[특허]Trusted computing platform

Trusted computing platform 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	G06F-017/50
출원번호	US-0249820 (2005-10-12)
등록번호	US-7444601 (2008-10-28)
우선권정보	EP-99301100(1999-02-15); GB-9905056.9(1999-03-05)
발명자 / 주소	Proudler,Graeme John Gupta,Dipankar Chen,Liqun Pearson,Siani Lynne Balacheff,Boris Van Wilder,Bruno Edgard Chan,David
출원인 / 주소	Hewlett Packard Development Company, L.P.
인용정보	피인용 횟수 : 11 인용 특허 : 15

초록 ▼

In a computing platform, a trusted hardware device (24) is added to the motherboard (20). The trusted hardware device (24) is configured to acquire an integrity metric, for example a hash of the BIOS memory (29), of the computing platform. The trusted hardware device (24) is tamper-resistant, difficult to forge and inaccessible to other functions of the platform. The hash can be used to convince users that that the operation of the platform (hardware or software) has not been subverted in some way, and is safe to interact with in local or remote applications. In more detail, the main processing unit (21) of the computing platform is directed to address the trusted hardware device (24), in advance of the BIOS memory, after release from 'reset'. The trusted hardware device (24) is configured to receive memory read signals from the main processing unit (21) and, in response, return instructions, in the native language of the main processing unit (21), that instruct the main processing unit to establish the hash and return the value to be stored by the trusted hardware device (24). Since the hash is calculated in advance of any other system operations, this is a relatively strong method of verifying the integrity of the system. Once the hash has been returned, the final instruction calls the BIOS program and the system boot procedure continues as normal. Whenever a user wishes to interact with the computing platform, he first requests the integrity metric, which he compares with an authentic integrity metric that was measured by a trusted party. If the metrics are the same, the platform is verified and interactions can continue. Otherwise, interaction halts on the basis that the operation of the platform may have been subverted.

대표청구항 ▼

The invention claimed is: 1. Computing apparatus comprising, mounted on an assembly, a main processor, a main memory and a trusted device, wherein the trusted device itself comprises a trusted device processor and a trusted device memory, whereby the trusted device processor is arranged to acquire a true value of an integrity metric of the computing apparatus and the trusted device memory contains a certificate signed by a trusted third party, whereby the trusted device is adapted to report the true value of the integrity metric together with the certificate. 2. Computing apparatus according to claim 1, wherein the trusted device has stored in trusted device memory a unique identity of the trusted device and a secret. 3. Computing apparatus according to claim 2, wherein the secret comprises a private encryption key. 4. Computing apparatus according to claim 3, wherein the trusted device memory also contains a respective public encryption key that has been signed by a trusted party. 5. Computing apparatus according to claim 3, wherein the trusted device processor has access to an encryption function and whereby the trusted device is arranged to generate a response to a received challenge, the response comprising the true value of the integrity metric signed by the encryption function using the private asymmetric encryption key. 6. Computing apparatus according to claim 1, wherein the certificate contains a reference value of the integrity metric. 7. Computing apparatus according to claim 1, wherein the certificate contains a public key of the trusted device. 8. A trusted device for use as a functional component in a computing apparatus, the trusted device being adapted for mounting on an assembly of the computing apparatus and comprising: an interface for communication with other functional components of the computing apparatus, a trusted device processor, and a trusted device memory storing a certificate signed by a trusted third party; the trusted device being adapted to acquire a true value of an integrity metric of the computing apparatus and to report this true value together with the certificate. 9. A trusted device according to claim 8, wherein the certificate contains a reference value of the integrity metric. 10. A trusted device according to claim 8, wherein the certificate contains a public key of the trusted device.

이 특허에 인용된 특허 (15)

Davis Derek L., Apparatus and method for providing secured communications.
상세보기
Michael S. Jerger ; Jeffrey A. Bisset ; Craig T. Sinclair ; Michael J. Toutonghi, Declarative permission requests in a computer system.
상세보기
England Paul ; DeTreville John D. ; Lampson Butler W., Digital rights management operating system.
상세보기
England Paul ; DeTreville John D. ; Lampson Butler W., Loading and identifying a digital rights management operating system.
상세보기
Jablon David P. (Shrewsbury MA) Hanley Nora E. (Shrewsbury MA), Method and apparatus for assessing integrity of computer system software.
상세보기
Chang Steve M. (Rancho Palos Verdes CA), Method and apparatus for controlling network and workstation access prior to workstation boot.
상세보기
Chang Steve Ming-Jang (Tokyo JPX), Method and apparatus for controlling network and workstation access prior to workstation boot.
상세보기
Veil Leonard Scott, Method and system for authenticating and utilizing secure resources in a computer system.
상세보기
Veil Leonard Scott ; Ward Gary Paul ; Weiss Richard Alan ; Murray Eric Alan, Method and system for secure transactions in a computer system.
상세보기
Davis Derek L., Secure BIOS.
상세보기
Arbaugh William A. ; Farber David J. ; Keromytis Angelos D. ; Smith Jonathan M., Secure and reliable bootstrap architecture.
상세보기
Tajalli Homayoon (Ellicott City MD) Badger Mark L. (Rockville MD) Dalva David I. (Rockville MD) Walker Stephen T. (Glenwood MD), System and method for controlling the use of a computer.
상세보기
Teper Jeffrey A. ; Koneru Sudheer ; Mangione Gordon ; Balaz Rudolph ; Contorer Aaron M. ; Chao Lucy, System and method for providing trusted brokering services over a distributed network.
상세보기
Gressel, Carmi David; Milstein, David; Sander, Avi; Hadad, Isaac; Granot, Ran, System for safe collection of payment including electronic payment receipt generators having electronic purses.
상세보기
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기

이 특허를 인용한 특허 (11)

Durst, David I.; Kaish, Norman; Fraser, Jay, Authentication method and system.
상세보기
Fraser, Jay, Authentication method and system.
상세보기
Fraser, Jay; Weber, Lawrence, Authentication method and system.
상세보기
Ghose, Kanad, Continuous run-time validation of program execution: a practical approach.
상세보기
Takayama, Hisashi, Information terminal, security device, data protection method, and data protection program.
상세보기
Aldridge, Hal A.; Thal, Keith R., Secure network extension device and method.
상세보기
Ghose, Kanad, System and method for validating program execution at run-time.
상세보기
Ghose, Kanad, System and method for validating program execution at run-time.
상세보기
Ghose, Kanad, System and method for validating program execution at run-time using control flow signatures.
상세보기
Ghose, Kanad, System and method for validating program execution at run-time using control flow signatures.
상세보기
Ghose, Kanad, System and method for validating program execution at run-time using control flow signatures.
상세보기

내보내기 메뉴

내보내기 구분

파일저장
인쇄
메일전송

구성항목

기본정보
상세정보

관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC

저장형식

Text(ASCII format)
Excel format
PIAS분석(.xls)

메일정보

받는사람 (필수): @
보내는사람 (선택): @
제목
내용: KISTI 검색결과 이메일 서비스

안내

총 건의 자료가 검색되었습니다.

다운받으실 자료의 인덱스를 입력하세요. (1-10,000)

검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다.

데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요)

다운로드 파일은 UTF-8 형태로 저장됩니다.
파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오.

Text(ASCII format)
Excel format

AI-Helper ※ AI-Helper는 을 사용합니다.

AI-Helper

안녕하세요, AI-Helper입니다. 좌측 "선택된 텍스트"에서 텍스트를 선택하여 요약, 번역, 용어설명을 실행하세요.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

연합인증

Trusted computing platform 원문보기