Unlock instant, AI-driven research and patent intelligence for your innovation.

Secure cryptoprocessor for authorizing connected device requests

a cryptoprocessor and connected device technology, applied in the direction of program control, multi-programming arrangements, instruments, etc., can solve the problems of bluetooth devices lacking adequate protection for security credentials, users' bad habit of forgetting their cards in card readers, and the cost of smart cards issued

Inactive Publication Date: 2018-03-01
MICROSOFT TECH LICENSING LLC
View PDF9 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The patent describes a way to provide authorization for a device by using a secure cryptoprocessor. This can be a local or remote device that verifies the identity of a user or approves the actions the device seeks to perform. The secure cryptoprocessor computes a response based on protected authorization credentials and displays the information associated with the request for the user's assent. The technical effect of this invention is to provide a secure and efficient way to verify identity and approve actions without the need for a smart card.

Problems solved by technology

Unfortunately, issuing smart cards can be costly and require a user to hold multiple cards for multiple purposes.
Users have a bad habit of forgetting their cards in card readers, and systems accepting a smart card need additional hardware to read them.
These Bluetooth devices lack adequate protections for security credentials, however, so smart cards remain the overwhelming choice for two-factor authentication.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Secure cryptoprocessor for authorizing connected device requests
  • Secure cryptoprocessor for authorizing connected device requests
  • Secure cryptoprocessor for authorizing connected device requests

Examples

Experimental program
Comparison scheme
Effect test

example environments

[0015]FIG. 1 illustrates an environment including requesting and authorizing devices which are local to each other, the authorizing device utilizing its secure cryptoprocessor to compute a response to an authorization request from the requesting device. As illustrated at a location 102, an authorizing device 104 may be in proximity to a requesting device 106 and may communicate with the requesting device 106 over a wireless connection 108. The authorizing device 104 may have a secure cryptoprocessor 110 which the authorizing device 104 may utilize responsive to receiving an authorization request 112 from the requesting device 106. The secure cryptoprocessor 110 may compute an authorization response 114 to the authorization request 112, and the authorizing device 104 may provide the authorization response 114 to the requesting device 106. In some embodiments, the authorizing device 104 may display to a user 116 a user interface 118 with information associated with the authorization r...

example devices

[0037]FIG. 3 illustrates an example computing device 300 that includes a secure cryptoprocessor with protected authorization credentials for authorizing requests for one or more requesting devices. Computing device 300 may be an example of an authorizing device 104 or 204. As illustrated, the computing device 300 includes a memory 302 that stores an operating system 304 having a cryptoprocessor client 306, an authorization module 308, and policy preferences 310. The computing device 400 also includes a secure cryptoprocessor 312 storing protected authorization credentials 314, processor(s) 316, removable storage 318, non-removable storage 310, input device(s) 322, and output device(s) 324 and has communication connection(s) 326 with other computing devices 328.

[0038]In various embodiments, the memory 302 is volatile (such as RAM), non-volatile (such as ROM, flash memory, etc.) or some combination of the two. As mentioned, the system memory 302 may store an operating system 304 havin...

example processes

[0054]FIGS. 5 and 6 illustrate example processes 500 and 600. These processes 500 and 600 are illustrated as logical flow graphs, each operation of which represents a sequence of operations that can be implemented in hardware, software, or a combination thereof. In the context of software, the operations represent computer-executable instructions stored on one or more computer storage media that, when executed by one or more processors, perform the recited operations. Generally, computer-executable instructions include routines, programs, objects, components, data structures, and the like that perform particular functions or implement particular abstract data types. The order in which the operations are described is not intended to be construed as a limitation, and any number of the described operations can be combined in any order and / or in parallel to implement the processes.

[0055]FIG. 5 illustrates an example process for utilizing a secure cryptoprocessor to compute a response to...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A computing device described herein utilizes a secure cryptoprocessor of the computing device to compute a response to a request for authorization received from another local or remote device. The secure cryptoprocessor computes the response based on protected authorization credentials stored by the secure cryptoprocessor for one or more devices. The computing device then provides the computed response to the other device to cause the other device to grant or deny authorization. The computing device may also display information associated with the request for authorization, receive input indicating approval of the request, and utilize the secure cryptoprocessor in response to the received input.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This application is a continuation of U.S. patent application Ser. No. 14 / 163,220 filed on Jan. 24, 2014, entitled “Secure Cryptoprocessor for Authorizing Connected Device Requests,” which issued as U.S. patent Ser. No. ______ on ______, and which application is expressly incorporated herein by reference in its entirety.BACKGROUND[0002]To compensate for the well-known shortcomings of passwords, two-factor authentication adds the possession of a physical token as a requirement. For example, “smart cards” that have small, secure cryptographic capabilities are a common physical token used by enterprises for authenticating identities and authorizing requests. Unfortunately, issuing smart cards can be costly and require a user to hold multiple cards for multiple purposes. Users have a bad habit of forgetting their cards in card readers, and systems accepting a smart card need additional hardware to read them. In remoting scenarios, an unprivil...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): H04L29/06H04W12/08G06F9/50G06F21/35G06F21/34
CPCG06F21/35H04L63/10H04L63/0853G06F9/5033G06F21/34H04W12/08H04L63/0823H04L63/0884H04W12/068
Inventor AIGNER, RONALDKANE, KEVINTHOM, STEFAN
Owner MICROSOFT TECH LICENSING LLC