公开(公告)号：WO2006115533A2

公开(公告)日：2006-11-02

申请号：PCT/US2005/030490

申请日：2005-08-26

Applicant: MICROSOFT CORPORATION

Inventor： BARDE, Sumedh, N. ,  SCHWARTZ, Jonathan, D. ,  KUHN, Reid, Joseph ,  GRIGOROVITCH, Alexandre, Vicktorovich ,  DEBIQUE, Kirt, A. ,  KNOWLTON, Chadd, B. ,  ALKOVE, James, M. ,  DUNBAR, Geoffrey, T. ,  GRIER, Michael, J. ,  MA, Ming ,  UPADHYAY, Chaitanya, D. ,  SHERWANI, Adil, Ahmed ,  KISHAN, Arun, Upadhyaya

IPC: H04L9/00

CPC classification number: G06F21/10 ,  G06F21/57 ,  G06F2221/0735 ,  H04L9/3247 ,  H04L9/3263 ,  H04L2209/603

Abstract: A method of establishing a protected environment within a computing device including validating a kernel component loaded into a kernel of the computing device, establishing a security state for the kernel based on the validation, creating a secure process and loading a software component into the secure process, periodically checking the security state of the kernel, and notifying the secure process when the security state of the kernel has changed.

Abstract translation: 一种在计算设备内建立受保护环境的方法，包括验证加载到计算设备的内核中的内核组件，基于验证建立内核的安全状态，创建安全过程并将软件组件加载到安全过程中 定期检查内核的安全状态，并在内核的安全状态发生变化时通知安全进程。