发明名称 |
Representation of Operating System Context in a Trusted Platform Module |
摘要 |
Techniques for representation of operating system context in a trusted platform module are described. In at least some embodiments, authorization principals that corresponds to representations of operating system context are derived in a trusted platform module. The authorization principals can be used to define authorization policies for access to security assets stored in a trusted platform module. |
申请公布号 |
US2016092691(A1) |
申请公布日期 |
2016.03.31 |
申请号 |
US201414497221 |
申请日期 |
2014.09.25 |
申请人 |
Microsoft Corporation |
发明人 |
Thom Stefan;Aigner Ronald;Pai Navin |
分类号 |
G06F21/62;H04L29/06 |
主分类号 |
G06F21/62 |
代理机构 |
|
代理人 |
|
主权项 |
1. A system comprising:
one or more processors; and one or more computer-readable storage media storing computer-executable instructions that, responsive to execution by the one or more processors, cause the system to perform operations including:
causing an authorization principal that corresponds to a representation of an operating system context to be derived in a trusted platform module;interfacing with the trusted platform module to cause the authorization principal to be bound to a security asset stored in the trusted platform module;receiving a request for access to the authorization principal;taking an action based on whether the request context matches the authorization principal, the action including one of:
allowing access to the authorization principal in response to a request context matching the authorization principal, such that access to the security asset is allowed; ordenying access to the authorization principal in response to the request context not matching the authorization principal, such that access to the security asset is not allowed. |
地址 |
Redmond WA US |