Patent · US Active

Protecting software supply chain using secure log generated in a trusted build environment

US12223035B2 · kind B2 · utility

0Cited by

2References

18Claims

0Family size

Assignee

Intel Corporation · US

Inventors

Piotr Zmijewski · Gdańsk, PL
Arkadiusz Berent · Tuchom, PL
Mateusz Bronk · Gdańsk, PL

Key dates

Filing date	Dec 15, 2021
Grant date	Feb 11, 2025
Priority date	—
Expiry date	Apr 10, 2042

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method comprises generating, during a software build process conducted in a trusted build environment, a trusted log comprising a plurality of records of actions performed during the software build process and a plurality of identifiers of tools used to perform the actions, aggregating the plurality of records of actions and the plurality of identifiers into a build certificate file, generating a digital signature to be applied to the build certificate, and publishing the build certificate in association with one or more build artifacts generated by the software build process.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.