公开(公告)号：US20240256674A1

公开(公告)日：2024-08-01

申请号：US18393843

申请日：2023-12-22

Applicant: Microsoft Technology Licensing, LLC

Inventor： Md. Nazmus SAKIB ,  Bryan David KELLY ,  Ling Tony CHEN ,  Peter David WAXMAN

IPC: G06F21/57 ,  G06F21/62 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/575 ,  G06F21/572 ,  G06F21/6209 ,  H04L9/0891 ,  H04L9/3236 ,  H04L9/3247

Abstract: Embodiments described herein are directed to transferring the ownership of a computing device from one entity to another entity. For example, a security processor is utilized to boot the computing device. During a boot session, the security processor loads and executes boot code, which determines whether specialized firmware authorized by the current owner indicates whether a transfer of ownership is to occur. In response to determining that the specialized firmware indicates that a transfer of ownership is to occur, the secure processor loads and executes the specialized firmware. The specialized firmware, when executed, causes the security processor to program a set of fuses with the public key of the new owner. Execution of the specialized firmware also causes the security processor to invalidate the public key of the original owner, which is stored in another set of fuses.

公开(公告)号：US20230325225A1

公开(公告)日：2023-10-12

申请号：US17716823

申请日：2022-04-08

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ishwar AGARWAL ,  Bryan David KELLY ,  Vishal SONI

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45583 ,  G06F2009/4557 ,  G06F2009/45579

Abstract: Systems and methods for a confidential compute architecture integrated with direct swap caching are described. An example method for managing a near memory and a far memory includes, in response to determining that the far memory contains an encrypted version of a first block of data, retrieving from the far memory the encrypted version of the first block of data, decrypting the first block of data using a first key for exclusive use by a first virtual machine associated with the system, and providing a decrypted version of the first block of data to the requestor. The method further includes swapping out a second block of data having an address conflict with the first block of data from the near memory to the far memory, where the second block of data is encrypted using a second key for exclusive use by a second virtual machine associated with the system.

公开(公告)号：US20240220650A1

公开(公告)日：2024-07-04

申请号：US18090666

申请日：2022-12-29

Applicant: Microsoft Technology Licensing, LLC

Inventor： Bharat Srinivas PILLILLI ,  Vishal SONI ,  Bryan David KELLY

IPC: G06F21/62

CPC classification number: G06F21/6245

Abstract: Techniques for ensuring address translation services (ATS) functionality is used correctly and safely for any type of device that supports ATS, even for devices that might potentially be acting in a rogue manner, are disclosed. A host performs an integrity check on a device that uses ATS to prevent the device from maliciously using a locally cached HPA. The device submits a first ATS-enabled request to the host. The device receives metadata comprising (i) a first integrity check vector (ICV) that is usable to authenticate the device, (ii) the HPA, and (iii) an initialization vector (IV). The device locally caches the metadata in an address translation cache (ATC). The device submits a second ATS-enabled request, which includes the metadata. The host then independently authenticates the device using the received metadata in the request.

公开(公告)号：US20230341924A1

公开(公告)日：2023-10-26

申请号：US17727685

申请日：2022-04-22

Applicant: Microsoft Technology Licensing, LLC

Inventor： Bharat Srinivas PILLILLI ,  Bryan David KELLY

IPC: G06F1/3293 ,  G06F9/38 ,  G06F9/30 ,  G06F1/324

CPC classification number: G06F1/3293 ,  G06F9/3871 ,  G06F9/30029 ,  G06F1/324

Abstract: Techniques are described herein that are capable of reducing latency of changing an operating state of a processor from a low-power state to a normal-power state. For example, providing a notification from a hardware system to the processor or receiving the notification at the processor, indicating that a transaction layer packet will be provided to the processor at a future time, may trigger the processor to change the operating state from the low-power state to the normal-power state. In another example, receipt of a transaction layer packet at the processor from a hardware system may trigger the processor to change the operating state from the low-power state to the normal-power state.

公开(公告)号：US20230051347A1

公开(公告)日：2023-02-16

申请号：US17401181

申请日：2021-08-12

Applicant: Microsoft Technology Licensing, LLC

Inventor： Md. Nazmus SAKIB ,  Ronald AIGNER ,  Ling Tony CHEN ,  Peter David WAXMAN ,  David Guy WESTON ,  Bryan David KELLY

IPC: H04L9/32 ,  G06F9/455 ,  H04L9/08

Abstract: Methods, systems, apparatuses, and computer-readable storage mediums described herein enable executable code of a hardware security platform (HSP) circuit to communicate with a hypervisor in a separate processor. The hypervisor generates and manages virtual machines. The HSP code comprises trusted platform module (TPM) logic, that processes TPM commands received via the hypervisor, and in response to the processing, communicates security information (e.g., measurements, keys, authorization data) with the virtual machines via the hypervisor. The TPM logic receives security information related to a virtual machine from the hypervisor and stores the security information in non-volatile memory of the HSP circuit, where security information from a particular VM is distinguishable from security information from another VM in the HSP memory. The hypervisor (and VMs) communicate via a network fabric with the HSP circuit within an SOC, or the HSP may reside on a discrete chip and communicate via a secure encrypted channel.

公开(公告)号：US20250156361A1

公开(公告)日：2025-05-15

申请号：US18405959

申请日：2024-01-05

Applicant: Microsoft Technology Licensing, LLC

Inventor： Bryan David KELLY ,  Peishan HUANG

IPC: G06F13/42

Abstract: Techniques are described herein in which a programmable logic device (PLD) is integrated into a baseboard management controller (BMC). A programming-enhanced BMC is powered on by a PLD that is integrated into the programming-enhanced BMC and that is coupled to an internal bus of the programming-enhanced BMC. A configuration file is provided from immutable BMC hardware in the BMC to the PLD based at least on the programming-enhanced BMC being powered on. The configuration file specifies a configuration to be programmatically applied to programmable hardware of the PLD. The programmable hardware of the PLD is programmed by loading the configuration file, which causes the programmable hardware to render a peripheral interface that is defined by the configuration file natively on the internal bus of the programming-enhanced BMC.

公开(公告)号：US20220391510A1

公开(公告)日：2022-12-08

申请号：US17337251

申请日：2021-06-02

Applicant: Microsoft Technology Licensing, LLC

Inventor： Md. Nazmus SAKIB ,  Bryan David KELLY ,  Ling Tony CHEN ,  Peter David WAXMAN

IPC: G06F21/57 ,  G06F21/55 ,  G06F9/54

Abstract: Embodiments described herein are directed to firmware policy enforcement of a computing device. For example, a security processor of the computing device is utilized to boot the computing device. During a boot session, the security processor loads and executes specialized firmware. The specialized firmware, when executed, causes the security processor to determine whether other types of firmware to be executed on the computing device is in compliance with a policy specified by the specialized firmware. Based at least on a determination that the other firmware is in compliance with the policy, the security processor executes the other firmware. Based at least on a determination that the other firmware is not in compliance with the policy, the security processor performs a mitigation with respect to the other firmware.

公开(公告)号：US20220382873A1

公开(公告)日：2022-12-01

申请号：US17335980

申请日：2021-06-01

Applicant: Microsoft Technology Licensing, LLC

Inventor： Vishal SONI ,  Bryan David KELLY

IPC: G06F21/57 ,  H04L9/30 ,  H04L9/32

Abstract: A system includes a stored counter value and a stored boot manifest including a manifest type flag. A manifest type of the boot manifest is determined based on the manifest type flag, a tenancy mode is determined based on a parity of the counter value, a first boot is executed if the manifest type is a first manifest type and the tenancy mode is a first tenancy mode, a second boot flow is executed if the manifest type is the first manifest type and the tenancy mode is a second tenancy mode, a third boot flow is executed if the manifest type is a second manifest type and the tenancy mode is the first tenancy mode, and a fourth boot flow is executed if the manifest type is the second manifest type and the tenancy mode is the second tenancy mode.

公开(公告)号：US20190073478A1

公开(公告)日：2019-03-07

申请号：US15694748

申请日：2017-09-01

Applicant: Microsoft Technology Licensing, LLC

Inventor： Badriddine KHESSIB ,  Bryan David KELLY ,  Mallik BULUSU

IPC: G06F21/57 ,  G06F9/44 ,  G06F13/40 ,  G06F13/42

Abstract: A Root of Trust hardware hierarchy provides firmware security for motherboard and peripheral devices. Power is received at a computer system and, in response to the receipt of power, of a standby power rail of a motherboard of the computer system is energized, and a first microcontroller mounted on the motherboard authenticates first firmware associated with a baseboard management controller mounted on the motherboard and coupled to the first microcontroller. If the authentication of the first firmware is successful, the baseboard management controller is powered on, a central processing unit coupled to the first microcontroller is held in reset, and a standby power rail of a peripheral component card coupled to the motherboard is energized. Second firmware associated with the central processing unit is authenticated using the first microcontroller and a second microcontroller mounted on the peripheral component card authenticates third firmware associated with a system on chip mounted on the peripheral component card and coupled to the second microcontroller.

公开(公告)号：US20240235806A9

公开(公告)日：2024-07-11

申请号：US17973471

申请日：2022-10-25

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： Bharat S. PILLILLI ,  Bryan David KELLY ,  Vishal SONI

IPC: H04L9/00 ,  G01R31/3181 ,  H04L9/08

CPC classification number: H04L9/002 ,  G01R31/3181 ,  H04L9/0894

Abstract: The techniques disclosed herein are directed to devices, circuits, systems, and techniques to mitigate the impact of side-channel attacks on a cryptography function in a target system. The Razor flip-flops are inserted into critical paths of the cryptography function of the target system, including at rest blocks such as key vaults and data vaults, and also including registers and/or pipelines used for calculations within the cryptography functions. Errors detected by the Razor flip-flops are processed by error detection logic in the cryptographic function, which continues the calculations until completion. The generated key and data value pairs resulting from detected errors are discarded, silently ignored without disrupting the calculation process. The schemes disclosed herein mitigate the impact of side-channel attacks with a digital logic based implementation, with reduced complexity and reduced cost.