Patents by Inventor Cédric Alain Marie FOURNET
Cédric Alain Marie FOURNET has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240160795Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.Type: ApplicationFiled: January 22, 2024Publication date: May 16, 2024Inventors: Stavros VOLOS, David Thomas CHISNALL, Saurabh Mohan KULKARNI, Kapil VASWANI, Manuel COSTA, Samuel Alexander WEBSTER, Cédric Alain Marie FOURNET, Richard OSBORNE, Daniel John Pelham WILKINSON, Graham Bernard CUNNINGHAM
-
Publication number: 20240086542Abstract: In various examples there is a computing device comprising: a first microcontroller comprising a first immutable bootloader and first mutable firmware. The first immutable bootloader uses a unique device secret burnt into hardware of the computing device in order to generate an attestation of the first mutable firmware. The computing device has a second microcontroller. There is second mutable firmware at the second microcontroller. There is a second immutable bootloader at the second microcontroller which sends a measurement of the second mutable firmware to the first immutable bootloader whenever the second microcontroller restarts, such that the first microcontroller is able to include the measurement in the attestation.Type: ApplicationFiled: November 13, 2023Publication date: March 14, 2024Inventors: Stavros VOLOS, Colin DOAK, Simon Douglas CHAMBERS, David RUGGLES, Richard NEAL, Cedric Alain Marie FOURNET, Kapil VASWANI, Balaji VEMBU
-
Patent number: 11921911Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.Type: GrantFiled: July 13, 2021Date of Patent: March 5, 2024Assignee: Microsoft Technology Licensing, LLC.Inventors: Stavros Volos, David Thomas Chisnall, Saurabh Mohan Kulkarni, Kapil Vaswani, Manuel Costa, Samuel Alexander Webster, Cédric Alain Marie Fournet, Richard Osborne, Daniel John Pelham Wilkinson, Graham Bernard Cunningham
-
Patent number: 11853429Abstract: In various examples there is a computing device comprising: a first microcontroller comprising a first immutable bootloader and first mutable firmware. The first immutable bootloader uses a unique device secret burnt into hardware of the computing device in order to generate an attestation of the first mutable firmware. The computing device has a second microcontroller. There is second mutable firmware at the second microcontroller. There is a second immutable bootloader at the second microcontroller which sends a measurement of the second mutable firmware to the first immutable bootloader whenever the second microcontroller restarts, such that the first microcontroller is able to include the measurement in the attestation.Type: GrantFiled: July 13, 2021Date of Patent: December 26, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Stavros Volos, Colin Doak, Simon Douglas Chambers, David Ruggles, Richard Neal, Cédric Alain Marie Fournet, Kapil Vaswani, Balaji Vembu
-
Publication number: 20230342121Abstract: A processing system comprising one or more chips, each comprising a plurality of tiles is described. Each tile comprises a respective processing unit and memory, the memory storing a codelet. The processing system has at least one encryption unit configured to encrypt and decrypt data transferred between the tiles and a trusted computing entity via an external computing device. The codelets are configured to instruct the tiles to transfer the encrypted data by reading from and writing to a plurality of memory regions at the external memory such that a plurality of streams of encrypted data are formed, each stream using an individual one of the memory regions at the external computing device.Type: ApplicationFiled: July 13, 2021Publication date: October 26, 2023Inventors: Daniel John Pelham WILKINSON, Richard OSBORNE, Graham Bernard CUNNINGHAM, Kenneth GORDON, Samuel Alexander WEBSTER, Stavros VOLOS, Kapil VASWANI, Balaji VEMBU, Cédric Alain Marie FOURNET
-
Publication number: 20230020838Abstract: In various examples there is a computing device comprising: a first microcontroller comprising a first immutable bootloader and first mutable firmware. The first immutable bootloader uses a unique device secret burnt into hardware of the computing device in order to generate an attestation of the first mutable firmware. The computing device has a second microcontroller. There is second mutable firmware at the second microcontroller. There is a second immutable bootloader at the second microcontroller which sends a measurement of the second mutable firmware to the first immutable bootloader whenever the second microcontroller restarts, such that the first microcontroller is able to include the measurement in the attestation.Type: ApplicationFiled: July 13, 2021Publication date: January 19, 2023Inventors: Stavros VOLOS, Colin DOAK, Simon Douglas CHAMBERS, David RUGGLES, Richard NEAL, Cédric Alain Marie FOURNET, Kapil VASWANI, Balaji VEMBU
-
Patent number: 11526613Abstract: A computer system has a separation mechanism which enforces separation between at least two execution environments such that one execution environment is a gatekeeper which interposes on all communications of the other execution environment. The computer system has an attestation mechanism which enables the gatekeeper to attest to properties of the at least two execution environments. A first one of the execution environments runs application specific code which may contain security vulnerabilities. The gatekeeper is configured to enforce an input output policy on the first execution environment by interposing on all communication to and from the first execution environment by forwarding, modifying or dropping individual ones of the communications according to the policy. The gatekeeper provides evidence of attestation both for the application specific code and the policy.Type: GrantFiled: July 3, 2019Date of Patent: December 13, 2022Assignee: Microsoft Technology Licensing, LLCInventors: David Thomas Chisnall, Cédric Alain Marie Fournet, Manuel Costa, Samuel Alexander Webster, Sylvan Clebsch, Kapil Vaswani
-
Publication number: 20220222348Abstract: In various examples there is a method of enabling an attestable update of a firmware layer that provides a unique identity of a computing device. The method comprises using an immutable firmware layer to access a unique device secret. The immutable layer is used to derive a hardware device identity (HDI) from the unique device secret. The immutable layer is used to derive a compound device identity (CDI) from a measurement of the firmware layer and the unique device secret. The CDI and HDI are made available to the firmware layer. The firmware layer is used to issue a local certificate to endorse a device identity key, derived from the CDI, the local certificate signed by a key derived from the HDI.Type: ApplicationFiled: January 13, 2021Publication date: July 14, 2022Inventors: Kapil VASWANI, Cédric Alain Marie FOURNET, Stavros VOLOS
-
Publication number: 20220019700Abstract: A system and method for encrypting and decrypting data exchanged between a multi-tile processing unit and a storage, where a plurality of keys are used for the encryption. Each of the plurality of keys is associated with a different one or more sets of the processors. Encryption hardware is configured to select a key to use for encryption/decryption operations in dependence upon the set of tiles associated with the data being exchanged. Each write request from a tile contains identifier bits associated with that tile's set of tiles, enabling the encryption hardware to select the key to use for encrypting the data in the write request. Each read completion for a tile contains identifier bits associated with that tile's set of tiles, enabling the encryption hardware to select the key to use for decrypting the data in the read completion.Type: ApplicationFiled: July 13, 2021Publication date: January 20, 2022Inventors: Daniel John Pelham WILKINSON, Graham Bernard CUNNINGHAM, Stavros VOLOS, Kapil VASWANI, Cedric Alain Marie FOURNET, Balaji VEMBU
-
Publication number: 20210342492Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.Type: ApplicationFiled: July 13, 2021Publication date: November 4, 2021Inventors: Stavros VOLOS, David Thomas CHISNALL, Saurabh Mohan KULKARNI, Kapil VASWANI, Manuel COSTA, Samuel Alexander WEBSTER, Cédric Alain Marie FOURNET, Richard OSBORNE, Daniel John Pelham WILKINSON, Graham Bernard CUNNINGHAM
-
Patent number: 11126757Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.Type: GrantFiled: October 19, 2018Date of Patent: September 21, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Stavros Volos, David Thomas Chisnall, Saurabh Mohan Kulkarni, Kapil Vaswani, Manuel Costa, Samuel Alexander Webster, Cédric Alain Marie Fournet
-
Publication number: 20210004469Abstract: A computer system has a separation mechanism which enforces separation between at least two execution environments such that one execution environment is a gatekeeper which interposes on all communications of the other execution environment. The computer system has an attestation mechanism which enables the gatekeeper to attest to properties of the at least two execution environments. A first one of the execution environments runs application specific code which may contain security vulnerabilities. The gatekeeper is configured to enforce an input output policy on the first execution environment by interposing on all communication to and from the first execution environment by forwarding, modifying or dropping individual ones of the communications according to the policy. The gatekeeper provides evidence of attestation both for the application specific code and the policy.Type: ApplicationFiled: July 3, 2019Publication date: January 7, 2021Inventors: David Thomas CHISNALL, Cédric Alain Marie FOURNET, Manuel COSTA, Samuel Alexander WEBSTER, Sylvan CLEBSCH, Kapil VASWANI
-
Publication number: 20200125772Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.Type: ApplicationFiled: October 19, 2018Publication date: April 23, 2020Inventors: Stavros VOLOS, David Thomas CHISNALL, Saurabh Mohan KULKARNI, Kapil VASWANI, Manuel COSTA, Samuel Alexander WEBSTER, Cédric Alain Marie FOURNET