Client-side boot domains and boot rules
US6757824B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 10, 1999 |
| Grant date | Jun 29, 2004 |
| Priority date | — |
| Expiry date | Dec 10, 2019 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2211/1097
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Each software component loaded for a verified operating system on a client computer must satisfy a set of boot rules for a boot certificate. A verified operating system identifier is created from the boot certificate. The boot certificate is published and signed by a boot authority that attests to the validity of the operating system booted under the boot certificate. Each software component for the operating system is associated with a component certificate published and signed by the same boot authority that signed the boot certificate. The boot rules determine the validity of the software component based on the contents of the component and boot certificates. The client computer transmits the verified operating system identity and the boot certificate to a server computer, such as a content provider, and the content provider determines whether to trust the verified operating system with its content. Downloaded data is secured on permanent storage through a key derived from the verified operating system identifier. The boot certificate, component certificates, and secured content define the boot domain.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.