公开(公告)号：US20230308299A1

公开(公告)日：2023-09-28

申请号：US18041285

申请日：2020-08-21

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Gaetan Wattiau ,  Thalia May Laing ,  Joshua Serratelli Schiffman

IPC: H04L9/32 ,  H04L9/30

CPC classification number: H04L9/3271 ,  H04L9/3073 ,  H04L9/3247

Abstract: A system, comprising an authentication module to generate a challenge to authenticate a user, the challenge to be distributed to members of a set of verifying parties; and grant the user access to a resource upon receiving an authenticating response to the challenge; and a combiner module to receive partial responses from members of the set of verifying parties upon verification of the user by each member, the verification made using a provided contextual identifier of the user; based on the partial responses reaching a threshold number of responses, combine the partial responses to obtain a combined response, and provide the combined response to the authentication module as an authenticating response to the challenge.

公开(公告)号：US20220138304A1

公开(公告)日：2022-05-05

申请号：US17415231

申请日：2020-06-23

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Gaetan Wattiau ,  Joshua Serratelli Schiffman ,  Thalia Laing ,  Boris Balacheff

IPC: G06F21/34

Abstract: In an example there is provided a method of authenticating a user. An authentication challenge is received in response to a request to authenticate a user. The challenge is distributed to each device from a subset of a set of registered devices. At each device a share of an authentication token is accessed and a partial response to the challenge is generated based on an authentication token and challenge. A response to the challenge is generated by combining the partial responses from the subset of devices, and is communicated to an authenticator. The user is authenticated when the subset of devices is an authorised subset. Every authorised subset of the set of registered devices comprises at least one device from the first group of devices.

公开(公告)号：US20220108014A1

公开(公告)日：2022-04-07

申请号：US17414488

申请日：2019-06-26

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Joshua Serratelli Schiffman ,  Thalia Laing ,  Gaetan Wattiau

IPC: G06F21/57

Abstract: In an example, a method includes requesting, from a node associated with a group comprising a plurality of computing devices associated with an access structure defining a set within the group of computing devices, an attestation of a capability of the set; receiving the attestation; and implementing, based on the received attestation, a procedure according to a device capability policy.

公开(公告)号：US12192384B2

公开(公告)日：2025-01-07

申请号：US18041285

申请日：2020-08-21

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Gaetan Wattiau ,  Thalia May Laing ,  Joshua Serratelli Schiffman

IPC: H04L9/32 ,  H04L9/30

Abstract: A system, comprising an authentication module to generate a challenge to authenticate a user, the challenge to be distributed to members of a set of verifying parties; and grant the user access to a resource upon receiving an authenticating response to the challenge; and a combiner module to receive partial responses from members of the set of verifying parties upon verification of the user by each member, the verification made using a provided contextual identifier of the user; based on the partial responses reaching a threshold number of responses, combine the partial responses to obtain a combined response, and provide the combined response to the authentication module as an authenticating response to the challenge.

公开(公告)号：US20230289478A1

公开(公告)日：2023-09-14

申请号：US18041181

申请日：2020-08-28

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Joshua Serratelli Schiffman ,  Carey Huscroft ,  Gaetan Wattiau

IPC: G06F21/64 ,  G06F21/60 ,  G06F21/44

CPC classification number: G06F21/64 ,  G06F21/44 ,  G06F21/602

Abstract: In an example, a tangible machine-readable medium includes instructions which, when executed on at least one processor, cause the at least one processor to obtain an attestation public key bound to an identity associated with a root of trust of a platform. The instructions further cause the at least one processor to obtain a trusted time stamp associated with data collection by the platform. The instructions further cause the at least one processor to generate a signed measurement based on a trusted input as a nonce.

公开(公告)号：US11314877B2

公开(公告)日：2022-04-26

申请号：US17058153

申请日：2018-10-25

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Thalia Laing ,  Joshua Serratelli Schiffman ,  Gaetan Wattiau

IPC: G06F21/60 ,  G06F3/12 ,  H04L9/08

Abstract: A network printing system comprising a user device to encrypt a print job using a public key of a user and to transmit the encrypted print job to a print server. The system may further comprise the print server to re-encrypt the encrypted print job using the re-encryption key. The system may further comprise the printer to decrypt the re-encrypted print job using a private key of the printer and print the decrypted print job.

公开(公告)号：US20210306157A1

公开(公告)日：2021-09-30

申请号：US17260270

申请日：2018-11-01

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Gaetan Wattiau ,  Joshua Serratelli Schiffman

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/08

Abstract: According to aspects of the present disclosure, there is provided methods and devices for enrolling a device into a network, including a device comprising a secure storage comprising a device identifier and a public key, and a controller configured to: retrieve a proof-of-ownership certificate comprising a cryptographic binding between the device identifier and an owner identifier based on a secret key corresponding to the stored public key, authenticate the proof-of-ownership certificate based on the stored device identifier and public key, establish an authenticated communication channel with a device manager based on the authenticated proof-of-ownership certificate, and receive setup information from the device manager to enrol the device on the network.

公开(公告)号：US20240305634A1

公开(公告)日：2024-09-12

申请号：US18180744

申请日：2023-03-08

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Gaetan Wattiau ,  Joshua Serratelli Schiffman ,  Adrian John Baldwin ,  Derek Lukasik

IPC: H04L9/40

CPC classification number: H04L63/0876 ,  H04L63/20

Abstract: A cluster enrollment system remote to a device cluster performs a cluster enrollment process according to a cluster enrollment policy to determine whether a target device is authenticated to join the device cluster.

公开(公告)号：US20240103970A1

公开(公告)日：2024-03-28

申请号：US17934812

申请日：2022-09-23

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Gaetan Wattiau ,  Adrian John Baldwin ,  Stuart Lees

IPC: G06F11/14 ,  G06F9/4401

CPC classification number: G06F11/1417 ,  G06F9/4403 ,  G06F9/4406 ,  G06F2201/805

Abstract: In an example, a computing device includes a processor which in a reimaging operation of the computing device, may determine if a backup image to be used in the reimaging operation is available from a memory device connected to a local area network of the computing device. When the backup image is available from the memory device, the processor may acquire the backup image over the local area network. When the backup image is not available from the memory device, the processor may determine if a backup image is available from a wide area network of the computing device.

公开(公告)号：US20230052608A1

公开(公告)日：2023-02-16

申请号：US17758594

申请日：2020-01-24

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Gaetan Wattiau ,  Thalia May Laing ,  Joshua Serratelli Schiffman

IPC: G06F21/57 ,  H04L9/32

Abstract: According to aspects of the present disclosure, there is provided methods and devices for verifying integrity of a remote device, including a method comprising generating a first nonce value, transmitting the first nonce value, receiving a message from the remote device, the message comprising measurements of a configuration of the remote device and a cryptographic signature based on a private key of a public-private key pair of the remote device and a second nonce value, determining that the second nonce value was generated based on the first nonce value, and verifying the cryptographic signature based on the second nonce value and a public key of the public-private key pair of the remote device.