公开(公告)号：CA2482243C

公开(公告)日：2013-10-29

申请号：CA2482243

申请日：2004-09-21

Applicant: MICROSOFT CORP

Inventor： DHIR ANSHUL ,  RAY KENNETH D ,  ENGLAND PAUL ,  KURIEN THEKKTHALACKAL VARUGIS

IPC: G06F3/14 ,  G06F21/24 ,  G06F1/00 ,  G06F9/06 ,  G06F9/50 ,  G06F12/14 ,  G06F15/00 ,  G06F15/16 ,  G06F21/00 ,  G06F21/22 ,  G06K19/073 ,  G09C1/00 ,  H04L9/32

Abstract: A resource is obtained from a resource provider (RP) for a resource requester (RR) operating on a computing device. The RR has an identity descriptor (id) associated therewith, where the id including security-related information specifying an environment in which the RR operates. A code identity (code-ID) is calculated corresponding to and based on the loaded RR and loaded id. The RP verifies that the calculated code-ID in a request for the resource matches one of one or more valid code-IDs for the identified RR to conclude that the RR and id can be trusted, and the RP responds to the forwarded request by providing the requested resource to the RR.

公开(公告)号：AU2004214529A1

公开(公告)日：2005-05-12

申请号：AU2004214529

申请日：2004-09-22

Applicant: MICROSOFT CORP

Inventor： KURIEN THEKKTHALACKAL VARUGIS ,  ENGLAND PAUL ,  RAY KENNETH D ,  DHIR ANSHUL

IPC: G06F21/24 ,  G06F1/00 ,  G06F3/14 ,  G06F9/06 ,  G06F9/50 ,  G06F12/14 ,  G06F15/00 ,  G06F15/16 ,  G06F21/00 ,  G06F21/22 ,  G06K19/073 ,  G09C1/00 ,  H04L9/32

Abstract: A resource is obtained from a resource provider (RP) for a resource requester (RR) operating on a computing device. The RR has an identity descriptor (id) associated therewith, where the id including security-related information specifying an environment in which the RR operates. A code identity (code-ID) is calculated corresponding to and based on the loaded RR and loaded id. The RP verifies that the calculated code-ID in a request for the resource matches one of one or more valid code-IDs for the identified RR to conclude that the RR and id can be trusted, and the RP responds to the forwarded request by providing the requested resource to the RR.

公开(公告)号：CA2480906A1

公开(公告)日：2005-04-24

申请号：CA2480906

申请日：2004-09-09

Applicant: MICROSOFT CORP

Inventor： KURIEN THEKKTHALACKAL VARUGIS ,  ENGLAND PAUL ,  PEINADO MARCUS ,  RAY KENNETH D

IPC: G06F21/24 ,  G06F1/00 ,  G06F3/00 ,  G06F9/44 ,  G06F9/45 ,  G06F9/46 ,  G06F12/14 ,  G06F15/76 ,  G06F17/00 ,  G06F21/00 ,  G06F21/22

Abstract: Application factoring or partitioning is used to integrate secure features into a conventional application. An application's functionality is partitioned into two sets according to whether a given action does, or does not, involve the handling of sensitive data. Separate software objects (processors) are created to perform these two sets of actions. A trusted processor handles secure data and runs in a high-assurance environment. When another processor encounters secure data, that data is sent to the trusted processor. The data is wrapped in such a way tha t allows it to be routed to the trusted processor, and prevents the data from being deciphered by any entity other than the trusted processor. An infrastructure is provided that wraps objects, routes them to the correct processor, and allows their integrity to be attested through a chain of trus t leading back to base component that is known to be trustworthy.

公开(公告)号：NO332737B1

公开(公告)日：2012-12-27

申请号：NO20052391

申请日：2005-05-18

Applicant: MICROSOFT CORP

Inventor： ENGLAND PAUL ,  WILLMAN BRYAN MARK ,  RAY KENNETH D ,  KURIEN THEKKTHALACKAL VARUGIS ,  HUNTER JAMIE ,  MCMICHAEL LONNY DEAN ,  LASALLE DEREK NORMAN ,  JACOMET PIERRE ,  PALEY MARK ELIOT ,  CROSS DAVID B

IPC: G06F9/445 ,  G06F1/00 ,  G06F11/00 ,  G06F21/00 ,  G06N20060101

Abstract: A mechanism for protected operating system boot that prevents rogue components from being loaded with the operating system, and thus prevents divulgence of the system key under inappropriate circumstances. After a portion of the machine startup procedure has occurred, the operating system loader is run, the loader is validated, and a correct machine state is either verified to exist and/or created. Once the loader has been verified to be a legitimate loader, and the machine state under which it is running is verified to be correct, the loader's future behavior is known to protect against the loading of rogue components that could cause divulgence of the system key With the loader's behavior being known to be safe for the system key, the validator may unseal the system key and provides it to the loader.

公开(公告)号：DE602005024744D1

公开(公告)日：2010-12-30

申请号：DE602005024744

申请日：2005-06-23

Applicant: MICROSOFT CORP

Inventor： WILLMAN BRYAN MARK ,  CROSS DAVID B ,  ENGLAND PAUL ,  RAY KENNETH D ,  HUNTER JAMIE ,  MCMICHAEL LONNY DEAN ,  LASALLE DEREK NORMAN ,  JACOMET PIERRE ,  PALEY MARK ELIOT ,  KURIEN THEKKTHALACKAL VARUGIS

IPC: G06F9/445 ,  G06F1/00 ,  G06F11/00 ,  G06F21/00 ,  G06N20060101

公开(公告)号：DE602004022004D1

公开(公告)日：2009-08-27

申请号：DE602004022004

申请日：2004-09-02

Applicant: MICROSOFT CORP

Inventor： DHIR ANSHUL ,  RAY KENNETH D ,  ENGLAND PAUL ,  KURIEN THEKKTHALACKAL VARUGIS

IPC: G06F21/00 ,  G06F1/00 ,  G06F21/24 ,  G06F3/14 ,  G06F9/06 ,  G06F9/50 ,  G06F12/14 ,  G06F15/00 ,  G06F15/16 ,  G06F21/22 ,  G06K19/073 ,  G09C1/00 ,  H04L9/32

Abstract: A resource is obtained from a resource provider (RP) for a resource requester (RR) operating on a computing device. The RR has an identity descriptor (id) associated therewith, where the id including security-related information specifying an environment in which the RR operates. A code identity (code-ID) is calculated corresponding to and based on the loaded RR and loaded id. The RP verifies that the calculated code-ID in a request for the resource matches one of one or more valid code-IDs for the identified RR to conclude that the RR and id can be trusted, and the RP responds to the forwarded request by providing the requested resource to the RR.

公开(公告)号：HK1087216A1

公开(公告)日：2006-10-06

申请号：HK06107239

申请日：2006-06-27

Applicant: MICROSOFT CORP

Inventor： WILLMAN BRYAN MARK ,  CROSS DAVID B ,  ENGLAND PAUL ,  RAY KENNETH D ,  HUNTER JAMIE ,  MCMICHAEL LONNY DEAN ,  LASALLE DEREK NORMAN ,  JACOMET PIERRE ,  PALEY MARK ELIOT ,  KURIEN THEKKTHALACKAL VARUGIS

IPC: G06F9/445 ,  G06F11/00 ,  G06F21/00 ,  G06N20060101

Abstract: A mechanism for protected operating system boot that prevents rogue components from being loaded with the operating system, and thus prevents divulgence of the system key under inappropriate circumstances. After a portion of the machine startup procedure has occurred, the operating system loader is run, the loader is validated, and a correct machine state is either verified to exist and/or created. Once the loader has been verified to be a legitimate loader, and the machine state under which it is running is verified to be correct, the loader's future behavior is known to protect against the loading of rogue components that could cause divulgence of the system key With the loader's behavior being known to be safe for the system key, the validator may unseal the system key and provides it to the loader.

公开(公告)号：NO20052391L

公开(公告)日：2006-01-02

申请号：NO20052391

申请日：2005-05-18

Applicant: MICROSOFT CORP

Inventor： ENGLAND PAUL ,  WILLMAN BRYAN MARK ,  RAY KENNETH D ,  KURIEN THEKKTHALACKAL VARUGIS ,  HUNTER JAMIE ,  MCMICHAEL LONNY DEAN ,  LASALLE DEREK NORMAN ,  JACOMET PIERRE ,  PALEY MARK ELIOT ,  CROSS DAVID B

IPC: G06F9/445 ,  G06F1/00 ,  G06F11/00 ,  G06F21/00 ,  G06N20060101

Abstract: A mechanism for protected operating system boot that prevents rogue components from being loaded with the operating system, and thus prevents divulgence of the system key under inappropriate circumstances. After a portion of the machine startup procedure has occurred, the operating system loader is run, the loader is validated, and a correct machine state is either verified to exist and/or created. Once the loader has been verified to be a legitimate loader, and the machine state under which it is running is verified to be correct, the loader's future behavior is known to protect against the loading of rogue components that could cause divulgence of the system key With the loader's behavior being known to be safe for the system key, the validator may unseal the system key and provides it to the loader.

公开(公告)号：NO20052391A

公开(公告)日：2006-01-02

申请号：NO20052391

申请日：2005-05-18

Applicant: MICROSOFT CORP

Inventor： ENGLAND PAUL ,  WILLMAN BRYAN MARK ,  RAY KENNETH D ,  KURIEN THEKKTHALACKAL VARUGIS ,  HUNTER JAMIE ,  MCMICHAEL LONNY DEAN ,  LASALLE DEREK NORMAN ,  JACOMET PIERRE ,  PALEY MARK ELIOT ,  CROSS DAVID B

IPC: G06F9/445 ,  G06F1/00 ,  G06F11/00 ,  G06F21/00 ,  G06N20060101

CPC classification number: G06F21/575 ,  G06F9/4401

公开(公告)号：NO20052391D0

公开(公告)日：2005-05-18

申请号：NO20052391

申请日：2005-05-18

Applicant: MICROSOFT CORP

Inventor： ENGLAND PAUL ,  WILLMAN BRYAN MARK ,  RAY KENNETH D ,  KURIEN THEKKTHALACKAL VARUGIS ,  HUNTER JAMIE ,  MCMICHAEL LONNY DEAN ,  LASALLE DEREK NORMAN ,  JACOMET PIERRE ,  PALEY MARK ELIOT ,  CROSS DAVID B

IPC: G06F9/445 ,  G06F11/00 ,  G06F21/00 ,  G06N20060101 ,  G06N

Abstract: A mechanism for protected operating system boot that prevents rogue components from being loaded with the operating system, and thus prevents divulgence of the system key under inappropriate circumstances. After a portion of the machine startup procedure has occurred, the operating system loader is run, the loader is validated, and a correct machine state is either verified to exist and/or created. Once the loader has been verified to be a legitimate loader, and the machine state under which it is running is verified to be correct, the loader's future behavior is known to protect against the loading of rogue components that could cause divulgence of the system key With the loader's behavior being known to be safe for the system key, the validator may unseal the system key and provides it to the loader.