[특허]Manifest-based trusted agent management in a trusted operating system environment

Manifest-based trusted agent management in a trusted operating system environment 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	H04L-029/00
출원번호	US-0206578 (2005-08-18)
등록번호	US-7305553 (2007-12-04)
발명자 / 주소	England,Paul Peinado,Marcus Simon,Daniel R. Benaloh,Josh D.
출원인 / 주소	Microsoft Corporation
인용정보	피인용 횟수 : 2 인용 특허 : 114

초록 ▼

Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

대표청구항 ▼

The invention claimed is: 1. One or more computer storage media having stored thereon a plurality of instructions to implement a trusted core of a computing device that, when executed by one or more processors of the computing device, causes the one or more processors to: receive, from a trusted application, a value and a request to generate a digitally signed statement; obtain a manifest corresponding to the trusted application; and generate a digitally signed statement that the value was supplied by the trusted application, the digitally signed statement including an identifier that identifies the manifest corresponding to the trusted application, the manifest describing what types of binaries are allowed to be loaded into a process space for the trusted application. 2. One or more computer storage media as recited in claim 1, the manifest including a public key of a public-private key pair of a party that digitally signed the manifest. 3. One or more computer storage media as recited in claim 1, the manifest including an identifier of a party that generated the manifest. 4. One or more computer storage media as recited in claim 1, the manifest including one or more manifest version indicators. 5. One or more computer storage media as recited in claim 1, wherein the manifest comprises: a first portion including data representing a unique identifier of the trusted application; a second portion including data indicating whether a particular one or more binaries can be loaded into a process space for the trusted application; a third portion derived from the data in both the first portion and the second portion by generating a digital signature over the first and second portions; a fourth portion that includes data representing a list of one or more export statements that allow a secret associated with the trusted application to be exported to another trusted application; and a fifth portion that includes data representing a set of properties corresponding to the manifest. 6. A method implemented at least in part by a computing device, the method comprising: receiving, from a trusted application, a value and a request to generate a digitally signed statement; obtaining a manifest corresponding to the trusted application; and generating a digitally signed statement that the value was supplied by the trusted application, the digitally signed statement including an identifier that identifies the manifest corresponding to the trusted application, the manifest describing what types of binaries are allowed to be loaded into a process space for the trusted application. 7. A method as recited in claim 6, the manifest including a public key of a public-private key pair of a party that digitally signed the manifest. 8. A method as recited in claim 6, the manifest including an identifier of a party that generated the manifest. 9. A method as recited in claim 6, the manifest including one or more manifest version indicators. 10. A method as recited in claim 6, the manifest including: a first portion including data representing a unique identifier of the trusted application; a second portion including data indicating whether a particular one or more binaries can be loaded into a process space for the trusted application; a third portion derived from the data in both the first portion and the second portion by generating a digital signature over the first and second portions; a fourth portion that includes data representing a list of one or more export statements that allow a secret associated with the trusted application to be exported to another trusted application; and a fifth portion that includes data representing a set of properties corresponding to the manifest. 11. A computing device comprising: a processor; a memory to store a plurality of instructions that, when executed by the processor, implement a trusted core of the computing device to: receive, from a trusted application, a value and a request to generate a digitally signed statement; obtain a manifest corresponding to the trusted application; and generate a digitally signed statement that the value was supplied by the trusted application, the digitally signed statement including an identifier that identifies the manifest corresponding to the trusted application, the manifest describing what types of binaries are allowed to be loaded into a process space for the trusted application. 12. A computing device as recited in claim 11, the manifest including a public key of a public-private key pair of a party that digitally signed the manifest. 13. A computing device as recited in claim 11, the manifest including an identifier of a party that generated the manifest. 14. A computing device as recited in claim 11, the manifest including one or more manifest version indicators. 15. A computing device as recited in claim 11, wherein the manifest comprises: a first portion including data representing a unique identifier of the trusted application; a second portion including data indicating whether a particular one or more binaries can be loaded into a process space for the trusted application; a third portion derived from the data in both the first portion and the second portion by generating a digital signature over the first and second portions; a fourth portion that includes data representing a list of one or more export statements that allow a secret associated with the trusted application to be exported to another trusted application; and a fifth portion that includes data representing a set of properties corresponding to the manifest. 16. One or more computer storage media as recited in claim 1, wherein the trusted core is to receive the request as a quote operation. 17. A method as recited in claim 6, wherein the method is implemented by a trusted core, and wherein the request comprises invocation of a quote operation implemented by the trusted core. 18. A computing device as recited in claim 11, wherein the request comprises invocation of a quote operation implemented by the trusted core.

이 특허에 인용된 특허 (114)

Zabetian Mahboud, Apparatus and method for electronic document certification and verification.
상세보기
Campbell Randall B., Apparatus and method for remotely executing commands using distributed computing environment remote procedure calls.
상세보기
Murray, Michael C.; Erickson, Paul R.; Fisher, Oliver G.; Raman, Suryanarayanan V.; Hopcroft, Michael J., Architectures for and methods of providing network-based software extensions.
상세보기
Ohta Kazuo (Fujisawa JPX) Okamoto Tatsuaki (Yokosuka JPX), Authentication system and apparatus therefor.
상세보기
Deo Vinay ; Seidensticker Robert B. ; Simon Daniel R., Authentication system and method for smart card transactions.
상세보기
Sadowsky Richard S. ; Isenberg Henri J. ; Trollope Rowan, Boot failure recovery.
상세보기
Fisher Jerald C. ; Nguyen Lien Dai ; Young James ; Seaburg Gunnar P. ; Hedlund Galen W. ; Katz Richard S., Channel configuration program server architecture.
상세보기
England, Paul, Client-side boot domains and boot rules.
상세보기
Atkinson Robert G. ; Price Robert M. ; Contorer Aaron M., Code certification for network transmission.
상세보기
Fischer Addison M. (60 14th Ave. South Naples FL 33942), Computer system security method and apparatus having program authorization information data structures.
상세보기
Grier, Michael J.; Shenoy, Sanjay G.; FitzSimons, RoseMarie; D'Souza, David; Parthasarathy, Srivatsan; Dunn, Micheal; Shi, Alan, Configurations for binding software assemblies to application programs.
상세보기
England, Paul; DeTreville, John D.; Lampson, Butler W., Controlling access to content based on certificates and access predicates.
상세보기
Herbert Howard C. ; Davis Derek L., Cryptographically protected paging subsystem.
상세보기
Takahashi Kikuo (Hachioji JPX) Kagimasa Toyohiko (Hachioji JPX) Mori Toshiaki (Hachioji JPX), Data processing apparatus having a real memory region with a corresponding fixed memory protection key value and method.
상세보기
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
England Paul ; DeTreville John D. ; Lampson Butler W., Digital rights management operating system.
상세보기
Robert W. Faber ; David A. Lee ; Brendan S. Traw ; Gary L. Graunke, Digital video content transmission ciphering and deciphering method and apparatus.
상세보기
LeBourgeois John H., Digitally certifying a user identity and a computer system in combination.
상세보기
Johnson Woodrow W. ; Atkins Christine J. ; Yoh Jon, Electronic rights management and authorization system.
상세보기
Robert G. Atkinson ; James W. Kelly, Jr. ; Bryan W. Tuttle ; Robert M. Price ; Robert P. Reichel, Embedding certifications in executable files for network transmission.
상세보기
Barr Adam D. ; Swift Michael M. ; Lenzmeier Charles T., Ensuring the integrity of remote boot client data.
상세보기
Olarig Sompong P. ; Angelo Michael F. ; Jansen Kenneth A., Hardware theft-protection architecture.
상세보기
Renaud Benjamin J. ; Pampuch John C. ; Hodges Wilsher Avril E., Implementing digital signatures for data streams and data archives.
상세보기
Benantar Messaoud ; Blakley ; III George Robert ; Nadalin Anthony Joseph, Information handling system, method, and article of manufacture for efficient object security processing by grouping obj.
상세보기
Hideo Ando JP; Masaki Nakagawa JP; Yoshiyuki Ishizawa JP; Tadashi Kojima JP, Information reproducing apparatus, authenticating apparatus, and information processing system.
상세보기
Chan, Keen W.; Chu, Nai-Chi M., Integrity scanner.
상세보기
Clark Paul C., Intelligent token protected system with network authentication.
상세보기
Carbajal, John M.; Dittert, Eric R.; Drews, Paul C., Interface for ensuring system boot image integrity and authenticity.
상세보기
Asad, Khalid; Brown, Michael A.; Gupta, Adarsh; Kohli, Manjit Singh; Sebastian, J. Matthew, Key ring organizer for an electronic business using public key infrastructure.
상세보기
Griswold Gary N., Licensing management system and method in which datagrams including an address of a licensee and indicative of use of a.
상세보기
England Paul ; DeTreville John D. ; Lampson Butler W., Loading and identifying a digital rights management operating system.
상세보기
Van Oorschot Paul C.,CAX ; Moses Timothy E.,CAX, Method and apparatus for access to user-specific encryption information.
상세보기
Guillou Louis C. (Rennes FRX) Quisquater Jean-Jacques (Brussels BEX), Method and apparatus for authenticating accreditations and for authenticating and signing messages.
상세보기
Fletcher Rick ; Lin Pei-Chen, Method and apparatus for automatically updating software components on end systems over a network.
상세보기
Glenn C. Langford CA; Ronald J. Vandergeest CA, Method and apparatus for controlling application access to limited access based data.
상세보기
Fischer Addison M. (60 14th Ave. South Naples FL 33942), Method and apparatus for creating, supporting, and using travelling programs.
상세보기
Helbig ; Sr. Walter A, Method and apparatus for enhancing computer system security.
상세보기
Stewart David C., Method and apparatus for establishing network connection for a processor without an operating system boot.
상세보기
Graunke Gary L. ; Rozas Carlos V., Method and apparatus for integrity verification, authentication, and secure linkage of software modules.
상세보기
Arnold Todd Weston, Method and apparatus for protecting application data in secure storage areas.
상세보기
Novoa Manuel ; McCann Paul H. ; Sharum Wayne P. ; Crisan Adrian ; Hokanson Paul B., Method and apparatus for remote ROM flashing and security management for a computer system.
상세보기
Arrow Leslie J. ; Bots Henk J. ; Hoke Mark R. ; Hunt William E. ; Jones Russell C., Method and apparatus for swapping a computer operating system.
상세보기
Merkling Roger ; Fieres Helmut ; Klemba Keith, Method and apparatus for trusted processing.
상세보기
Fischer Addison M., Method and apparatus for validating travelling object-oriented programs with digital signatures.
상세보기
Carbajal, John M.; Graunke, Gary; Rozas, Carlos, Method and apparatus for verifying the integrity of digital objects using signed manifests.
상세보기
Hsu Jerry,TWX ; Shen Sidney,TWX, Method and apparatus to protect computer software.
상세보기
Hennige Hartmut (23 Packman Lane ; Home Green Kirk Ella Hull HU10 7TH N. Humberside GB3), Method and device for simplifying the use of a plurality of credit cards, or the like.
상세보기
Krishnan Ganapathy ; Guthrie John ; Oyler Scott, Method and system for securely incorporating electronic information into an online purchasing application.
상세보기
Boyle John ; Holden James M. ; Levin Stephen E. ; Maiwald Eric S. ; Nickel James O. ; Snow David Wayne ; Wrench ; Jr. Edwin H., Method for establishing trust in a computer network via association.
상세보기
Haber Stuart A. (New York NY) Stornetta ; Jr. Wakefield S. (Morristown NJ), Method for secure time-stamping of digital documents.
상세보기
Graunke Gary L. ; Carbajal John ; Maliszewski Richard L. ; Rozas Carlos V., Method for securely distributing a conditional use private key to a trusted entity on a remote system.
상세보기
Preneel Bart K. B. (Heverlee BEX) Van Oorschot Paul C. (Ottawa CAX), Method of building fast MACS from hash functions.
상세보기
Kenneth S. Knapton, III, Method of controlling usage of software components.
상세보기
Coulier Charles,FRX ; Gordons Edouard,FRX ; Grimonprez Georges,FRX, Microprocessor-based memory card that limits memory accesses by application programs and method of operation.
상세보기
Johnson Herrick J. (Marblehead MA) Olson Margaret (Nashua NH) Jones Stuart (Cambridge MA) Bodoff Stephanie (Somerville MA) Bertrand Stephen C. (Waltham MA) Levine Paul H. (Carlisle MA), Network license server.
상세보기
Trostle Jonathan, Networked workstation intrusion detection system.
상세보기
Lovelace John V. ; Nevis Bryon S., Operating system bootstrap security mechanism.
상세보기
Derek L. Davis ; Howard C. Herbert, Platform and method for assuring integrity of trusted agent communications.
상세보기
Asai Toshinori,JPX, Program operating apparatus.
상세보기
Horstmann Cay S., Relicensing of electronically purchased software.
상세보기
Rabne Michael W. ; Barker James A. ; Alrashid Tareq M.T. ; Christian Brian S. ; Cox Steven C. ; Slotta Elizabeth A. ; Upthegrove Luella R., Rights management system for digital media.
상세보기
Davis Derek L. (Phoenix AZ), Roving software license for a hardware agent.
상세보기
Arbaugh William A. ; Farber David J. ; Keromytis Angelos D. ; Smith Jonathan M., Secure and reliable bootstrap architecture.
상세보기
Holtey Thomas O. (Newton MA), Secure application card for sharing application data and procedures among a plurality of microprocessors.
상세보기
McMullan ; Jr. Jay C. (Doraville GA) Burleson David B. (Roswell GA) Borsetti ; Jr. Paul (Alpharetta GA) Filion John T. (Lawrenceville GA), Secure authorization and control method and apparatus for a game delivery service.
상세보기
Robert Shaw, Secure data downloading, recovery and upgrading.
상세보기
Robert Shaw, Secure data downloading, recovery and upgrading.
상세보기
Angelo Michael F., Secure software registration and integrity assessment in a computer system.
상세보기
Ajit V. Rajasekharan ; Guy A. Story, Jr. ; Andrew J. Huffman, Secure streaming of digital audio/visual content.
상세보기
Muftic Sead,SEX, Secure world wide electronic commerce over an open network.
상세보기
Grimonprez Georges (Villeneuve d\Asq FRX) Paradinas Pierre (Villeneuve d\Asq FRX), Secured method for loading a plurality of applications into a microprocessor memory card.
상세보기
Mandelbaum Richard (Manalapan NJ) Sherman Stephen A. (Hackettstown NJ) Wetherington Diane R. (Bernardsville NJ), Smartcard adapted for a plurality of service providers and for remote installation of same.
상세보기
Foster, Gary D., Software packaging and distribution system.
상세보기
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
상세보기
David M. Van Wie ; Robert P. Weber, Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
상세보기
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
상세보기
Hasebe Takayuki,JPX ; Akiyama Ryota,JPX ; Yoshioka Makoto,JPX, Storage medium for preventing an irregular use by a third party.
상세보기
Gordon,Bryson; Zandstra,Gary; Kannan,Ravi, System and method for certifying that data received over a computer network has been checked for viruses.
상세보기
Rosen Sholom S. (New York NY), System and method for commercial payments using trusted agents.
상세보기
Barlow Doug ; Dillaway Blair ; Fox Barbara ; Lipscomb Terry ; Spies Terrence, System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer.
상세보기
Ryan ; Jr. Frederick W. ; Sisson Robert W., System and method for mutual authentication and secure communications between a postage security device and a meter server.
상세보기
Galasso Leonard J. ; Zilmer Matthew E. ; Phan Quang, System and method for securely utilizing basic input and output system (BIOS) services.
상세보기
Paul C. Drews, System and method for verifying the integrity and authorization of software before execution in a local platform.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
상세보기
Schneck Paul B. ; Abrams Marshall D., System for controlling access and distribution of digital property.
상세보기
Bacha, Hamid; Carroll, Robert Bruce; Mirlas, Lev; Tchao, Sung Wei, System for electronic repository of data enforcing access control on data search and retrieval.
상세보기
Lotspiech Jeffrey Bruce ; McCurley Kevin Snow, System for encrypting broadcast programs in the presence of compromised receiver devices.
상세보기
Ta, Thanh; Wang, Xin, Systems and methods for integrity certification and verification of content consumption environments.
상세보기
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
상세보기
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
상세보기
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
상세보기
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for the secure transaction management and electronic rights protection.
상세보기
Shear Victor H. ; Sibert W. Olin ; Van Wie David M., Systems and methods using cryptography to protect secure computing environments.
상세보기
Shear Victor H. ; Sibert W. Olin ; Van Wie David M., Systems and methods using cryptography to protect secure computing environments.
상세보기
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
상세보기
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining, using and manipulating rights management data structures.
상세보기
Rosen Sholom S., Trusted agents for open distribution of electronic money.
상세보기
Rosen Sholom S. (New York NY), Trusted agents for open electronic commerce.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
상세보기
Griffin Claire ; Barnes Douglas, Trusted delegation system.
상세보기
Roger R. Schell ; Douglas Lavell Hale ; Willard Monten Wiseman ; James P. Anderson, Trusted workstation in a networked client/server computing system.
상세보기
Boyle John ; Holden James M. ; Levin Stephen E. ; Maiwald Eric S. ; Nickel James O. ; Snow ; deceased David Wayne ; Wrench ; Jr. Edwin H., Using trusted associations to establish trust in a computer network.
상세보기
Fisk,Mark; Carroll,Robert; Maruyama,Hirosi; Ghafir,Hatem, Vault controller context manager and methods of operation for securely maintaining state information between successive browser connections in an electronic business system.
상세보기
Freeman Martin, Verification of software agents and agent activities.
상세보기

이 특허를 인용한 특허 (2)

Fries,Robert M, Archiving data in a virtual application environment.
상세보기
England, Paul; Peinado, Marcus; Simon, Daniel R.; Benaloh, Josh D., Manifest-based trusted agent management in a trusted operating system environment.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Manifest-based trusted agent management in a trusted operating system environment 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (114)

이 특허를 인용한 특허 (2)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Manifest-based trusted agent management in a trusted operating system environment 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (114)

이 특허를 인용한 특허 (2)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트