-
公开(公告)号:US20060256107A1
公开(公告)日:2006-11-16
申请号:US11171856
申请日:2005-06-29
申请人: Vincent Scarlata , Willard Wiseman
发明人: Vincent Scarlata , Willard Wiseman
IPC分类号: G06T1/00
摘要: A virtual manufacturer authority is launched in a protected portion of a processing system. A key for the virtual manufacturer authority is created. The key is protected by a security coprocessor of the processing system, such as a trusted platform module (TPM). Also, the key is bound to a current state of the virtual manufacturer authority. A virtual security coprocessor is created in the processing system. A delegation request is transmitted from the processing system to an external processing system, such as a certificate authority (CA). After transmission of the delegation request, the key is used to attest to trustworthiness of the virtual security coprocessor. Other embodiments are described and claimed.
-
公开(公告)号:US08032942B2
公开(公告)日:2011-10-04
申请号:US11967300
申请日:2007-12-31
申请人: Ned Smith , Willard Wiseman , Alok Kumar , Tasneem Brutch , Vincent Scarlata , Faraz Siddiqi
发明人: Ned Smith , Willard Wiseman , Alok Kumar , Tasneem Brutch , Vincent Scarlata , Faraz Siddiqi
CPC分类号: G06F21/572 , G06F21/57 , G06F2221/2101
摘要: Systems, methods and machine readable media for configuring virtual platform modules are disclosed. One method includes launching a virtual machine monitor, and determining, with the virtual machine monitor, whether a configuration policy that defines a configuration for a virtual trusted platform module is trusted. The method further includes configuring the virtual trusted platform module per the configuration policy in response to the virtual machine monitor determining that the configuration policy is trusted. The method also includes launching, via the virtual machine monitor, a virtual machine associated with the virtual trusted platform module.
摘要翻译: 公开了用于配置虚拟平台模块的系统,方法和机器可读介质。 一种方法包括启动虚拟机监视器,并且利用虚拟机监视器确定定义虚拟可信平台模块的配置的配置策略是否被信任。 该方法还包括根据虚拟机监视器确定配置策略被信任来配置每个配置策略的虚拟可信平台模块。 该方法还包括通过虚拟机监视器启动与虚拟可信平台模块相关联的虚拟机。
-
公开(公告)号:US20060020781A1
公开(公告)日:2006-01-26
申请号:US10876994
申请日:2004-06-24
申请人: Vincent Scarlata , Carlos Rozas
发明人: Vincent Scarlata , Carlos Rozas
IPC分类号: G06F1/24
CPC分类号: G06F21/57 , G06F9/45558 , G06F21/53 , G06F2009/45587
摘要: A method and a related apparatus provide a virtual trusted platform module (TPM). In an example embodiment, a virtual TPM service creates a virtual TPM for use in a processing system that contains a physical TPM. The virtual TPM service may store a key for the virtual TPM in the physical TPM. The virtual TPM service may then use the virtual TPM to provide emulated physical TPM features. In one embodiment, the virtual TPM service may use the virtual TPM to emulate a physical TPM for a virtual machine in the processing system. Other embodiments are described and claimed.
-
公开(公告)号:US20090086979A1
公开(公告)日:2009-04-02
申请号:US11864512
申请日:2007-09-28
申请人: Tasneem Brutch , Alok Kumar , Vincent Scarlata , Faraz A. Siddiqi , Ned M. Smith , Willard M. Wiseman
发明人: Tasneem Brutch , Alok Kumar , Vincent Scarlata , Faraz A. Siddiqi , Ned M. Smith , Willard M. Wiseman
IPC分类号: H04L9/08
CPC分类号: H04L9/0836 , H04L2209/127
摘要: The present subject matter related to trusted computing, and more particularly, to virtual trusted platform module keys rooted in a hardware trusted platform module. Some embodiments include a trusted platform virtualization module operable to capture virtual machine trusted platform module calls and operates to generate, maintain, and utilize hardware trusted platform module keys on behalf of the one or more virtual machines. Some embodiments include virtual trusted platform module keys having a public portion on top of an private portion including an encrypted hardware trusted platform module key.
摘要翻译: 与可信计算相关的本主题,更具体地,涉及植根于硬件可信平台模块中的虚拟可信平台模块键。 一些实施例包括可操作以捕获虚拟机可信平台模块调用并且代表一个或多个虚拟机生成,维护和利用硬件可信平台模块密钥的可信平台虚拟化模块。 一些实施例包括虚拟可信平台模块密钥,其具有位于私有部分之上的公共部分,包括加密的硬件可信平台模块密钥。
-
公开(公告)号:US20070006169A1
公开(公告)日:2007-01-04
申请号:US11170853
申请日:2005-06-30
申请人: Alexander Iliev , Vincent Scarlata , Carlos Rozas
发明人: Alexander Iliev , Vincent Scarlata , Carlos Rozas
IPC分类号: G06F9/44
CPC分类号: G06F21/57 , G06F21/72 , G06F2221/2141 , H04L9/0897
摘要: A method and apparatus for binding trusted platform module (TPM) keys to execution entities are described. In one embodiment, the method includes the receipt of an authorization request issued by an execution entity for authorization data. According to the authorization request, the execution entity may be measured to generate an entity digest value. Once the entity digest value is generated, a platform reference module may grant the authorization request if the entity digest value verifies that the execution entity is an owner of the key held by the TPM. Accordingly, in one embodiment, a platform reference module, rather than an execution entity, holds the authorization data required by a TPM to use a key owned by the execution entity and held within sealed storage by the TPM. Other embodiments are described and claimed.
摘要翻译: 描述了将可信平台模块(TPM)密钥绑定到执行实体的方法和装置。 在一个实施例中,该方法包括接收由执行实体发出的授权数据的授权请求。 根据授权请求,可以测量执行实体以生成实体摘要值。 一旦生成实体摘要值,如果实体摘要值验证执行实体是TPM持有的密钥的所有者,则平台引用模块可以授予授权请求。 因此,在一个实施例中,平台参考模块而不是执行实体保存TPM所需的授权数据,以使用由执行实体拥有的密钥并由TPM保存在密封存储器内。 描述和要求保护其他实施例。
-
公开(公告)号:US09087200B2
公开(公告)日:2015-07-21
申请号:US13527547
申请日:2012-06-19
申请人: Francis X. McKeen , Carlos V. Rozas , Uday R. Savagaonkar , Simon P. Johnson , Vincent Scarlata , Michael A. Goldsmith , Ernie Brickell , Jiang Tao Li , Howard C. Herbert , Prashant Dewan , Stephen J. Tolopka , Gilbert Neiger , David Durham , Gary Graunke , Bernard Lint , Don A. Van Dyke , Joseph Cihula , Stalinselvaraj Jeyasingh , Stephen R. Van Doren , Dion Rodgers , John Garney , Asher Altman
发明人: Francis X. McKeen , Carlos V. Rozas , Uday R. Savagaonkar , Simon P. Johnson , Vincent Scarlata , Michael A. Goldsmith , Ernie Brickell , Jiang Tao Li , Howard C. Herbert , Prashant Dewan , Stephen J. Tolopka , Gilbert Neiger , David Durham , Gary Graunke , Bernard Lint , Don A. Van Dyke , Joseph Cihula , Stalinselvaraj Jeyasingh , Stephen R. Van Doren , Dion Rodgers , John Garney , Asher Altman
摘要: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.
摘要翻译: 一种在计算机系统内实现安全应用和数据完整性的技术。 在一个实施例中,建立一个或多个安全空间,其中可以存储和执行应用和数据。
-
7.发明申请公开(公告)号:US20140283098A1
公开(公告)日:2014-09-18
申请号:US13844101
申请日:2013-03-15
申请人: Vinay Phegade , Anand Rajan , Simon Johnson , Vincent Scarlata , Carlos Rozas , Nikhil Deshpande
发明人: Vinay Phegade , Anand Rajan , Simon Johnson , Vincent Scarlata , Carlos Rozas , Nikhil Deshpande
IPC分类号: G06F21/60
CPC分类号: H04L63/0428 , G06F21/57 , G06F21/60 , G06F21/64 , G06F2221/2105 , H04L63/126 , H04L63/302
摘要: An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information.
摘要翻译: 用于在实体之间共享信息的装置包括处理器和在处理器上执行的可信执行模块。 可信执行模块被配置为从与第一实体相关联的第一客户端设备接收第一机密信息,将可信执行环境中的第一机密信息密封,从与第二实体相关联的第二客户端设备接收第二机密信息, 可信执行环境中的第二机密信息,并在可信执行环境内执行代码。 代码被配置为基于第一机密信息和第二机密信息来计算机密结果。
-
公开(公告)号:US20130159726A1
公开(公告)日:2013-06-20
申请号:US13527547
申请日:2012-06-19
申请人: Francis X. MCKEEN , Carlos V. Rozas , Uday R. Savagaonkar , Simon P. Johnson , Vincent Scarlata , Michael A. Goldsmith , Ernie Brickell , Jiang Tao Li , Howard C. Herbert , Prashant Dewan , Stephen J. Tolopka , Gilbert Neiger , David Durham , Gary Graunke , Bernard Lint , Don A. Van Dyke , Joseph Cihula , Stalinselvaraj Jeyasingh , Stephen R. Van Doren , Dion Rodgers , John Garney , Asher Altman
发明人: Francis X. MCKEEN , Carlos V. Rozas , Uday R. Savagaonkar , Simon P. Johnson , Vincent Scarlata , Michael A. Goldsmith , Ernie Brickell , Jiang Tao Li , Howard C. Herbert , Prashant Dewan , Stephen J. Tolopka , Gilbert Neiger , David Durham , Gary Graunke , Bernard Lint , Don A. Van Dyke , Joseph Cihula , Stalinselvaraj Jeyasingh , Stephen R. Van Doren , Dion Rodgers , John Garney , Asher Altman
IPC分类号: G06F21/72
摘要: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.
摘要翻译: 一种在计算机系统内实现安全应用和数据完整性的技术。 在一个实施例中,建立一个或多个安全空间,其中可以存储和执行应用和数据。
-
公开(公告)号:US08249257B2
公开(公告)日:2012-08-21
申请号:US11864512
申请日:2007-09-28
申请人: Tasneem Brutch , Alok Kumar , Vincent Scarlata , Faraz A. Siddiqi , Ned M. Smith , Willard M. Wiseman
发明人: Tasneem Brutch , Alok Kumar , Vincent Scarlata , Faraz A. Siddiqi , Ned M. Smith , Willard M. Wiseman
IPC分类号: G06F21/00
CPC分类号: H04L9/0836 , H04L2209/127
摘要: The present subject matter related to trusted computing, and more particularly, to virtual trusted platform module keys rooted in a hardware trusted platform module. Some embodiments include a trusted platform virtualization module operable to capture virtual machine trusted platform module calls and operates to generate, maintain, and utilize hardware trusted platform module keys on behalf of the one or more virtual machines. Some embodiments include virtual trusted platform module keys having a public portion on top of an private portion including an encrypted hardware trusted platform module key.
摘要翻译: 与可信计算相关的本主题,更具体地,涉及植根于硬件可信平台模块中的虚拟可信平台模块键。 一些实施例包括可操作以捕获虚拟机可信平台模块调用并且代表一个或多个虚拟机生成,维护和利用硬件可信平台模块密钥的可信平台虚拟化模块。 一些实施例包括虚拟可信平台模块密钥,其具有位于私有部分之上的公共部分,包括加密的硬件可信平台模块密钥。
-
公开(公告)号:US20090169012A1
公开(公告)日:2009-07-02
申请号:US11967143
申请日:2007-12-29
申请人: Ned M. Smith , Willard M. Wiseman , Alok Kumar , Tasneem Brutch , Vincent Scarlata , Faraz A. Siddiqi
发明人: Ned M. Smith , Willard M. Wiseman , Alok Kumar , Tasneem Brutch , Vincent Scarlata , Faraz A. Siddiqi
IPC分类号: H04L9/06
CPC分类号: G06F21/57 , H04L9/0825 , H04L9/0836 , H04L9/0897
摘要: The present subject matter is related to trusted computing, and more particularly to migration of virtual trusted platform module keys that are rooted in a hardware trusted platform module. Some embodiments include a trusted platform virtualization module that may perform one or more of inbound and outbound trusted platform module key migrations. Such migrations may be performed between a virtual trusted platform module and either a hardware or a virtual trusted platform module.
摘要翻译: 本主题涉及可信计算,更具体地涉及根植于硬件可信平台模块中的虚拟可信平台模块密钥的迁移。 一些实施例包括可执行入站和出站可信平台模块密钥迁移中的一个或多个的可信平台虚拟化模块。 这样的迁移可以在虚拟可信平台模块和硬件或虚拟可信平台模块之间执行。
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.031 秒)
