A computing device, or a security component of a computing device, implements delayed attestation by initially providing first credentials to a remote access device to establish a first level of trust. The first credentials may be provided before or while the computing device or the security component is obtaining security information from a remote security device. The security information is used to generate second credentials that are subsequently provided to the remote access device to establish a second level of trust. The first credentials may comprise an encryption key that can be generated by the security component without having to retrieve information via a network, and the second credentials may comprise an attestation statement that is more trustworthy than the encryption key and that is generated based on a certificate retrieved from a remote security device (e.g., a certificate authority server).
申请公布号
WO2016044357(A1)
申请公布日期
2016.03.24
申请号
WO2015US50310
申请日期
2015.09.16
申请人
MICROSOFT TECHNOLOGY LICENSING, LLC
发明人
SABOORI, ANOOSH;HELLER, VICTOR W.;SU, XIAOHONG;ZHOU, DAYI;KINSHUMANN, KINSHUMAN;MORGAN, JAMES HUGH;THOM, STEFAN