Unlock instant, AI-driven research and patent intelligence for your innovation.

Device attestation via secure hardened management agent

A technology for computing equipment and equipment management, which is applied in the direction of safety communication devices, computer safety devices, electrical digital data processing, etc., and can solve problems such as difficulties

Active Publication Date: 2021-02-05
MICROSOFT TECH LICENSING LLC
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Allowing such access while restricting which devices or resources can be accessed based on administrative expectations for a particular environment remains a difficult task

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Device attestation via secure hardened management agent
  • Device attestation via secure hardened management agent
  • Device attestation via secure hardened management agent

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0009] This article discusses device attestation through a security-hardened management agent. When the computing device boots, the computing device boots in a secure manner that allows metrics that reflect which components or modules were loaded and executed during boot (e.g., metrics that identify which components or modules were loaded and executed or based on which generated metrics) are generated. Metrics of the security posture of these components or modules, as well as device management agents and computing devices, are also obtained by the metrics system. A device management agent accesses an attestation service for a collection of devices or other resources managed by the management service, referred to herein as an enterprise. The device management agent provides metrics from the metrics system to an attestation service that evaluates the metrics and determines whether the computing device is authenticated for use in the enterprise based on the evaluation. An indic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The device boots in a secure manner that allows generation of metrics reflecting which components were loaded during boot (302). Metrics ( 302 ) are also obtained for these components, as well as the device management agent ( 304 ) and the security state of the device. The device management agent accesses the attestation service ( 306 ) for the enterprise as a collection of resources managed by the management service. The device management agent provides the obtained metrics to a validation service that evaluates the metrics and determines whether the device is certified for use in the enterprise based on the evaluation ( 308 ). The management service uses this verification to ensure that the device management agent is operating in a secure manner, is accurately providing the management service with an indication of the device's state, and is implementing the policies received from the management service (310 and 312).

Description

Background technique [0001] Computing devices have become commonplace in many areas of our lives. Given the number of computing devices available to us and the functionality they provide, it is often desirable to use computing devices to access other devices or resources in a particular environment, such as a corporate environment. Allowing such access while restricting which devices or resources may be accessed based on administrative expectations of a particular environment remains a difficult task. SUMMARY OF THE INVENTION [0002] This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. [0003] According to one or more aspects, a computing device is securely booted comprising generating one or more...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/575H04L9/3234H04L2209/127G06F21/572G06F21/602G06F2221/033H04L63/20
Inventor J.瓦苏德文P.D.瓦克斯曼K.金淑曼J.A.候P.J.考夫曼朱于航G.维斯瓦纳桑S.R.谢尔
Owner MICROSOFT TECH LICENSING LLC