Technologies for device attestation
US-2022292203-A1 · Sep 15, 2022 · US
Computing devices and trusted computing nodes for improving credibility of trusted platform control module
US12519656B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12519656-B2 |
| Application number | US-202218565444-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 30, 2022 |
| Priority date | Jul 30, 2021 |
| Publication date | Jan 6, 2026 |
| Grant date | Jan 6, 2026 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Trusted measurement methods and trusted computing nodes for improving credibility of trusted platform control module (TPCM) are provided. The method comprises, after a measurement request is initiated, signing, by a first secure and trusted execution environment, the measurement request by using a private key of the first security certificate to obtain a measurement request data packet including a signature, and sending the measurement request data packet to a trusted measurement agent; forwarding, by the trusted measurement agent, the measurement request data packet to a second secure and trusted execution environment; and performing, by the second secure and trusted execution environment, signature verification on the measurement request data packet by using a public key of the first security certificate, obtaining measurement data of a target protection object after the signature verification succeeds, signing the measurement data by using a private key of the second security certificate to obtain a measurement data packet including a signature, and sending the measurement data packet to the trusted measurement agent; and forwarding, by the agent, the measurement data packet to the TPCM, and performing, by the TPCM, signature verification on the measurement data packet by using a public key of the second security certificate, and performing trusted measurement on the target protection object based on the measurement data after the signature verification succeeds.
First claim
Opening claim text (preview).
What is claimed is: 1 . A measurement method, applied to a trusted computing node, wherein the trusted computing node comprises a trusted measurement agent, a trusted platform control module (TPCM), a first secure and trusted execution environment, and a second secure and trusted execution environment, a first security certificate is preset in the first secure and trusted execution environment, a second security certificate is preset in the second secure and trusted execution environment, and the TPCM is located in the first secure and trusted execution environment, and the method comprises: after the TPCM initiates a measurement request, signing, by the first secure and trusted execution environment, measurement request data by using a private key of the first security certificate to obtain a measurement request data packet comprising a signature, and sending the measurement request data packet comprising a signature to the trusted measurement agent, wherein the measurement request is used to request to measure credibility of a target protection object; forwarding, by the trusted measurement agent, the measurement request data packet comprising a signature to the second secure and trusted execution environment; performing, by the second secure and trusted execution environment, signature verification on the measurement request data packet comprising a signature by using a public key of the first security certificate, obtaining measurement data of the target protection object after the signature verification succeeds, signing the measurement data by using a private key of the second security certificate to obtain a measurement data packet comprising a signature, and sending the measurement data packet comprising a signature to the trusted measurement agent; forwarding, by the trusted measurement agent, the measurement data packet comprising a signature to the TPCM; and performing, by the TPCM, signature verification on the measurement data packet comprising a signature by using a public key of the second security certificate, and performing trusted measurement on the target protection object based on the measurement data after the signature verification succeeds. 2 . The method according to claim 1 , wherein the first secure and trusted execution environment is a first secure enclave; and the second secure and trusted execution environment is a second secure enclave. 3 . The method according to claim 1 , wherein the second secure and trusted execution environment is located in a host of the trusted computing node. 4 . The method according to claim 1 , before the TPCM initiates the measurement request, further comprising: receiving, by the TPCM, a measurement policy delivered by a trusted management center, wherein the measurement policy comprises at least one protection object, a trusted reference value of the at least one protection object, and a measurement occasion of the at least one protection object, and the target protection object is one of the at least one protection object. 5 . The method according to claim 4 , further comprising: initiating, by the TPCM, the measurement request based on the measurement occasion of the target protection object in the measurement policy. 6 . The method according to claim 1 , wherein the performing trusted measurement on the target protection object based on the measurement data comprises: determining a hash value of the measurement data; and using the hash value as a trusted measurement result of the target protection object. 7 . The method according to claim 6 , further comprising: comparing the trusted measurement result of the target protection object with a trusted reference value of the target protection object to determine whether the target protection object is trustworthy. 8 . The method according to claim 7 , further comprising: upon determining that the target protection object is not trustworthy, processing, by the TPCM, the untrustworthy case by taking predetermined measures, wherein the predetermined measures comprise at least one of the following: powering off, disconnecting a network, giving an alarm, and giving a report to a trusted management center. 9 . The method according to claim 6 , further comprising: signing, by the TPCM, the trusted measurement result by using the private key of the first security certificate to obtain a measurement result data packet comprising a signature, and sending the measurement result data packet comprising a signature to a trusted management center, so that the trusted management center remotely attests credibility of the target protection object based on a trusted reference value of the target protection object and the trusted measurement result. 10 . A trusted computing node, comprising a trusted measurement agent, a TPCM, a first secure and trusted execution environment, and a second secure and trusted execution environment, wherein a first security certificate is preset in the first secure and trusted execution environment, a second security certificate is preset in the second secure and trusted execution environment, and the TPCM is located in the first secure and trusted execution environment, the trusted computing node comprising a memory and a processor, wherein the memory stores executable instructions that, in response to execution by the processor, cause the trusted measurement agent to: via the TPCM, initiate a measurement request, receive a measurement data packet comprising a signature, and perform trusted measurement on a target protection object based on measurement data in the measurement data packet after signature verification performed on the measurement data packet comprising a signature by using a public key of the second security certificate succeeds, wherein the measurement request is used to request to measure credibility of the target protection object; via the trusted measurement agent, forward a measurement request data packet comprising a signature to the second secure and trusted execution environment, and forward the measurement data packet comprising a signature to the TPCM; via the first secure and trusted execution environment, after the TPCM initiates the measurement request, sign measurement request data by using a private key of the first security certificate to obtain the measurement request data packet comprising a signature, and send the measurement request data packet comprising a signature to the trusted measurement agent; and via the second secure and trusted execution environment, after signature verification performed on the measurement request data packet comprising a signature by using a public key of the first security certificate succeeds, obtain measurement data of the target protection object, sign the measurement data by using a private key of the second security certificate to obtain the measurement data packet comprising a signature, and send the measurement data packet comprising a signature to the trusted measurement agent. 11 . A computing device comprising a trusted measurement agent, a TPCM, a first secure and trusted execution environment, and a second secure and trusted execution environment, wherein a first security certificate is preset in the first secure and trusted execution environment, a second security certificate is preset in the second secure and trusted execution environment, and the TPCM is located in the first secure and trusted execution environment, the computing device comprising a memory and a processor, wherein the memory stores executable instructions that, in response to execution by the processor, cause the processor to: initiate a measurement request, receive a measurement data packet co
Assignees
Inventors
Classifications
involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements (network architectures or network communication protocols for supporting authentication of entities using certificates in a packet data network H04L63/0823) · CPC title
using cryptographic hash functions · CPC title
- H04L9/0825Primary
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
Trusted platform modules [TPM] · CPC title
- H04L9/3247Primary
involving digital signatures · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12519656B2 cover?
- Trusted measurement methods and trusted computing nodes for improving credibility of trusted platform control module (TPCM) are provided. The method comprises, after a measurement request is initiated, signing, by a first secure and trusted execution environment, the measurement request by using a private key of the first security certificate to obtain a measurement request data packet includin…
- Who is the assignee on this patent?
- Alipay Hangzhou Inf Tech Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04L9/0825. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jan 06 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).