 |
|
|
|
|
|
 Title: |
US6189100:
Ensuring the integrity of remote boot client data
[ Derwent Title ]
|
| Country: |
US United States of America
|
| |
| Inventor: |
Barr, Adam D.; Redmond, WA
Swift, Michael M.; Seattle, WA
Lenzmeier, Charles T.; Woodinville, WA
|
| Assignee: |
Microsoft Corporation, Redmond, WA
other patents from MICROSOFT CORPORATION (373780) (approx. 3,197)
News, Profiles, Stocks and More about this company
|
| Published / Filed: |
2001-02-13
/ 1998-06-30
|
| Application Number: |
US1998000107007
|
| IPC Code: |
Advanced:
G06F 21/00;
Core:
more...
IPC-7:
G06F 1/24;
|
| ECLA Code: |
G06F21/00N3P2;
|
| U.S. Class: |
Current:
713/182;
380/255;
380/270;
380/278;
713/150;
713/168;
726/002;
726/005;
726/027;
Original:
713/182;
713/150;
713/168;
713/200;
380/255;
380/270;
380/278;
|
| Field of Search: |
380/255,270,278,283
713/150,161,168,171,184,200,201,182
|
| Priority Number: |
| 1998-06-30 |
US1998000107007 |
|
| Abstract: |
A remote boot process uses a secret to sign and/or seal the data necessary to remotely boot a client from a server on a network to ensure the integrity of the data. The secret is generated by the server and securely delivered to the client during the initial setup of the client. The secret contains a one-way encryption of the password for the client account on the server. Each side balances a signed message with a verify and a sealed message with an unseal. Subsequent transactions between the client and server are conducted using messages encrypted with a key generated by the server and securely delivered to the client in a message sealed using the secret. The secret can also be used in conjunction with an access data structure to prevent unauthorized users from accessing data stored on the server on behalf of the client or other users. In other aspects of the invention, the secret is replaced by a client private/public key pair.
|
| Attorney, Agent or Firm: |
Schwegman, Lundberg, Woessner & Kluth, P.A. ;
|
| Primary / Asst. Examiners: |
Peeso, Thomas R.;
|
| INPADOC Legal Status: |
Show legal status actions
|
| Family: |
None
|
First Claim:
Show all 27 claims |
We claim:
1. A computerized method for ensuring the integrity of remote boot client data comprising:
- obtaining, by a process executing on a client, credentials and presenting the credentials to a server;
- authenticating, by a process executing on the server, the credentials, and generating a secret, sealing the secret with the credentials, and sending the sealed secret to the client;
- receiving, by the client process, the sealed secret, and unsealing the secret, signing a file transfer request using the secret, and sending the signed file transfer request to the server;
- receiving, by the server process, the signed file transfer request, and verifying the file transfer request using the secret, sealing the requested files using the secret, and sending the sealed files to the client;
- receiving, by the client process, the sealed files;
- unsealing the files using the secret; and
- using the files to boot the client.
|
| Background / Summary: |
Show background / summary
|
| Drawing Descriptions: |
Show drawing descriptions
|
| Description: |
Show description
|
| Forward References: |
Show 85 U.S. patent(s) that reference this one
|
|
