Processing

Please wait...

Settings

Settings

Goto Application

1. US20090271618 - Attestation of computing platforms

Office United States of America
Application Number 12439236
Application Date 03.07.2007
Publication Number 20090271618
Publication Date 29.10.2009
Grant Number 08555072
Grant Date 08.10.2013
Publication Kind B2
IPC
H04L 9/32
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system
G06F 11/30
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
11Error detection; Error correction; Monitoring
30Monitoring
G06F 21/00
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
H04L 29/06
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04K 1/00
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
1Secret communication
G06Q 20/00
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
20Payment architectures, schemes or protocols
Applicants Camenisch Jan Leonhard
International Business Machines Corporation
Poritz Jonathan A.
Zimmermann Roger Daniel
Inventors Camenisch Jan Leonhard
Poritz Jonathan A.
Zimmermann Roger Daniel
Agents Zarick Gail H.
Dougherty Anne Vachon
Priority Data 06119945 31.08.2006 EP
Title
(EN) Attestation of computing platforms
Abstract
(EN)

A method and apparatus for attesting the configuration of a computing platform to a verifier. A signature key (SK) is bound to the platform and bound to a defined configuration of the platform. A credential (C(SK), CDAA(SK)) for the signature key (SK) is obtained from an evaluator. This credential (C(SK), CDAA(SK)) certifies that the signature key (SK) is bound to an unspecified trusted platform configuration. The platform can then demonstrate to the verifier the ability to sign a challenge from the verifier using the signature key (SK), and demonstrate possession of the credential (C(SK), CDAA(SK)) to the verifier, thereby attesting that the platform has a trusted configuration without disclosing the platform configuration to the verifier.