Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2018140171) ADDRESSING A TRUSTED EXECUTION ENVIRONMENT USING CLEAN ROOM PROVISIONING
Latest bibliographic data on file with the International Bureau    Submit observation

Pub. No.: WO/2018/140171 International Application No.: PCT/US2017/067462
Publication Date: 02.08.2018 International Filing Date: 20.12.2017
IPC:
G06F 21/53 (2013.01) ,G06F 21/74 (2013.01) ,H04L 9/08 (2006.01) ,H04L 29/06 (2006.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52
during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
53
by executing in a restricted environment, e.g. sandbox or secure virtual machine
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
70
Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
71
to assure secure computing or processing of information
74
operating in dual or compartmented mode, i.e. at least one secure mode
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9
Arrangements for secret or secure communication
06
the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
08
Key distribution
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29
Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02
Communication control; Communication processing
06
characterised by a protocol
Applicants:
MICROSOFT TECHNOLOGY LICENSING, LLC [US/US]; One Microsoft Way Redmond, Washington 98052-6399, US
Inventors:
NOVAK, Mark F.; US
Agent:
MINHAS, Sandip S.; US
CHEN, Wei-Chen Nicholas; US
DRAKOS, Katherine J.; US
HINOJOSA, Brianna L.; US
HOLMES, Danielle J.; US
SWAIN, Cassandra T.; US
WONG, Thomas S.; US
CHOI, Daniel; US
HWANG, William C.; US
WIGHT, Stephen A.; US
CHATTERJEE, Aaron C.; US
Priority Data:
15/417,01726.01.2017US
Title (EN) ADDRESSING A TRUSTED EXECUTION ENVIRONMENT USING CLEAN ROOM PROVISIONING
(FR) COMMUNICATION AVEC UN ENVIRONNEMENT D'EXÉCUTION SÉCURISÉ À L'AIDE D'UN DÉPLOIEMENT DE SALLE PROPRE
Abstract:
(EN) Methods, systems, and devices are described herein for delivering protected data to a trusted execution environment (TrEE) associated with an untrusted requestor. In one aspect, a targeting protocol head, or other intermediary between a requestor and a key management system or other store of protected data may register a public encryption key of a TrEE that corresponds to a private encryption key held by the TrEE or a symmetric key of the TrEE. The targeting protocol head may receive a request for protected data from a requestor associated with the TrEE, and retrieve the protected data for example, from a key management system or store of protected data. The targeting protocol head may generate targeted protected data by encrypting the protected data with the public encryption key or symmetric key of the TrEE. The targeting protocol head may then send the targeted protected data to the requestor.
(FR) La présente invention concerne des procédés, des systèmes et des dispositifs permettant de distribuer des données protégées à un environnement d'exécution de confiance (TrEE) associé à un demandeur non sécurisé. Selon un aspect, une tête de protocole de ciblage ou un autre intermédiaire entre un demandeur et un système de gestion de clés ou un autre magasin de données protégées peut enregistrer une clé de chiffrement publique d'un TrEE qui correspond à une clé de chiffrement privée détenue par le TrEE ou une clé symétrique du TrEE. La tête de protocole de ciblage peut recevoir une demande de données protégées d'un demandeur associé au TrEE et récupérer les données protégées par exemple à partir d'un système de gestion de clés ou d'un magasin de données protégées. La tête de protocole de ciblage peut générer des données protégées ciblées en chiffrant les données protégées avec la clé de chiffrement publique ou une clé symétrique du TrEE. La tête de protocole de ciblage peut ensuite envoyer les données protégées ciblées au demandeur.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)