Join
today

Boliven PRO is more than just patent search

  • Build and save lists using the powerful Lists feature
  • Analyze and download your search results
  • Share patent search results with your clients

Patents »

US6832317: Personal computer security mechanism

Share

Filing Information

Inventor(s) Geoffrey S. Strongin · Dale E. Gulick ·
Assignee(s) Advanced Micro Devices, Inc. ·
Attorney/Agent(s) Williams, Morgan & Amerson ·
Primary Examiner Thomas R. Peeso ·
Application Number US9853437
Filing date 05/11/2001
Issue date 12/14/2004
Predicted expiration date 07/17/2023
Patent term adjustment 798
U.S. Classifications 713/182  · 713/201  · 713/200  · 713/168  ·
International Classifications --
Kind CodeB1
International Classifications 713182 · 713168 · 713200 · 713201 ·
Related U.S. Application DataThis Application is a continuation-in-part of co-pending U.S. patent application Ser. No. 09/852,372, entitled, “Secure Execution Box and Method,” filed on May 10, 2001, whose inventors are Dale E. Gulick and Geoffrey S. Strongin. This Application is also a continuation-in-part of co-pending U.S. patent application Ser. No. 09/852,942 entitled, “Computer System Architecture for Enhanced Security and Manageability,” filed on May 10, 2001, whose inventors are Geoffrey S. Strongin and Dale E. Gulick.
109 Claims, 74 Drawings


Abstract

A device, method, and system for authenticating devices in a computer system. The device includes a storage location for storing a GUID. The device is configured to provide the GUID to a master in the computer system during a trusted setup. The device is further configured to provide at least an indication of the GUID during a data transaction. The computer system includes a master device and a device comprising a storage location for storing a GUID. The device is configured to provide the GUID to the master device during a trusted setup. The device is further configured to provide at least an indication of the GUID during a data transaction. The method includes providing a GUID and receiving a request for a data transaction. The method also includes transmitting data in the data transaction and at least an indication of the GUID in the data transaction and authenticating the data using at least the indication of the GUID in the data transaction.

Independent Claims | See all claims (109)

  1. 1. A device for use in a personal computer system, wherein the device comprises a storage location for storing a GUID, wherein the device is configured to provide the GUID to a master in the computer system during a trusted setup, and wherein the device is further configured to provide at least an indication of the GUID during a data transaction.
  2. 18. A device for use in a personal computer system, wherein the device comprises one or more storage locations for storing one or more of the group consisting of a GUID, a secret, and a system GUID; wherein the device is configured to perform during a trusted setup at least one or more from the group consisting of providing the GUID to a master in the computer system, receiving and storing the secret, and receiving and storing the system GUID; and wherein the device is further configured to provide at least an indication of one or more of the group consisting of the GUID, the secret, and the system GUID during a data transaction.
  3. 25. A computer system, comprising: a master device; and a device comprising a storage location for storing a GUID, wherein the device is configured to provide the GUID to the master device during a trusted setup, and wherein the device is further configured to provide at least an indication of the GUID during a data transaction.
  4. 41. A computer system, comprising: a master device; and a device comprising one or more storage locations for storing one or more of the group consisting of a GUID, a secret, and a system GUID; wherein the device is configured to perform during a trusted setup at least one or more from the group consisting of providing the GUID to the master device in the computer system, receiving and storing the secret from the master device, and receiving and storing the system GUID from the master device; and wherein the device is further configured to provide at least an indication of one or more of the group consisting of the GUID, the secret, and the system GUID during a data transaction with the master device.
  5. 48. A method, comprising: providing a GUID; receiving a request for a data transaction; transmitting data in the data transaction and at least an indication of the GUID in the data transaction; and authenticating the data using at least the indication of the GUID in the data transaction.
  6. 59. A method, comprising: providing a GUID to a master device during a trusted setup; setting an introduced bit during the trusted setup; receiving a data transaction request; and refusing the data transaction request once the introduced bit is set unless at least an indication of the GUID is provided in the data transaction request.
  7. 66. A computer system, comprising: means for providing a GUID to a master device during a trusted setup; means for setting an introduced bit during the trusted setup; means for receiving a data transaction request; and means for refusing the data transaction request once the introduced bit is set unless at least an indication of the GUID is provided in the data transaction request.
  8. 69. A system, comprising: a first device, including a timer and logic coupled to the timer; and a security authenticator configured to authenticate the first device, wherein the security authenticator is further configured to provide at least an indication to the logic that the timer is to be reset to a predetermined value in response to authenticating the first device.
  9. 75. A computer system, comprising: a first device, including a first timer and first logic coupled to the first timer; a second device including a second timer and second logic coupled to the second timer, wherein the second device also includes a first security authenticator configured to authenticate the first device, wherein the first security authenticator is further configured to provide at least an indication to the first logic that the first timer is to be reset to a first predetermined value in response to authenticating the first device; and a second security authenticator configured to authenticate the second device, wherein the second security authenticator is further configured to provide at least an indication to the second logic that the second timer is to be reset to a second predetermined value in response to authenticating the second device.
  10. 84. A method of operating a computer system, the method comprising: authenticating a first device; setting a starting value on a timer; updating the timer in a predetermined manner; and authenticating the first device if the timer has expired.
  11. 88. A computer readable program storage device encoded with instructions that, when executed by a computer system, performs a method of operating the computer system, the method comprising: computer readable program storage device, comprising: providing a GUID; receiving a request for a data transaction; transmitting data in the data transaction and at least an indication of the GUID in the data transaction; and authenticating the data using at least the indication of the GUID in the data transaction.
  12. 99. A computer readable program storage device encoded with instructions that, when executed by a computer system, performs a method of operating the computer system, the method comprising: providing a GUID to a master device during a trusted setup; setting an introduced bit during the trusted setup; receiving a data transaction request; and refusing the data transaction request once the introduced bit is set unless at least an indication of the GUID is provided in the data transaction request.
  13. 106. A computer readable program storage device encoded with instructions that, when executed by a computer system, performs a method of operating the computer system, the method comprising: authenticating a first device; setting a staring value on a timer; updating the timer in a predetermined manner; and authenticating the first device if the timer has expired.

References Cited

U.S. Patent Documents

Document NumberAssigneesInventorsIssue/Pub Date
US6694336* Fusionone, Inc. Multer et al. Feb 2004
US6694378* Intel Corporation Lortz Feb 2004
US6697944* Microsoft Corporation Jones et al. Feb 2004
* cited by examiner

Other Publications

Intel, “Low Pin Count (LPC) Interface Specification Revision 1.0,” pp. 1-31 (Sep. 29, 1997).
Standard Microsystems Corporation, “100 Pin Enhanced Super I/O for LPC Bus with SMBus Controller for Commercial Application,” Part No. LPC47B37x, pp. 1-254 (Jun. 17, 1999).
FIPS Pub 140-1 Federal Information Processing Standards Publication, “Security Requirements for Cryptographic Modules” (Jan. 11, 1994).
Intel, “Communication and Networking Riser Specification,” Revision 1.0 (Feb. 7, 2000).
“Handbook of Applied Cryptography” CRC Press 1997 pp. 154-157, 160-161, 191-198, 203-212.

Referenced By

Document NumberAssigneeInventorsIssue/Pub Date
US7587611 Privaris, Inc. Barry W. Johnson et al. Sep 2009
US7281264 Acer Inc. Horng-Ji Shieh Oct 2007
US7481364 Privaris, Inc. Charles Cannon et al. Jan 2009
US7525537 Privaris, Inc. David S. Abdallah et al. Apr 2009
US7636826 Sony Corporation Takumi Okaue et al. Dec 2009
US7636780 Advanced Micro Devices, Inc. Jeffrey M. Lavin et al. Dec 2009
US7370211 Telefonaktiebolaget LM Ericsson (publ) Tom Rindborg et al. May 2008
US7631348 Standard Microsystems Corporation Henry Villadiego et al. Dec 2009
US7420546 Privaris, Inc. David S. Abdallah et al. Sep 2008
US7634689 Advanced Micro Devices, Inc. Martyn G. Deobald Dec 2009
US7590861 Privaris, Inc. David S. Abdallah et al. Sep 2009
USRE42038 Privaris, Inc. David S. Abdallah et al. Jan 2011
US7681050 Telefonaktiebolaget L M Ericsson (Publ) Rolf Blom et al. Mar 2010
US7688314 Privaris, Inc. David S. Abdallah et al. Mar 2010
US7783892 Privaris, Inc. David C. Russell et al. Aug 2010
US7788701 Advanced Micro Devices, Inc. Jeffrey M. Lavin Aug 2010
US7788501 Privaris, Inc. David S. Abdallah et al. Aug 2010
US7991850 Advanced Micro Devices, Inc. Jeffrey M. Lavin et al. Aug 2011
US8001372 Privaris, Inc. David S. Abdallah et al. Aug 2011
US8055906 Privaris, Inc. David S. Abdallah et al. Nov 2011
US8127143 Privaris, Inc. David S. Abdallah et al. Feb 2012
US8186580 Privaris, Inc. Charles Cannon et al. May 2012
US8316414 Intel Corporation Sham M. Datta et al. Nov 2012
US8327152 Privaris, Inc. David C. Russell et al. Dec 2012
US8402240 --
US8407480 --
US8407473 --
US8468591 --
US8566250 --
US8554791 --
US8554686 --
US8478992 --
US8495382 --
US8826031 --
US8683191 --
US8708230 --