The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Aug. 22, 2017
Filed:
Jun. 11, 2009
Daniel R. Simon, Redmond, WA (US);
Brian D. Swander, Redmond, WA (US);
Pascal Menezes, Bellevue, WA (US);
Gabriel E. Montenegro, Redmond, WA (US);
Daniel R. Simon, Redmond, WA (US);
Brian D. Swander, Redmond, WA (US);
Pascal Menezes, Bellevue, WA (US);
Gabriel E. Montenegro, Redmond, WA (US);
Microsoft Technology Licensing, LLC, Redmond, WA (US);
Abstract
A hierarchical key generation and distribution mechanism for a computer system in which devices are organized into secure enclaves. The mechanism enables network access to be tailored to approximate minimum needed privileges for each device. At the lowest level of the hierarchy, keys are used to form security associations between devices. Keys at each level of the hierarchy are generated from keys at a higher level of the hierarchy and key derivation information. Key derivation information is readily ascertainable, either from identifiers for devices or from within messages, supporting hardware offload of cryptographic functions. Because keys may be generated based on the enclaves in which the hosts participating in a security association are located, the system includes a mechanism by which devices can discover the enclave in which they are located.