Patent
Identifying security boundaries on computing devices
Kinshuman Kinshumann,Yevgeniy A. Samsonov,Niels T. Ferguson,Mark F. Novak +3 more
- 04 Feb 2015
10
TL;DR: In this paper, multiple security boundaries are generated during booting of a computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary.
read more
Abstract: During booting of a computing device, multiple security boundaries are generated. A security boundary refers to a manner of operation of a computing device or a portion of the computing device, with a program executing in one security boundary being prohibited from accessing data and programs in another security boundary. As part of booting the computing device measurements of (e.g., hash values or other identifications of) various modules loaded and executed as part of booting the computing device are maintained by a boot measurement system of the computing device. Additionally, as part of booting the computing device, a public/private key pair of one of the security boundaries is generated or otherwise obtained. The private key of the public/private key pair is provided to the one security boundary, and the public key of the public/private key pair is provided to the boot measurement system.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Patent
Nand-based verified boot
Daniel Ari Ehrenberg,William A. Drewry +1 more
- 02 Oct 2015
TL;DR: In this article, a NAND-flash memory comprising a read-only portion storing boot code and a key, and a system on a chip (SoC) coupled to the NAND flash memory is provided.
10
Patent
Diversification of Public Keys
Lei Wei,Sierra Yannick L,Per Love Hornquist Astrand +2 more
- 23 Sep 2016
TL;DR: In this article, the authors proposed a method for providing public keys for encrypting data, which receives a first request from a first source for a public key associated with a particular user and a second request from another source for the public keyassociated with the particular user, and in response to the first request, the method distributes a second, different public key for the particular users to the second source.
8
Patent
Association of address with cloud services account
Bonnet Olivier,Hong Van +1 more
- 14 Dec 2017
TL;DR: In this article, the authors present a method for an electronic device to access a shared data asset via a cloud services platform via a communication address, through which the device receives an invitation to access the shared data assets via the cloud.
5
Patent
Enclave launch and authentication
Ndu Geoffrey,Jacquin Ludovic Emmanuel Paul Noel,Edwards Nigel +2 more
- 12 Sep 2019
TL;DR: In this paper, the authors propose a method comprising: launching, by a pre-boot environment, a preboot launch enclave (LE), creating, by the pre-Boot LE, a launch token for a pre boot quoting enclave (QE); authenticating, by pre- Boot Enclave, the launch token; launching, in response to the authentication, the preboot QE; generating, by boot Enclave QE, a public provisioning key, a private Provisioning Key (PKey), and an attestation key.
4
Patent
System and method for prioritizing and filtering cec commands
Arsham Hatambeiki
- 29 Jan 2015
TL;DR: In this article, a first controllable appliance receives from a second controllably trustworthy appliance a command for causing it to be placed into a state and, in response, determines a trust level of the second controLLable appliance.
3
References
•Proceedings Article
vTPM: virtualizing the trusted platform module
Stefan Berger,Ramón Cáceres,Kenneth Alan Goldman,Ronald Perez,Reiner Sailer,Leendert van Doorn +5 more
- 31 Jul 2006
TL;DR: The design and implementation of a system that enables trusted computing for an unlimited number of virtual machines on a single hardware platform and four designs for certificate chains to link the virtual TPM to a hardware TPM are presented, with security vs. efficiency trade-offs based on threat models.
Patent
Secure Network Cloud Architecture
Bradford Thomas Spiers,Miroslav Halas,Richard A. Schimmel,Donald P. Provencher +3 more
- 16 Mar 2012
TL;DR: In this article, the authors describe an approach for requesting creation of virtual machine (VM) in a cloud environment comprising a virtual private cloud, through various communications between a cloud DMZ, cloud provider, and/or company's network, a VM instance may be securely created, initialized, booted, unlocked, and monitored through a series of interactions building upon a root of trust.
341
Patent
Methods and systems for providing access to a computing environment
Richard James Mazzaferri,David Neil Robinson +1 more
- 28 Nov 2006
TL;DR: In this article, a broker machine receives a request from a client machine for access to a computing environment, the request including an identification of a user of the client machine, and one of a plurality of virtual machines is identified, the identified virtual machine providing the requested computing environment.
340
Patent
Distributed trusted virtualization platform
Peter F. Foley,Rajesh Gupta,Rao Cherukuri,Jithendra Bethur,Brent Haines +4 more
- 14 Oct 2008
TL;DR: In this paper, a platform architecture for trusted mobile internet end-point (MIEP) devices and cooperative agents hosted on a trusted server is proposed, where the MIEP device can participate in data flows, arbitrate authentication, and/or participate in implementing security mechanisms.
329
Patent
Trusted cloud computing and services framework
Rahul V. Auradkar,Roy Peter D'Souza +1 more
- 04 Feb 2010
TL;DR: In this article, a digital escrow pattern is provided for network data services including searchable encryption techniques for data stored in a cloud, distributing trust across multiple entities to avoid a single point of data compromise.
238
Related Papers (5)
Phillip Riscombe-Burton,Lance Craner,Ronald S. Vaisbort +2 more
- 18 Mar 2015
Hsu Hsiong Ke Desmond
- 25 Jan 2018
Paul C. Drews
- 31 Dec 1998