Enhanced data security through uniqueness checking
US-9602288-B1 · Mar 21, 2017 · US
Device Attestation Through Security Hardened Management Agent
US2016259941A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016259941-A1 |
| Application number | US-201514641184-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 6, 2015 |
| Priority date | Mar 6, 2015 |
| Publication date | Sep 8, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A device boots in a secure manner that allows measurements reflecting which components are loaded during booting to be generated. Measurements of such components, as well as of a device management agent and the security state of the device, are also obtained. The device management agent accesses an attestation service for an enterprise, which is a collection of resources managed by a management service. The device management agent provides the obtained measurements to the attestation service, which evaluates the measurements and based on the evaluation determines whether the device is verified for use in the enterprise. The management service uses this verification to ensure that the device management agent is running in a secure manner, is accurately providing indications of the state of the device to the management service, and is implementing policy received from the management service.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method implemented in a computing device, the method comprising: securely booting the computing device, the securely booting including generating one or more measurements reflecting modules or components loaded on the computing device and a security state of the computing device; running a device management agent on the computing device as a hardened program that is protected from having malicious code being injected into the program; communicating, via a network, with an attestation service to verify the device management agent for use in an enterprise; and implementing, on the computing device by the device management agent, policy received from a management service via the network in response to the attestation service verifying the device management agent for use in the enterprise. 2 . The method as recited in claim 1 , further comprising accessing resources of the enterprise as permitted by the management service. 3 . The method as recited in claim 2 , further comprising providing to the management service an indication of one or more policies that are being complied with by the computing device, access to the resources of the enterprise being permitted by the management service based at least in part on which policies are being complied with by the computing device. 4 . The method as recited in claim 2 , further comprising: providing to the management service an indication of a trusted platform module endorsement key of the computing device; and being permitted to access resources of the enterprise only in response to the trusted platform module endorsement key of the computing device being included in an approved list of devices of the management service. 5 . The method as recited in claim 1 , further comprising: incrementing, each time the computing device is booted a boot counter that is a monotonic counter; providing a current value of the boot counter to the attestation service; and providing the current value of the boot counter to the management service, allowing the management service to verify the value of the boot counter provided to the attestation service is the same as the value of the boot counter provided to the management service. 6 . The method as recited in claim 1 , the implementing including implementing, by the device management agent, policy received via the network only if the received policy is digitally signed by the management service. 7 . The method as recited in claim 6 , further comprising storing the received policy that is digitally signed by the management service in a hardware policy store of the computing device. 8 . The method as recited in claim 1 , further comprising the device management agent digitally signing the policy received from the management service and storing the digitally signed policy in a policy store of the computing device. 9 . The method as recited in claim 1 , further comprising: receiving, from the attestation service, an attestation state for the computing device, the attestation state including an indication of whether the computing device is verified by the attestation service as well as at least one of the one or more measurements; and providing the attestation state to one or more additional services in the enterprise to prove to the one or more additional services that the computing device has been verified for use in the enterprise by the attestation service. 10 . The method as recited in claim 9 , further comprising: deriving, by the device management agent, a key from the attestation state; and encrypting data on the computing device using the key derived from the attestation state. 11 . The method as recited in claim 1 , the one or more measurements reflecting the device management agent. 12 . The method as recited in claim 1 , further comprising: obtaining, by the device management agent, a value associated with a hardware component of the computing device; verifying that the obtained value is the same value as was previously provided to a trusted platform module of the computing device; and attesting to the management service that the hardware component is trusted by the trusted platform module in response to the obtained value being the same as was previously provided to the trusted platform module. 13 . The method as recited in claim 1 , further comprising: providing to the management service an enrollment request; and receiving an indication that the computing device is enrolled with the management service in response to the attestation service having verified the device management agent for use in the enterprise, the management service taking a remedial action in response to the attestation service not having verified the device management agent for use in the enterprise. 14 . A computing device comprising: a policy store; a measurement system including a trusted platform module; a boot system configured to securely boot the computing device, the securely booting including generating and providing, to the measurement system, one or more measurements reflecting modules or components loaded on the computing device and a security state of the computing device; and a device management agent configured to run on the computing device as a hardened program that is protected from having malicious code being injected into the program, communicate via a network with an attestation service to verify the device management agent for use in an enterprise, maintain policy received from a management system via the network in the policy store, and implement the policy on the computing device. 15 . The computing device as recited in claim 14 , the policy store comprising a hardware policy store that can be written to by the device management agent but not by other programs running on the computing device. 16 . The computing device as recited in claim 14 , the one or more measurements reflecting the device management agent. 17 . The computing device as recited in claim 14 , the measurement system being further configured to increment, each time the computing device is booted, a boot counter that is a monotonic counter, the device management agent being further configured to provide a current value of the boot counter to the attestation service, and provide the current value of the boot counter to the management service, allowing the management service to verify the value of the boot counter provided to the attestation service is the same as the value of the boot counter provided to the management service. 18 . A computing device comprising: one or more processors; and one or more computer-readable storage media having stored thereon multiple instructions that, when executed by the one or more processors, cause the one or more processors to perform acts including: securely booting the computing device, the securely booting including generating one or more measurements reflecting modules or components loaded on the computing device and a security state of the computing device; running a device management agent on the computing device as a hardened program that is protected from having malicious code being injected into the program; communicating, via a network, with an attestation service to verify the device management agent for use in an enterprise; and implementing, on the computing device by the device management agent, policy received from a management service via the network in response to the attestation service verifying the device management agent for use in the enterprise.
Assignees
Inventors
Classifications
Trusted platform modules [TPM] · CPC title
- G06F21/575Primary
Secure boot · CPC title
Secure firmware programming, e.g. of basic input output system [BIOS] · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016259941A1 cover?
- A device boots in a secure manner that allows measurements reflecting which components are loaded during booting to be generated. Measurements of such components, as well as of a device management agent and the security state of the device, are also obtained. The device management agent accesses an attestation service for an enterprise, which is a collection of resources managed by a management…
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/575. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Sep 08 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).