| 发明名称 |
Authorization for transient storage devices with multiple authentication silos |
| 摘要 |
In a transient storage device (TSD) with multiple authentication silos, a host computing device connected to the TSD is configured by the TSD to discover and act upon various types of authentication information in the silos. One or more logical combinations of authentication silos are switched to the authenticated state to grant access to an associated storage area. A particular ordering of authentication silos may be required to achieve a valid combination of authenticated silos. Ordering may be suggested by configuration information in the TSD. Ordering may also be based upon whether or not user input is required for authenticating a given authentication silo, the environment of use of the TSD, or a hierarchy from most trusted to least trusted authentication silo. With this information, the host proceeds with the most efficient authentication sequence leading to a grant of access to the storage area. |
| 申请公布号 |
US9122895(B2) |
申请公布日期 |
2015.09.01 |
| 申请号 |
US200812146066 |
申请日期 |
2008.06.25 |
| 申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Bovee James |
| 分类号 |
G06F21/00;G06F21/79;G06F21/78 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
Gabryjelski Henry;Fashokun Sade;Minhas Micky |
| 主权项 |
1. A tangible computer-readable storage device storing computer-executable instructions for performing a computer process, the instructions comprising operations to:
coordinate a first authentication requirement for a first authentication silo corresponding to a storage area and a second authentication requirement for a second authentication silo corresponding to the storage area to create a logical expression comprising one or more authentication silo combinations, the logical expression specifying the first authentication silo and the second authentication silo, the logical expression based upon configurable settings for the first authentication silo and the second authentication silo within one or more extension fields of at least one of a manufacturer certificate or a provisioning certificate; determine whether one or more authentication states of the first authentication silo and the second authentication silo result in a valid authentication silo combination of the logical expression for access to the storage area; and authorize access by a host device to the storage area based upon determining the valid authentication silo combination. |
| 地址 |
Redmond WA US |
