Spangler , Ryan Tabone , Sumit Gwalani , Luigi Semenzato
CPC classification number: G06F21/575 , G06F21/554 , G06F21/64 , G06F21/74 , H04L9/30 , H04L9/3236 , H04L9/3247
Abstract: Methods and apparatus for verifying a boot process of a computing system are disclosed. An example computer-implemented method includes reading, by a computing system during a boot process, a header section of a read-write portion of firmware of the computing system. The example method further includes generating, using a first cryptographic hash algorithm, a message digest corresponding with the header. The example method also includes decrypting, using a first public-key, an encrypted signature corresponding with the header. The example method still further includes comparing the message digest corresponding with the header and the decrypted signature corresponding with the header. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header match, the example method includes continuing the boot process. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header do not match, the example method includes halting the boot process.
Abstract translation: 公开了用于验证计算系统的引导过程的方法和装置。 计算机实现的示例的示例包括在引导过程期间由计算系统读取计算系统的固件的读写部分的头部。 该示例方法还包括使用第一加密散列算法生成与该报头对应的消息摘要。 示例性方法还包括使用第一公开密钥来解密与该标题相对应的加密签名。 该示例方法还包括比较与该标题相对应的消息摘要和与标题对应的解密签名。 在与标题对应的消息摘要和与标题相对应的解密签名匹配的情况下,示例方法包括继续引导过程。 在与标题对应的消息摘要和与标题相对应的解密签名不匹配的情况下,示例方法包括暂停引导过程。
-
Patent Agency Ranking
公开(公告)号:US10021092B1
公开(公告)日:2018-07-10
申请号:US15060521
申请日:2016-03-03
Applicant: Google Inc.
Inventor: Randall R. Spangler , Sumit Gwalani
CPC classification number: H04L63/0838 , G06F21/31 , G06F21/35 , H04L63/083
Abstract: Systems and methods for providing access to secure information are disclosed. In one aspect, a computer-implemented method for providing access to secure information comprises receiving a first one-time password (OTP) from a computing device, and verifying whether the first OTP is valid. The method also comprises, if the first OTP is valid, performing the steps of generating a second OTP for accessing the secure information, and transmitting the second OTP to the computing device. In another aspect, a computer-implemented method for providing access to secure information comprises generating a first one-time password (OTP), and transmitting the first OTP to an OTP device. The method also comprises, in response to the first OTP, receiving a second OTP from the OTP device, and sending the second OTP to a system that controls access to the secure information, wherein the first OTP is different from the second OTP.
-
公开(公告)号:US09768966B2
公开(公告)日:2017-09-19
申请号:US14821616
申请日:2015-08-07
Applicant: Google Inc.
Inventor: Darren David Krahn , William Alexander Drewry , Sumit Gwalani
CPC classification number: H04L9/3247 , G06F21/445 , G06F21/57 , H04L9/0825 , H04L9/0877 , H04L9/0897 , H04L9/3234 , H04L9/3268 , H04L63/0428 , H04L63/0823 , H04L63/123
Abstract: Techniques for peer to peer attestation are provided. An example method includes receiving, at a first device, a discovery message from a second device, based on the discovery message, establishing a communication channel between the first device and the second device, receiving, at the first device, identity information from the second device, the identity information including one or more of: a trusted platform module (TPM) endorsement key certificate, a public portion of an identity key, one or more platform control register (PCR) values or a quote of the PCR values with the identity key, verifying, at the first device, one or more of the PCR values, the quote or the endorsement key certificate and authenticating one or more of the communication channel or the identity information of the second device based on the verification of a signature received from the second device.
-
公开(公告)号:US09497291B2
公开(公告)日:2016-11-15
申请号:US13771011
申请日:2013-02-19
Applicant: Google Inc.
Inventor: Jayendran Srinivasan , Glenn Wilson , Sumit Gwalani , Mark Alan Larson
CPC classification number: H04L67/34 , H04L67/325
Abstract: Methods for scheduling data download requests for a device are provided. In one aspect, a method includes assigning to a device a first wait period of a random length below a first pre-determined maximum value, and receiving a notification that data is available for download to the device. The method also includes determining whether an amount of time elapsed since the data was made available for download to the device exceeds the first wait period, and when the determination indicates that the amount of time elapsed since the data was made available for download exceeds the first wait period, downloading the data available for the device. Systems and machine-readable media are also provided.
Abstract translation: 提供了一种调度设备数据下载请求的方法。 一方面,一种方法包括向设备分配低于第一预定最大值的随机长度的第一等待周期,以及接收数据可用于下载到设备的通知。 该方法还包括确定从数据可用于下载到设备之后经过的时间量是否超过第一等待周期,并且当确定指示从数据可用于下载以来经过的时间量超过第一等待时间时 等待期间,下载可用于设备的数据。 还提供系统和机器可读介质。
-
公开(公告)号:US09483647B2
公开(公告)日:2016-11-01
申请号:US14330902
申请日:2014-07-14
Applicant: GOOGLE INC.
Inventor: Gaurav Shah , William Drewry , Randall Spangler , Ryan Tabone , Sumit Gwalani , Luigi Semenzato
CPC classification number: G06F21/575 , G06F21/554 , G06F21/64 , G06F21/74 , H04L9/30 , H04L9/3236 , H04L9/3247
Abstract: Methods and apparatus for verifying a boot process of a computing system are disclosed. An example computer-implemented method includes reading, by a computing system during a boot process, a header section of a read-write portion of firmware of the computing system. The example method further includes generating, using a first cryptographic hash algorithm, a message digest corresponding with the header. The example method also includes decrypting, using a first public-key, an encrypted signature corresponding with the header. The example method still further includes comparing the message digest corresponding with the header and the decrypted signature corresponding with the header. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header match, the example method includes continuing the boot process. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header do not match, the example method includes halting the boot process.
Abstract translation: 公开了用于验证计算系统的引导过程的方法和装置。 计算机实现的示例的示例包括在引导过程期间由计算系统读取计算系统的固件的读写部分的头部。 该示例方法还包括使用第一加密散列算法生成与该报头对应的消息摘要。 示例性方法还包括使用第一公开密钥来解密与该标题相对应的加密签名。 该示例方法还包括比较与该标题相对应的消息摘要和与标题对应的解密签名。 在与标题对应的消息摘要和与标题相对应的解密签名匹配的情况下,示例方法包括继续引导过程。 在与标题对应的消息摘要和与标题相对应的解密签名不匹配的情况下,示例方法包括暂停引导过程。
-
公开(公告)号:US20150207902A1
公开(公告)日:2015-07-23
申请号:US13771011
申请日:2013-02-19
Applicant: Google Inc.
Inventor: Jayendran Srinivasan , Glenn Wilson , Sumit Gwalani , Mark Alan Larson
IPC: H04L29/08
CPC classification number: H04L67/34 , H04L67/325
Abstract: Methods for scheduling data download requests for a device are provided. In one aspect, a method includes assigning to a device a first wait period of a random length below a first pre-determined maximum value, and receiving a notification that data is available for download to the device. The method also includes determining whether an amount of time elapsed since the data was made available for download to the device exceeds the first wait period, and when the determination indicates that the amount of time elapsed since the data was made available for download exceeds the first wait period, downloading the data available for the device. Systems and machine-readable media are also provided.
Abstract translation: 提供了一种调度设备数据下载请求的方法。 一方面,一种方法包括向设备分配低于第一预定最大值的随机长度的第一等待周期,以及接收数据可用于下载到设备的通知。 该方法还包括确定从数据可用于下载到设备之后经过的时间量是否超过第一等待周期,并且当确定指示从数据可用于下载以来经过的时间量超过第一等待时间时 等待期间,下载可用于设备的数据。 还提供系统和机器可读介质。
-
-
-
-
-
-
Search Results
17
records
(took 0.018 seconds)
