公开(公告)号：US12086898B2

公开(公告)日：2024-09-10

申请号：US16792989

申请日：2020-02-18

Applicant: Microsoft Technology Licensing, LLC

Inventor： Henrique S. Malvar ,  Paul England ,  Eric J. Horvitz

IPC: G06T1/00 ,  G10L15/26 ,  G10L19/018

CPC classification number: G06T1/0042 ,  G10L15/26 ,  G10L19/018

Abstract: Systems and methods to determine when a media is a high-fidelity reproduction of an original media from a trusted entity are disclosed. In certain aspects, systems and method for generating a fragile watermark are disclosed. The fragile watermark may be inserted into digital media in a manner such that the watermark cannot be identified if the media content is significantly altered. Media content may be subsequently analyzed to determine the presence of a fragile watermark. When the fragile watermark is present, provenance of the media content can be verified and an indication of provenance is provided to the user.

公开(公告)号：US09953167B2

公开(公告)日：2018-04-24

申请号：US14880746

申请日：2015-10-12

Applicant: Microsoft Technology Licensing, LLC

Inventor： David R Wooten ,  Andrey Marochko ,  Dennis Mattoon ,  Paul England

IPC: G06F9/00 ,  G06F15/177 ,  G06F21/57 ,  G06F9/44 ,  H04L9/08 ,  H04L9/32 ,  G06F21/51 ,  G06F11/14

CPC classification number: G06F21/575 ,  G06F9/4406 ,  G06F11/1417 ,  G06F21/51 ,  H04L9/0861 ,  H04L9/0866 ,  H04L9/0891 ,  H04L9/3263

Abstract: Systems and methods facilitating a framework that provides a core trusted computing base (TCB) of an electronic device with various security capabilities. The framework can include a low-resource device and at least one distributed resource. The low-resource device can be configured to generate sealing keys, migration keys, and attestation keys that are based on a device secret associated with the low-resource device and one or more software modules. The low-resource device can further be configured to use the migration keys and the sealing keys to both verify a software update and migrate secrets from a previous version of the software to a newer version of the software. Additionally, the low-resource device can be configured to generate an attestation statement using the attestation keys and perform attestation using the attestation statement and the at least one distributed resource.

公开(公告)号：US09633210B2

公开(公告)日：2017-04-25

申请号：US14230812

申请日：2014-03-31

Applicant: Microsoft Technology Licensing, LLC

Inventor： Niels T. Ferguson ,  Magnus Bo Gustaf Nystrom ,  Dave M. McPherson ,  Paul England ,  Mark Fishel Novak

IPC: G06F21/60 ,  G06F21/57 ,  H04L9/08

CPC classification number: H04L9/0861 ,  G06F9/4401 ,  G06F21/57 ,  G06F21/575 ,  G06F21/602 ,  H04L9/0836 ,  H04L9/0866 ,  H04L9/3234 ,  H04L2209/38

Abstract: A keying infrastructure may generate and/or manage cryptographic keys. The cryptographic keys may include identity keys, encryption keys, and a variety of other types of keys. The cryptographic keys may be derived or created with a key derivation function (KDF) or other one-way function. The cryptographic keys may include keys that are accessible to a boot loader, keys that are accessible to particular components of a Trusted Execution Environment (TrEE), and so on. In some examples, a key may be derived from a preceding key in a sequence of keys. The preceding key may be deleted when the key is derived.

公开(公告)号：US11316694B2

公开(公告)日：2022-04-26

申请号：US16366461

申请日：2019-03-27

Applicant: Microsoft Technology Licensing, LLC

Inventor： Stefan Thom ,  Brian Clifford Telfer ,  Paul England ,  Dennis James Mattoon ,  Marcus Peinado

IPC: H04L9/32 ,  G06F8/65 ,  G06F9/4401 ,  G06F21/56

Abstract: A computing device's trusted platform module (TPM) is configured with a cryptographic watchdog timer which forces a device reset if the TPM fails to solve a cryptographic challenge before the expiration of the timer. The computing device's TPM is configured to generate the cryptographic challenge, to which the computing device does not possess the cryptographic token for resolution. While the watchdog timer counts down, the computing device requests a cryptographic token from a remote service to solve the challenge. The remote service transmits the cryptographic token to the computing device so long as the remote service identifies no reason to withhold the token, such as the computing device being infected with malware. The interoperability of the computing device and remote service enables the remote service to exercise control and reset capabilities over the computing device.

公开(公告)号：US09917687B2

公开(公告)日：2018-03-13

申请号：US14880813

申请日：2015-10-12

Applicant: Microsoft Technology Licensing, LLC

Inventor： David R Wooten ,  Andrey Marochko ,  Dennis Mattoon ,  Paul England

IPC: H04L9/00 ,  G06F9/445 ,  G06F21/57 ,  G06F21/71 ,  H04L9/08

CPC classification number: H04L9/002 ,  G06F8/65 ,  G06F21/57 ,  G06F21/575 ,  G06F21/71 ,  G06F2221/034 ,  H04L9/0869

Abstract: Systems and methods facilitating a framework that provides a core trusted computing base (TCB) of an electronic device with various security capabilities. The framework can include a low-resource device and at least one distributed resource. The low-resource device can be configured to generate sealing keys, migration keys, and attestation keys that are based on a device secret associated with the low-resource device and one or more software modules. The low-resource device can further be configured to use the migration keys and the sealing keys to both verify a software update and migrate secrets from a previous version of the software to a newer version of the software. Additionally, the low-resource device can be configured to generate an attestation statement using the attestation keys and perform attestation using the attestation statement and the at least one distributed resource.

公开(公告)号：US09477486B2

公开(公告)日：2016-10-25

申请号：US14462113

申请日：2014-08-18

Applicant: Microsoft Technology Licensing, LLC

Inventor： Himanshu Raj ,  Stefan Saroiu ,  Alastair Wolman ,  Paul England ,  Anh M. Nguyen ,  Shravan Rayanchu

IPC: G06F9/44 ,  G06F9/45 ,  G06F21/57 ,  G06F21/50 ,  G06F21/53 ,  G06F9/455

CPC classification number: G06F9/4406 ,  G06F9/4416 ,  G06F9/45533 ,  G06F9/45558 ,  G06F21/50 ,  G06F21/53 ,  G06F21/57 ,  G06F21/575 ,  G06F2009/45587 ,  G06F2221/034 ,  G06F2221/2105 ,  G06F2221/2149

Abstract: In a cloud computing environment, a production server virtualization stack is minimized to present fewer security vulnerabilities to malicious software running within a guest virtual machine. The minimal virtualization stack includes support for those virtual devices necessary for the operation of a guest operating system, with the code base of those virtual devices further reduced. Further, a dedicated, isolated boot server provides functionality to securely boot a guest operating system. The boot server is isolated through use of an attestation protocol, by which the boot server presents a secret to a network switch to attest that the boot server is operating in a clean mode. The attestation protocol may further employ a secure co-processor to seal the secret, so that it is only accessible when the boot server is operating in the clean mode.

Abstract translation: 在云计算环境中，最小化生产服务器虚拟化堆栈，以减少在虚拟机中运行的恶意软件的安全漏洞。 最小的虚拟化堆栈包括对客户操作系统的操作所需的那些虚拟设备的支持，这些虚拟设备的代码基础进一步减少。 此外，专用的隔离引导服务器提供安全引导客户机操作系统的功能。 引导服务器通过使用认证协议进行隔离，引导服务器向网络交换机提供秘密，以证明引导服务器以干净的模式运行。 认证协议可以进一步采用安全协处理器来密封秘密，使得仅当引导服务器以干净模式操作时才可访问。

公开(公告)号：US09311483B2

公开(公告)日：2016-04-12

申请号：US14068996

申请日：2013-10-31

Applicant: Microsoft Technology Licensing, LLC

Inventor： Thekkthalackal Varugis Kurien ,  Paul England ,  Ravindra Nath Pandya ,  Niels Ferguson

IPC: G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00 ,  G06F21/57 ,  G06F9/50

CPC classification number: G06F21/57 ,  G06F9/5077 ,  G06F2221/2149

Abstract: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.

公开(公告)号：US10791128B2

公开(公告)日：2020-09-29

申请号：US15718393

申请日：2017-09-28

Applicant: Microsoft Technology Licensing, LLC

Inventor： Svetlana Gaivoronski ,  Paul England ,  Mohamed Rouatbi ,  Mariusz H. Jakubowski ,  Marcus Peinado ,  Julian Federico Gonzalez, Jr.

IPC: H04L29/06 ,  G06F21/56 ,  H04L12/26

Abstract: A process to detect intrusions with an intrusion detection system is disclosed. The intrusion detection system identifies instance types, and each instance type includes an instance. A know compromised instance is identified from the plurality of instances. A link between the plurality instance types is traversed from the compromised instance to discover an additional compromised instance.

公开(公告)号：US10440006B2

公开(公告)日：2019-10-08

申请号：US15629139

申请日：2017-06-21

Applicant: Microsoft Technology Licensing, LLC

Inventor： Stefan Thom ,  Robert Karl Spiger ,  Dennis Mattoon ,  Paul England

IPC: H04L29/06 ,  G01G19/44 ,  G06F21/57 ,  H04L9/32 ,  H04W12/12 ,  G06F8/65 ,  H04W12/10

Abstract: A smart device, connected device, Internet of Things (IoT) device, etc. is configured with an embedded certificate authority. The embedded certificate authority generates a compound certificate that is signed at least by a manufacturer certificate securely stored on the device. The compound certificate includes a representation of a state of the device, which is based on one or more measurements of code executable on the device. The compound certificate may be used by an external device communicating with the smart device to determine whether the device is in a trusted state. Because the compound certificate is chained to a manufacturer certificate, the external device can communicate with the manufacturer (or an employed party) to determine whether the state of the device should be trusted.

公开(公告)号：US10419216B2

公开(公告)日：2019-09-17

申请号：US15458543

申请日：2017-03-14

Applicant: Microsoft Technology Licensing, LLC

Inventor： Niels T. Ferguson ,  Magnus Bo Gustaf Nystrom ,  Dave M. McPherson ,  Paul England ,  Mark Fishel Novak

IPC: G06F21/00 ,  H04L9/08 ,  G06F21/57 ,  G06F21/60 ,  G06F9/4401 ,  H04L9/32

Abstract: A keying infrastructure may generate and/or manage cryptographic keys. The cryptographic keys may include identity keys, encryption keys, and a variety of other types of keys. The cryptographic keys may be derived or created with a key derivation function (KDF) or other one-way function. The cryptographic keys may include keys that are accessible to a boot loader, keys that are accessible to particular components of a Trusted Execution Environment (TrEE), and so on. In some examples, a key may be derived from a preceding key in a sequence of keys. The preceding key may be deleted when the key is derived.