公开(公告)号：WO2019217219A1

公开(公告)日：2019-11-14

申请号：PCT/US2019/030509

申请日：2019-05-03

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： SCHULTZ, Benjamin M. ,  KURJANOWICZ, Matthew David ,  SRIVASTAVA, Ankit ,  KARADEMIR, Ahmed Saruhan ,  GHOSH, Sudeep Kumar ,  PASHNIAK, Michael Trevor ,  PULAPAKA, Hari R. ,  BALASUBRAMANYAN, Balaji ,  SUGANDHI, Tushar Suresh ,  VISWANATHAN, Giridhar

IPC: G06F21/53 ,  G06F21/55

Abstract: Securely storing, installing, or launching applications. A method includes determining a trust characteristic or a license characteristic assigned to an application. When the trust characteristic or the license characteristic meets or exceeds a predetermined trust condition or a predetermined license condition, then the method includes at least one of storing, installing or launching the application in a first, more secure operating system while preventing the application from, being at least one of stored, installed or launched in a second, less secure operating system. When the trust characteristic or the license characteristic does not meet or exceed the predetermined trust condition or the predetermined license condition, then the method includes at least one of storing, installing or launching the application in the second less secure operating system while preventing the application from being at least one of stored, installed or launched in the first, more secure operating system.

公开(公告)号：WO2021086737A1

公开(公告)日：2021-05-06

申请号：PCT/US2020/056955

申请日：2020-10-23

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： SUGANDHI, Tushar Suresh ,  GUO, Amber Tianqi ,  BALASUBRAMANYAN, Balaji ,  SINGH, Abhijat ,  KARADEMIR, Ahmed Saruhan ,  SCHULTZ, Benjamin M. ,  PULAPAKA, Hari R. ,  SHUBHAM, Gupta ,  THOMAS, Chase ,  RAMIREZ, Carlos Ernesto Peza

IPC: G06F21/53 ,  G06F21/57 ,  G06F21/10

Abstract: Environment type validation can provide a tamper-resistant validation of the computing environment within which the environment type validation is being performed. Such information can then be utilized to perform policy management, which can include omitting verifications in order to facilitate the sharing of policy, such as application licenses, from a host computing environment into a container virtual computing environment. The environment type validation can perform multiple checks, including verification of the encryption infrastructure of the computing environment, verification of code integrity mechanisms of that computing environment, checks for the presence of functionality evidencing a hypervisor, checks for the presence or absence of predetermined system drivers, or other like operating system components or functionality, checks for the activation or deactivation of resource management stacks, and checks for the presence or absence of predetermined values in firmware.

公开(公告)号：WO2019112818A1

公开(公告)日：2019-06-13

申请号：PCT/US2018/062378

申请日：2018-11-23

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： BORN, Bryan R. ,  VISWANATHAN, Giridhar ,  LEDINS, Peteris ,  BALASUBRAMANYAN, Balaji ,  CHENCHEV, Margarit Simeonov ,  SCHULTZ, Benjamin M. ,  PULAPAKA, Hari R. ,  SMITH, Frederick Justus ,  RAMASUBRAMANIAN, Narasimhan ,  GIANOTTI SERRANO DOS SANTO, Raphael ,  KALAPPURAIKAL SIVADAS, Nived ,  THIND, Ravinder ,  KURJANOWICZ, Matthew David

IPC: G06F21/53

Abstract: Securely performing file operations. A method includes determining a trust characteristic assigned to a file. When the trust characteristic assigned to the file meets or exceeds a predetermined trust condition, then the method includes performing a file operation on the file in a host operating system while preventing the file operation from being performed in the container operating system. When the trust characteristic assigned to the file does not meet or exceed the predetermined trust condition, then the method includes performing the file operation on the file in the container operating system while preventing the file operation from being performed directly in the host operating system.

公开(公告)号：WO2021133478A1

公开(公告)日：2021-07-01

申请号：PCT/US2020/059937

申请日：2020-11-11

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： AIGNER, Ronald ,  BALASUBRAMANYAN, Balaji

IPC: G06F21/10 ,  G06F16/212 ,  G06F21/105 ,  G06F21/123 ,  G06F21/554 ,  G06F2221/033 ,  G06Q2220/18 ,  H04L9/3234 ,  H04L9/3236 ,  H04L9/3247

Abstract: Methods for protecting software licensing information via a trusted platform module (TPM) are performed by systems and devices. When a licensing server is unreachable, a license is generated for a software application by a licensing manager. The license is generated via a secure register of the TPM using an asymmetric key, specific to the software application and policy-tied to the secure register, to generate a signature of a hashed license file for the software application. The asymmetric key is stored, mapped to the license file, and used for subsequent license validation. A licensing manager validation command is provided to validate the license using the key, as applied to the hash, to verify the signature and checking validity of the time stamp. Time stamp expiration or alteration of the license are determined to provoke invalidation indications for the validating application.

公开(公告)号：WO2019231685A1

公开(公告)日：2019-12-05

申请号：PCT/US2019/032543

申请日：2019-05-16

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： KARADEMIR, Ahmed Saruhan ,  GHOSH, Sudeep Kumar ,  SRIVASTAVA, Ankit ,  PASHNIAK, Michael Trevor ,  SCHULTZ, Benjamin M. ,  BALASUBRAMANYAN, Balaji ,  PULAPAKA, Hari R. ,  SUGANDHI, Tushar Suresh ,  KURJANOWICZ, Matthew David ,  VISWANATHAN, Giridhar

IPC: G06F21/12

Abstract: Techniques for memory assignment for guest operating systems are disclosed herein. In one embodiment, a method includes generating a license blob containing data representing a product key copied from a record of license information in the host storage upon receiving a user request to launch an application in the guest operating system. The method also includes storing the generated license blob in a random memory location accessible by the guest operating system. The guest operating system can then query the license blob for permission to launch the application and launching the application in the guest operating system without having a separate product key for the guest operating system.

公开(公告)号：WO2019112819A1

公开(公告)日：2019-06-13

申请号：PCT/US2018/062379

申请日：2018-11-23

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： SCHULTZ, Benjamin M. ,  BALASUBRAMANYAN, Balaji ,  VISWANATHAN, Giridhar ,  SRIVASTAVA, Ankit ,  CHENCHEV, Margarit Simeonov ,  PULAPAKA, Hari R. ,  SIVADAS, Nived Kalappuraikal ,  GIANOTTI SERRANO DOS SANTO, Raphael ,  RAMASUBRAMANIAN, Narasimhan ,  SMITH, Frederick Justus ,  KURJANOWICZ, Matthew David ,  SRIVASTAVA, Prakhar ,  SCHWARTZ, Jonathan

IPC: G06F21/53

Abstract: Securely performing file operations. A method includes determining a licensing characteristic assigned to a file. When the licensing characteristic assigned to the file meets or exceeds a predetermined licensing condition, then the method includes performing a file operation on the file in a host operating system while preventing the file operation from being performed in the guest operating system. When the licensing characteristic assigned to the file does not meet or exceed the predetermined licensing condition, then the method includes performing the file operation on the file in the guest operating system while preventing the file operation from being performed directly in the host operating system.