Resilient Device Authentication System
a technology of authentication system and resilient device, applied in the field of resilient device authentication system, can solve the problems of increasing operating complexity, risk, overhead, and complexity of authentication and identity across systems, and achieve the effect of reducing the upfront cost and burden, and reducing the cost of trust management and compromis
Inactive Publication Date: 2013-08-15
ANALOG DEVICES INC
View PDF0 Cites 8 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Benefits of technology
The present patent describes a new system for verifying the identity of users and ensuring the safety and integrity of electronic devices. This system uses hardware biometrics to create a holistic trust mechanism that extends from the physical hardware to the operating system, applications, and whole systems. The system can be used in a variety of applications and throughout the device's lifecycle. The hardware-based security functions include authentication, supply chain security, encryption, policy management, data or document certification, key management, and others. This innovation addresses the limitations of existing systems and offers a more efficient and effective solution for securing electronic devices.
Problems solved by technology
Managing authentication and identity across systems, users, and enterprises is complex and threat-prone, and increasingly so as endpoints and cloud-based systems continue proliferating.
Hitherto, the presumably attendant limitations and ongoing added operating complexity, risk, and overhead would have discouraged attempts to employ hardware biometrics in any types of architectures known to Applicant for managing and authenticating identities across systems, users, and enterprises, as would be required for a manufacturing through end-use approach.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0019]The following acronyms are used for basic aspects of the present system:[0020]“CVS” refers to the Complete Verification Set, which is a super-set of hardware-based part-authentication data.[0021]“LVS” refers to a Limited Verification Set, which is a set of data that is derived from part of the CVS.[0022]“ALVS” refers to an Application Limited Verification Set, which is a subset of elements chosen from part of an LVS.[0023]“VA” refers to a Verification Authority, which stores the CVS and creates and distributes LVSs therefrom.[0024]“PE” refers to a Provisioning Entity, which stores an LVS and constructs and distributes ALVSs therefrom.[0025]“DMS” refers to a Device Management System, which stores an ALVS and uses it to authenticate devices (i.e., specific hardware parts) in the system.
[0026]Referring to FIGS. 1 and 2, an embodiment of an RDA system 100 according to the present invention can manage authentication-related functions for diverse applications such as supply chain ri...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
A resilient device authentication system comprising: one or more verification authorities (VAs) including a memory loaded with a complete verification set that includes hardware part-specific data, and configured to create a limited verification set (LVS) therefrom; one or more provisioning entities (PEs) each connectable to at least one of the VAs, including a memory loaded with a LVS, and configured to select a subset of data therefrom so as to create an application limited verification set (ALVS); and one or more device management systems connectable to at least one of the PEs, including a memory loaded with an ALVS, and configured to manage device security-related applications through the performance of security-related functions on devices associated with the hardware part-specific data.
Description
RELATED APPLICATIONS[0001]This application claims the benefit of U.S. provisional patent application Ser. No. 61 / 597,819 filed Feb. 12, 2012 and entitled “Key Management Utilizing Physically-Unclonable Functions, and Cyber-Physical Security Measures,” which is incorporated herein by reference.BACKGROUND[0002]Managing authentication and identity across systems, users, and enterprises is complex and threat-prone, and increasingly so as endpoints and cloud-based systems continue proliferating. Current solutions for identity management, authentication, and key management are typically disparate in nature and confined in design and purpose to specific applications (e.g., network authentication protocols, PKIs, code-signing, biometrics, etc.). Various methods for deploying identity authentication technologies in contexts such as “smart grids,” cloud computing, and enterprise networks and network extensions typically include a variety of applications that would require a number of dissimil...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06F21/00
CPCG06F21/44H04L9/08H04L9/3271H04L9/3278
Inventor WALSH, JOHN J.DUREN, MICHAEL J.ALDRIDGE, HAL A.
Owner ANALOG DEVICES INC