| 发明名称 |
Data security and integrity by remote attestation |
| 摘要 |
This invention includes apparatus, systems, and methods to ensure the security and integrity of data stored, processed, and transmitted across compute devices. The invention includes a system comprising at least one of said devices, application software installed on said devices and coupled to the device's hardware and software stack to execute data encryption and remote attestation, and said devices coupled with an attestation server through a communication network. The invention includes a process to configure said devices for data encryption and remote attestation and performing an initial inventory and content scan of the device's hardware and software stack with results transmitted across a communication network to the attestation server. The invention includes periodic inventory and content scans of the device's hardware and software stack with results transmitted again to the attestation server via the communication network. The attestation server stores said results in a database for comparison to subsequent results sent by devices. The attestation server notes any differences in the most recent results and sends an alert to the device if the device is configured differently based on the previous scan, or configured the same if no differences were noted. |
| 申请公布号 |
US8966249(B2) |
申请公布日期 |
2015.02.24 |
| 申请号 |
US201313738987 |
申请日期 |
2013.01.10 |
| 申请人 |
Saife, Inc. |
发明人 |
Lindteigen Ty Brendan |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A system to ensure the security and integrity of data stored, processed, and transmitted across devices comprising:
at least one device; an application software installed on the device and coupled to the a hardware and a software stack of the device; a data encryption software and a remote attestation software installed on the device and coupled to the hardware and software stack of the device; the device coupled to a communication network; an attestation server to communicate with the device via the communication network; and wherein the application software provides a set of instructions to remotely command the device to: perform an inventory scan and a content scan of the hardware and the software stack of the device, consolidate and secure a collection of results of the inventory scan and the content scan of the hardware and the software stack of the device, store the collection of results in a storage database, use the collection of results to determine a statistically known-good configuration for a type of device, compare the collection of results with the statistically known-good configuration for the type of device, note any differences in a most recent message digest compared to the statistically known-good configuration, and send an alert to the device. |
| 地址 |
AZ US |
