Memory device with secure boot updates and self recovery
US-2024406008-A1 · Dec 5, 2024 · US
Identifying Security Boundaries on Computing Devices
US2016105280A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016105280-A1 |
| Application number | US-201514614132-A |
| Country | US |
| Kind code | A1 |
| Filing date | Feb 4, 2015 |
| Priority date | Oct 13, 2014 |
| Publication date | Apr 14, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash values or other identifications of) various modules loaded and executed as part of booting the computing device are maintained by a boot measurement system of the computing device. Additionally, as part of booting the computing device, a public/private key pair of one of the security boundaries is generated or otherwise obtained. The private key of the public/private key pair is provided to the one security boundary, and the public key of the public/private key pair is provided to the boot measurement system.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method implemented in a computing device, the method comprising: obtaining, during booting of the computing device having multiple security boundaries, a public/private key pair for a first security boundary of the multiple security boundaries, data of the first security boundary being inaccessible to programs in a second security boundary of the multiple security boundaries; providing a private key of the public/private key pair to an operating system module of the first security boundary; and providing a public key of the public/private key pair to a boot measurement system of the computing device that includes a secure cryptoprocessor. 2 . The method as recited in claim 1 , the obtaining the public/private key pair comprising generating the public/private key pair. 3 . The method as recited in claim 1 , the obtaining the public/private key pair comprising decrypting at least the private key of a previously generated public/private key pair only if a security-sensitive state of a boot system of the computing device at a point at which at least the private key of the public/private key pair is decrypted and a security-sensitive state of a boot system of the computing device at a point at which at least the private key of the public/private key pair was previously encrypted are the same security-sensitive state. 4 . The method as recited in claim 1 , the obtaining the public/private key pair comprising obtaining the public/private key pair at a time of creating the first security boundary. 5 . The method as recited in claim 1 , the obtaining the public/private key pair comprising obtaining the public/private key pair prior to creation of the first security boundary. 6 . The method as recited in claim 1 , the secure cryptoprocessor comprising a trusted platform module physical device. 7 . The method as recited in claim 1 , further comprising using the private key of the public/private key pair to establish a secure communication channel between the first security boundary and a remote device. 8 . The method as recited in claim 7 , further comprising providing an event log identifying modules loaded and executed during the booting of the computing device to the remote device. 9 . The method as recited in claim 1 , further comprising: obtaining, during booting of the computing device, a public/private key pair for a third security boundary of the multiple security boundaries, data of the third security boundary being inaccessible to programs in the first security boundary and programs in the second security boundary; providing a private key of the public/private key pair for the third security boundary to an operating system module of the third security boundary; and providing a public key of the public/private key pair for the third security boundary to the secure cryptoprocessor of the computing device. 10 . A method implemented in a computing device, the method comprising: obtaining, during booting of the computing device and by an operating system module of a first security boundary of multiple security boundaries of the computing device, a private key of a public/private key pair of the first security boundary, data of the first security boundary being inaccessible to programs in a second security boundary of the multiple security boundaries, the private key being associated with the first security boundary but not being associated with other security boundaries of the computing device; and using the private key to establish a secure communication channel between the first security boundary and a remote device. 11 . The method as recited in claim 10 , the obtaining the private key comprises receiving the private key from a module of a boot system of the computing device at a time of creating the first security boundary. 12 . The method as recited in claim 10 , the private key having been generated by a module of a boot system of the computing device prior to creation of the first security boundary. 13 . The method as recited in claim 10 , further comprising providing an event log identifying modules loaded and executed during the booting of the computing device to the remote device. 14 . A computing device comprising: a processing system comprising one or more processors; and one or more computer-readable storage media having stored thereon multiple instructions that, responsive to execution by the processing system, cause the processing system to perform acts comprising: obtaining, during booting of the computing device, a public/private key pair for a first security boundary of multiple security boundaries of the computing device, data of the first security boundary being inaccessible to programs in a second security boundary of the multiple security boundaries; providing a private key of the public/private key pair to a program of the first security boundary; and providing a public key of the public/private key pair to a boot measurement system of the computing device that includes a secure cryptoprocessor. 15 . The computing device as recited in claim 14 , the obtaining the public/private key pair comprising generating the public/private key pair. 16 . The computing device as recited in claim 14 , the obtaining the public/private key pair comprising decrypting at least the private key of a previously generated public/private key pair only if a security-sensitive state of a boot system of the computing device at a point at which at least the private key of the public/private key pair is decrypted and a security-sensitive state of a boot system of the computing device at a point at which at least the private key of the public/private key pair was encrypted are the same security-sensitive state. 17 . The computing device as recited in claim 14 , the obtaining the public/private key pair comprising obtaining the public/private key pair at a time of creating the first security boundary. 18 . The computing device as recited in claim 14 , the obtaining the public/private key pair comprising obtaining the public/private key pair prior to creation of the first security boundary. 19 . The computing device as recited in claim 14 , the secure cryptoprocessor comprising a trusted platform module physical device. 20 . The computing device as recited in claim 14 , further comprising using the private key of the public/private key pair to establish a secure communication channel between the first security boundary and a remote device.
Assignees
Inventors
Classifications
- G06F21/575Primary
Secure boot · CPC title
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
using cryptographic hash functions · CPC title
- H04L9/0825Primary
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements (network architectures or network communication protocols for supporting authentication of entities using certificates in a packet data network H04L63/0823) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016105280A1 cover?
- During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash value…
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/575. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Apr 14 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).