[특허]Generating, migrating or exporting bound keys

Generating, migrating or exporting bound keys 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	H04L-029/06
출원번호	UP-0557581 (2006-11-08)
등록번호	US-7765397 (2010-08-13)
발명자 / 주소	England, Paul Peinado, Marcus
출원인 / 주소	Microsoft Corporation
인용정보	피인용 횟수 : 8 인용 특허 : 103

초록 ▼

In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with another aspect, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The data is decrypted using public key decryption and returned to the calling program only if the calling program is allowed to access the data.

대표청구항 ▼

The invention claimed is: 1. One or more computer storage media having stored thereon a plurality of instructions to implement a GenBoundKey operation, wherein the plurality of instructions, when executed by one or more processors of a computing device, causes the one or more processors to: generate, in response to a program calling the GenBoundKey operation, a data structure for a new bound key that is to be bound to the one or more processors, wherein the data structure includes: data that allows a private key of a public/private key pair to be recovered from the data structure; a key usage element that identifies a key operation that can be performed with the private key, the key operation being one of a decrypt operation that decrypts additional data using the private key, a sign operation that digitally signs additional data using the private key, and a quote operation that digitally signs both additional data and an identifier of a program invoking the quote operation; and a condition element that specifies one or more conditions under which the private key can be used; cryptographically protect the data structure; and return the cryptographically protected data structure generated by the GenBoundKey operation to the calling program. 2. One or more computer storage media as recited in claim 1, wherein the instructions that cause the one or more processors to cryptographically protect the data structure comprise instructions that cause the one or more processors to encrypt the data structure using a public key of the public/private key pair. 3. One or more computer storage media having stored thereon a plurality of instructions to implement a BoundKeyMigrate operation, wherein the plurality of instructions, when executed by one or more processors of a computing device, causes the one or more processors to: receive, as an input, a data structure including both a bound key and a usage condition that specifies under what conditions the bound key can be used, wherein the bound key is bound to a program calling the BoundKeyMigrate operation; verify that the usage condition can be changed by the program calling the BoundKeyMigrate operation, wherein to verify that the usage condition can be changed by the program calling the BoundKeyMigrate operation is to verify that the program calling the BoundKeyMigrate operation is permitted to migrate the bound key; and if the verification is successful, then change the usage condition and produce a new data structure including both the bound key and the changed usage condition. 4. One or more computer storage media as recited in claim 3, wherein the usage condition comprises an identifier of a program to which the key is bound. 5. One or more computer storage media as recited in claim 3, wherein the instructions that cause the one or more processors to verify that the usage condition can be changed by the program further comprise instructions that cause the one or more processors to verify that the bound key is marked as being migrateable. 6. One or more computer storage media as recited in claim 3, wherein the instructions that cause the one or more processors to verify that the usage condition can be changed by the program further comprise instructions that cause the one or more processors to verify that a logical formula evaluates true. 7. One or more computer storage media as recited in claim 3, wherein the instructions that cause the one or more processors to verify that the usage condition can be changed by the program further comprise instructions that cause the one or more processors to verify that execution of a particular program returns an indication of true. 8. One or more computer storage media as recited in claim 3, wherein the instructions that cause the one or more processors to verify that the usage condition can be changed by the program further comprise instructions that cause the one or more processors to verify that a time constraint is satisfied. 9. One or more computer storage media having stored thereon a plurality of instructions to implement a BoundKeyExport operation, wherein the plurality of instructions, when executed by a processor of a computing device, causes the processor to: receive, as an input, a data structure including a bound key, wherein the bound key is bound to a secure service processor via a cryptographic operation based on a key of the secure service processor; verify that the bound key can be re-bound to a different secure service processor, wherein to verify that the bound key can be re-bound to a different secure service processor is to verify that a program calling the BoundKeyExport operation is permitted to export the bound key; and re-bind the bound key to the different secure service processor if the verification is successful, wherein the bound key is re-bound to the different secure service processor via a cryptographic operation based on a key of the different secure service processor. 10. One or more computer storage media as recited in claim 9, wherein the secure service processor comprises the processor and the different secure service processor comprises another processor. 11. One or more computer storage media as recited in claim 9, wherein the different secure service processor is identified as an input to the BoundKeyExport operation. 12. One or more computer storage media as recited in claim 9, wherein the instructions that cause the processor to verify that the bound key can be re-bound to a different secure service processor further comprise instructions that cause the processor to verify that the bound key is marked as being exportable. 13. One or more computer storage media as recited in claim 9, wherein the instructions that cause the processor to verify that the bound key can be re-bound to a different secure service processor further comprise instructions that cause the processor to verify that a logical formula evaluates true. 14. One or more computer storage media as recited in claim 9, wherein the instructions that cause the processor to verify that the bound key can be re-bound to a different secure service processor further comprise instructions that cause the processor to verify that execution of a particular program returns an indication of true. 15. One or more computer storage media as recited in claim 9, wherein the instructions that cause the processor to verify that the bound key can be re-bound to a different secure service processor further comprise instructions that cause the processor to verify that a time constraint is satisfied.

이 특허에 인용된 특허 (103)

Parker Thomas A. (Calne GBX), Access control in a distributed computer system.
상세보기
Hardell ; Jr. William R. (Austin TX) Henson ; Jr. James D. (Austin TX) Mitchell Oscar R. (Pflugerville TX), Apparatus and method for booting a multiple processor system having a global/local memory architecture.
상세보기
Fieres Helmut ; Merkling Roger ; Klemba Keith, Application certification for an international cryptography framework.
상세보기
Ohta Kazuo (Fujisawa JPX) Okamoto Tatsuaki (Yokosuka JPX), Authentication system and apparatus therefor.
상세보기
Deo Vinay ; Seidensticker Robert B. ; Simon Daniel R., Authentication system and method for smart card transactions.
상세보기
Nevarez Carlos A ; Echols Grant G, Authority delegation with secure operating system queues.
상세보기
Bellare Mihir (New York NY) Rogaway Phillip W. (Davis CA), Block cipher mode of operation for secure, length-preserving encryption.
상세보기
Lampson, Butler W.; DeTreville, John D.; England, Paul, Boot blocks for software.
상세보기
Sadowsky Richard S. ; Isenberg Henri J. ; Trollope Rowan, Boot failure recovery.
상세보기
Fisher Jerald C. ; Nguyen Lien Dai ; Young James ; Seaburg Gunnar P. ; Hedlund Galen W. ; Katz Richard S., Channel configuration program server architecture.
상세보기
Atkinson Robert G. ; Price Robert M. ; Contorer Aaron M., Code certification for network transmission.
상세보기
Cummins Marty T. (Rochester MI), Computer software encryption apparatus.
상세보기
Grawrock,David W., Connecting a virtual token to a physical token.
상세보기
Lee, Chang-Hyi; Chung, Ho-Suk; Kang, Eun-Seong, Copy protection system for portable storage media.
상세보기
Herbert Howard C. ; Davis Derek L., Cryptographically protected paging subsystem.
상세보기
Brachtl Bruno O. (Baden-Wuerttenberg NY DEX) Coppersmith Don (Ossining NY) Hyden Myrna M. (Manassas VA) Matyas ; Jr. Stephen M. (Manassas VA) Meyer Carl H. W. (Kingston NY) Oseas Jonathan (Hurley NY), Data authentication using modification detection codes based on a public one way encryption function.
상세보기
Takahashi Kikuo (Hachioji JPX) Kagimasa Toyohiko (Hachioji JPX) Mori Toshiaki (Hachioji JPX), Data processing apparatus having a real memory region with a corresponding fixed memory protection key value and method.
상세보기
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
Hannah, Eric C., Digital content protection using a secure booting method and apparatus.
상세보기
LeBourgeois John H., Digitally certifying a user identity and a computer system in combination.
상세보기
Takahashi Richard J. (Phoenix AZ), Dual purpose security architecture with protected internal operating system.
상세보기
Johnson Woodrow W. ; Atkins Christine J. ; Yoh Jon, Electronic rights management and authorization system.
상세보기
Heer Daniel N. ; Rance Robert J., Encrypting method and apparatus enabling multiple access for multiple services and multiple transmission modes over a broadband communication network.
상세보기
Barr Adam D. ; Swift Michael M. ; Lenzmeier Charles T., Ensuring the integrity of remote boot client data.
상세보기
Karnik Milind ; Batz Joseph ; Tiruvallur Keshavan ; Glew Andrew ; Binns Frank ; Thakkar Shreekant ; Sarangdhar Nitin, Fault-tolerant boot strap mechanism for a multiprocessor system.
상세보기
Balk Michael W. (Piscataway NJ), File system for a data storage device having a power fail recovery mechanism for write/replace operations.
상세보기
Sekar Chandersekaran ; Sarbari Gupta, Framework-based cryptographic key recovery system.
상세보기
Olarig Sompong P. ; Angelo Michael F. ; Jansen Kenneth A., Hardware theft-protection architecture.
상세보기
Clark Paul C., Intelligent token protected system with network authentication.
상세보기
England,Paul; DeTreville,John D.; Lampson,Butler W., Key-based secure storage.
상세보기
England,Paul; DeTreville,John D.; Lampson,Butler W., Key-based secure storage.
상세보기
Griswold Gary N., Licensing management system and method in which datagrams including an address of a licensee and indicative of use of a.
상세보기
Hsu Gordon K. (Naperville IL) Su ; deceased Liheng M. (late of Naperville IL by Yung-Kuei Tan Su ; executrix), Locating information in an unsorted database utilizing a B-tree.
상세보기
Wheeler,Anne M.; Wheeler,Lynn Henry, Managing database for reliably identifying information of device generating digital signatures.
상세보기
Jablon David P. (Shrewsbury MA) Hanley Nora E. (Shrewsbury MA), Method and apparatus for assessing integrity of computer system software.
상세보기
Guillou Louis C. (Rennes FRX) Quisquater Jean-Jacques (Brussels BEX), Method and apparatus for authenticating accreditations and for authenticating and signing messages.
상세보기
Blumenau Steven M., Method and apparatus for authenticating connections to a storage system coupled to a network.
상세보기
Fletcher Rick ; Lin Pei-Chen, Method and apparatus for automatically updating software components on end systems over a network.
상세보기
Imai Toru,JPX ; Yoshida Hideki,JPX ; Segawa Hideo,JPX, Method and apparatus for data input/output management suitable for protection of electronic writing data.
상세보기
Gutowitz Howard A. (6395 Claremore La. San Diego CA 92120), Method and apparatus for encryption, decryption and authentication using dynamical systems.
상세보기
Helbig ; Sr. Walter A, Method and apparatus for enhancing computer system security.
상세보기
Chang Sheue-Ling ; Gosling James, Method and apparatus for enhancing software security and distributing software.
상세보기
Graunke Gary L. ; Rozas Carlos V., Method and apparatus for integrity verification, authentication, and secure linkage of software modules.
상세보기
Schmeidler,Yonah; Atkins,Derek; Eichin,Mark W.; Rostcheck,David J., Method and apparatus for secure content delivery over broadband access networks.
상세보기
Vu, Son Trung; Phan, Quang, Method and apparatus for secure processing of cryptographic keys.
상세보기
Merkling Roger ; Fieres Helmut ; Klemba Keith, Method and apparatus for trusted processing.
상세보기
Jeffrey Vinson ; Steig Westerberg ; Jeffrey DeVries, Method and apparatus to allow remotely located computer programs and/or data to be accessed on a local computer in a secure, time-limited manner, with persistent caching.
상세보기
Hsu Jerry,TWX ; Shen Sidney,TWX, Method and apparatus to protect computer software.
상세보기
Hennige Hartmut (23 Packman Lane ; Home Green Kirk Ella Hull HU10 7TH N. Humberside GB3), Method and device for simplifying the use of a plurality of credit cards, or the like.
상세보기
Berstis,Viktors; Rodriguez,Herman, Method and system for encryption of web browser cache.
상세보기
Ellison, Carl M.; Golliver, Roger A.; Herbert, Howard C.; Lin, Derrick C.; McKeen, Francis X.; Neiger, Gilbert; Reneris, Ken; Sutton, James A.; Thakkar, Shreekant S.; Mittal, Millind, Method and system for scrubbing an isolated area of memory after reset of a processor operating in isolated execution mode if a cleanup flag is set.
상세보기
Derek L. Davis ; Pranav Mehta, Method for BIOS authentication prior to BIOS execution.
상세보기
Graunke Gary L. ; Carbajal John ; Maliszewski Richard L. ; Rozas Carlos V., Method for securely distributing a conditional use private key to a trusted entity on a remote system.
상세보기
Patel Baiju V., Method for securing communications in a pre-boot environment.
상세보기
Rubin Aviel D. (East Hanover NJ), Method for the secure distribution of electronic files in a distributed environment.
상세보기
Preneel Bart K. B. (Heverlee BEX) Van Oorschot Paul C. (Ottawa CAX), Method of building fast MACS from hash functions.
상세보기
Coulier Charles,FRX ; Gordons Edouard,FRX ; Grimonprez Georges,FRX, Microprocessor-based memory card that limits memory accesses by application programs and method of operation.
상세보기
Johnson Herrick J. (Marblehead MA) Olson Margaret (Nashua NH) Jones Stuart (Cambridge MA) Bodoff Stephanie (Somerville MA) Bertrand Stephen C. (Waltham MA) Levine Paul H. (Carlisle MA), Network license server.
상세보기
Trostle Jonathan, Networked workstation intrusion detection system.
상세보기
Thomlinson Matthew W. ; Simon Daniel R. ; Yee Bennet, Non-biased pseudo random number generator.
상세보기
Lovelace John V. ; Nevis Bryon S., Operating system bootstrap security mechanism.
상세보기
Marino ; Jr. Joseph T. (Fountain Hills AZ) Borgoyne ; Jr. Ernest W. (Mesa AZ), Operational methods for a secure node in a computer network.
상세보기
Kuznetsov Oleg V. (Kiev UAX) Luchuk Dmitry A. (Kiev UAX), Personal computer security system.
상세보기
Horstmann Cay S., Relicensing of electronically purchased software.
상세보기
Rabne Michael W. ; Barker James A. ; Alrashid Tareq M.T. ; Christian Brian S. ; Cox Steven C. ; Slotta Elizabeth A. ; Upthegrove Luella R., Rights management system for digital media.
상세보기
Davis Derek L. (Phoenix AZ), Roving software license for a hardware agent.
상세보기
England, Paul; Peinado, Marcus, Saving and retrieving data based on symmetric key encryption.
상세보기
England,Paul; Peinado,Marcus, Saving and retrieving data based on symmetric key encryption.
상세보기
Davis Derek L., Secure BIOS.
상세보기
Arbaugh William A. ; Farber David J. ; Keromytis Angelos D. ; Smith Jonathan M., Secure and reliable bootstrap architecture.
상세보기
Holtey Thomas O. (Newton MA), Secure application card for sharing application data and procedures among a plurality of microprocessors.
상세보기
McMullan ; Jr. Jay C. (Doraville GA) Burleson David B. (Roswell GA) Borsetti ; Jr. Paul (Alpharetta GA) Filion John T. (Lawrenceville GA), Secure authorization and control method and apparatus for a game delivery service.
상세보기
Davis Derek L., Secure boot.
상세보기
Downs, Edgar; Gruse, George Gregory; Hurtado, Marco M.; Medina, Cesar; Milsted, Kenneth Louis, Secure electronic content management system.
상세보기
Angelo Michael F., Secure software registration and integrity assessment in a computer system.
상세보기
Grimonprez Georges (Villeneuve d\Asq FRX) Paradinas Pierre (Villeneuve d\Asq FRX), Secured method for loading a plurality of applications into a microprocessor memory card.
상세보기
Hinsley Stewart R. (Alsager GB3) Hughes Christopher D. (Audlem GB3), Security mechanism for a computer system.
상세보기
Mandelbaum Richard (Manalapan NJ) Sherman Stephen A. (Hackettstown NJ) Wetherington Diane R. (Bernardsville NJ), Smartcard adapted for a plurality of service providers and for remote installation of same.
상세보기
Chandra Ashileshwari N. (Mahopac NY) Comerford Liam D. (Carmel NY) White Steve R. (New York NY), Software protection system using a single-key cryptosystem, a hardware-based authorization system and a secure coprocess.
상세보기
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
상세보기
Hasebe Takayuki,JPX ; Akiyama Ryota,JPX ; Yoshioka Makoto,JPX, Storage medium for preventing an irregular use by a third party.
상세보기
Hurtado,Marco M.; Mahlbacher,James C.; Spagna,Richard L., Super-distribution of protected digital content.
상세보기
Rosen Sholom S. (New York NY), System and method for commercial payments using trusted agents.
상세보기
Lipner Steven B. (Oakton VA) Balenson David M. (Olney MD) Ellison Carl M. (Baltimore MD) Walker Stephen T. (Glenwood MD), System and method for data recovery.
상세보기
Lipner Steven B. ; Balenson David M. ; Ellison Carl M. ; Walker Stephen T., System and method for data recovery.
상세보기
Cox James O. (Austin TX) Mott James M. (Austin TX), System and method for secure initial program load for diskless workstations.
상세보기
Lampson, Butler W.; DeTreville, John D.; England, Paul, System and method for secure storage of data using public and private keys.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
상세보기
Schneck Paul B. ; Abrams Marshall D., System for controlling access and distribution of digital property.
상세보기
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
상세보기
Rosen Sholom S., Trusted agents for open distribution of electronic money.
상세보기
Rosen Sholom S. (New York NY), Trusted agents for open electronic commerce.
상세보기
Griffin Claire ; Barnes Douglas, Trusted delegation system.
상세보기
Boyle John ; Holden James M. ; Levin Stephen E. ; Maiwald Eric S. ; Nickel James O. ; Snow ; deceased David Wayne ; Wrench ; Jr. Edwin H., Using trusted associations to establish trust in a computer network.
상세보기

이 특허를 인용한 특허 (8)

Asokan, Nadarajah; Ekberg, Jan-Erik; Rantala, Aarne; Kylänpää, Markku, Credential provisioning.
상세보기
Takayama, Hisashi; Matsushima, Hideki; Ito, Takayuki; Haga, Tomoyuki; Nicolson, Kenneth Alexander, Information processing device, authentication system, authentication device, information processing method, information processing program, recording medium, and integrated circuit.
상세보기
England, Paul; Peinado, Marcus, Saving and retrieving data based on public key encryption.
상세보기
England, Paul; Peinado, Marcus, Saving and retrieving data based on public key encryption.
상세보기
England, Paul; Peinado, Marcus, Saving and retrieving data based on public key encryption.
상세보기
England, Paul; Peinado, Marcus, Saving and retrieving data based on public key encryption.
상세보기
England, Paul; Peinado, Marcus, Saving and retrieving data based on public key encryption.
상세보기
England, Paul; Peinado, Marcus, Saving and retrieving data based on public key encryption.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Generating, migrating or exporting bound keys 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (103)

이 특허를 인용한 특허 (8)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Generating, migrating or exporting bound keys 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (103)

이 특허를 인용한 특허 (8)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트