| 发明名称 |
Device side host integrity validation |
| 摘要 |
Described is a technology by which a transient storage device or secure execution environment-based (e.g., including an embedded processor) device validates a host computer system. The device compares hashes of host system data against valid hashes maintained in protected storage of the device. The host data may be a file, data block, and/or memory contents. The device takes action when the host system data does not match the information in protected storage, such as to log information about the mismatch and/or provide an indication of validation failure, e.g., via an LED and/or display screen output. Further, the comparison may be part of a boot process validation, and the action may prevent the boot process from continuing, or replace an invalid file. Alternatively, the validation may take place at anytime. |
| 申请公布号 |
US8806220(B2) |
申请公布日期 |
2014.08.12 |
| 申请号 |
US200912349516 |
申请日期 |
2009.01.07 |
| 申请人 |
Microsoft Corporation |
发明人 |
Abzarian David;Carpenter Todd L.;Kulkarni Harish S.;Khan Salahuddin J. |
| 分类号 |
G06F11/30;G06F21/00 |
主分类号 |
G06F11/30 |
| 代理机构 |
|
代理人 |
Jardine John;Sanders Andrew;Minhas Micky |
| 主权项 |
1. In a computing environment, a method comprising, operating a device coupled to a host computing system, including accessing host system data of a host storage device residing in the host computing system, comparing the host system data with information in protected storage of the device to validate whether the host system data matches the information in the protected storage, the information maintained in the protected storage comprising corresponding hash values representative of what contents the host system data contains when valid, and taking action, including changing the host system data, if the host system data does not match the information in protected storage. |
| 地址 |
Redmond WA US |
