WO2006115533A3 - Protected computing environment - Google Patents

Protected computing environment Download PDF

Info

Publication number
WO2006115533A3
WO2006115533A3 PCT/US2005/030490 US2005030490W WO2006115533A3 WO 2006115533 A3 WO2006115533 A3 WO 2006115533A3 US 2005030490 W US2005030490 W US 2005030490W WO 2006115533 A3 WO2006115533 A3 WO 2006115533A3
Authority
WO
WIPO (PCT)
Prior art keywords
kernel
computing environment
security state
secure process
protected computing
Prior art date
Application number
PCT/US2005/030490
Other languages
French (fr)
Other versions
WO2006115533A2 (en
Inventor
Sumedh N Barde
Jonathan D Schwartz
Reid Joseph Kuhn
Alexandre Vicktor Grigorovitch
Kirt A Debique
Chadd B Knowlton
James M Alkove
Geoffrey T Dunbar
Michael J Grier
Ming Ma
Chaitanya D Upadhyay
Adil Ahmed Sherwani
Arun Upadhyaya Kishan
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/116,598 external-priority patent/US20060242406A1/en
Application filed by Microsoft Corp filed Critical Microsoft Corp
Priority to CN2005800495535A priority Critical patent/CN101189615B/en
Priority to KR1020077024145A priority patent/KR101238496B1/en
Publication of WO2006115533A2 publication Critical patent/WO2006115533A2/en
Publication of WO2006115533A3 publication Critical patent/WO2006115533A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/106Enforcing content protection by specific content processing
    • G06F21/1064Restricting content processing at operating system level
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]

Abstract

A method of establishing a protected environment within a computing device including validating a kernel component loaded into a kernel of the computing device, establishing a security state for the kernel based on the validation, creating a secure process and loading a software component into the secure process, periodically checking the security state of the kernel, and notifying the secure process when the security state of the kernel has changed.
PCT/US2005/030490 2005-04-22 2005-08-26 Protected computing environment WO2006115533A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN2005800495535A CN101189615B (en) 2005-04-22 2005-08-26 Method for establishing and maintaining protected computing environment
KR1020077024145A KR101238496B1 (en) 2005-04-22 2005-08-26 Protected computing environment

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US67397905P 2005-04-22 2005-04-22
US60/673,979 2005-04-22
US11/116,598 2005-04-27
US11/116,598 US20060242406A1 (en) 2005-04-22 2005-04-27 Protected computing environment

Publications (2)

Publication Number Publication Date
WO2006115533A2 WO2006115533A2 (en) 2006-11-02
WO2006115533A3 true WO2006115533A3 (en) 2007-11-15

Family

ID=46062814

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/030490 WO2006115533A2 (en) 2005-04-22 2005-08-26 Protected computing environment

Country Status (3)

Country Link
KR (1) KR101238496B1 (en)
TW (1) TWI428786B (en)
WO (1) WO2006115533A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9363481B2 (en) 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
CN109753347B (en) * 2017-11-06 2023-03-21 阿里巴巴集团控股有限公司 System and method for realizing driving

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6327652B1 (en) * 1998-10-26 2001-12-04 Microsoft Corporation Loading and identifying a digital rights management operating system
US20030005335A1 (en) * 2001-06-28 2003-01-02 Hidekazu Watanabe Protecting secured codes and circuits in an integrated circuit
US20040158742A1 (en) * 2003-02-07 2004-08-12 Broadon Secure and backward-compatible processor and secure software execution thereon

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7343493B2 (en) * 2002-03-28 2008-03-11 Lenovo (Singapore) Pte. Ltd. Encrypted file system using TCPA

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6327652B1 (en) * 1998-10-26 2001-12-04 Microsoft Corporation Loading and identifying a digital rights management operating system
US20030005335A1 (en) * 2001-06-28 2003-01-02 Hidekazu Watanabe Protecting secured codes and circuits in an integrated circuit
US20040158742A1 (en) * 2003-02-07 2004-08-12 Broadon Secure and backward-compatible processor and secure software execution thereon

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan

Also Published As

Publication number Publication date
TWI428786B (en) 2014-03-01
WO2006115533A2 (en) 2006-11-02
KR101238496B1 (en) 2013-03-04
KR20080008337A (en) 2008-01-23
TW200638237A (en) 2006-11-01

Similar Documents

Publication Publication Date Title
WO2007146519A3 (en) Automated priority restores
WO2005091757A3 (en) Autonomous memory checker for runtime security assurance and method therfore
HK1073225A2 (en) An electronic transaction system with enhanced transaction security and its electronic transaction method.
WO2006074294A3 (en) Methods and apparatus providing security to computer systems and networks
WO2004055634A3 (en) Systems and methods for detecting a security breach in a computer system
WO2007065307A3 (en) Handling a device related operation in a virtualization environment
WO2006133222A3 (en) Constraint injection system for immunizing software programs against vulnerabilities and attacks
EP1780654A4 (en) Communication system, contents processing device, communication method, and computer program
WO2005008417A3 (en) Method and system for protecting against computer viruses
WO2008148130A3 (en) Distributed system for monitoring information events
EP1934935A4 (en) Device, system and method for reducing an interaction time for a contactless transaction
EP1708477A4 (en) Unauthorized copy preventing device and method thereof, and program
WO2008033153A3 (en) Methods and systems for identifying safe havens for hazardous material transports
WO2007050590A3 (en) Media content delivery audit and verification services
EP1783655A4 (en) Communication system, communication method, contents processing device, and computer program
EP2160696A4 (en) Methods, systems and computer program products for interacting with iso 14443-4 and mifare ®applications on the same wireless smart device during a common transaction
WO2007147089A3 (en) Family code determination using brand and sub-brand
WO2007141648A3 (en) Method, electronic device, apparatus, system and computer program product for updating an electronic device security policy
EP1958118A4 (en) Computer program product, apparatus and method for secure http digest response verification and integrity protection in a mobile terminal
EP1796061A4 (en) Encryption computing method, encryption device, and computer program
WO2010041852A3 (en) Method and system for perpetual computing using non-volatile random access memory (nvram)
GB201014924D0 (en) Methods, systems and computer program products for updating software on a data processing system based on transition rules between classes of compatible versi
GB0501878D0 (en) Article and a mobile networkable device for reading data from an article and system methods and software relating thereto
WO2008055220A3 (en) Automated review and hold placement
EP1821172A4 (en) Collation method, collation system, computer, and program

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200580049553.5

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 1020077024145

Country of ref document: KR

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

122 Ep: pct application non-entry in european phase

Ref document number: 05792627

Country of ref document: EP

Kind code of ref document: A2