Patents by Inventor Willard M. Wiseman

Willard M. Wiseman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 7526649
    Abstract: According to an embodiment of the invention, a method and apparatus for session key exchange are described. An embodiment of a method comprises requesting a service for a platform; certifying the use of the service for one or more acceptable configurations of the platform; and receiving a session key for a session of the service, the service being limited to the one or more acceptable configurations of the platform.
    Type: Grant
    Filed: December 30, 2003
    Date of Patent: April 28, 2009
    Assignee: Intel Corporation
    Inventors: Willard M. Wiseman, David W. Grawrock, Ernie Brickell, Matthew D. Wood, Joseph F. Cihula
  • Publication number: 20090089582
    Abstract: A processing system with a trusted platform module (TPM) supports migration of digital keys. For instance, an application in the processing system may create a first configuration key as a child of a TPM storage root key (SRK) when the processing system has a first configuration. The application may also create an upgradable root user key associated with an upgrade authority as a child of the first configuration key. The application may also create a user key as a child of the upgradable root user key. When the processing system has a second configuration, the application may create a second configuration key as a child of the SRK. The application may request migration approval from the upgrade authority. In response to receiving the approval from the upgrade authority, the application may migrate the root user key to be a child of the second configuration key. Other embodiments are described and claimed.
    Type: Application
    Filed: September 27, 2007
    Publication date: April 2, 2009
    Inventors: TASNEEM BRUTCH, Alok Kumar, Vincent R. Scarlata, Faraz A. Siddiqi, Ned M. Smith, Willard M. Wiseman
  • Publication number: 20090086979
    Abstract: The present subject matter related to trusted computing, and more particularly, to virtual trusted platform module keys rooted in a hardware trusted platform module. Some embodiments include a trusted platform virtualization module operable to capture virtual machine trusted platform module calls and operates to generate, maintain, and utilize hardware trusted platform module keys on behalf of the one or more virtual machines. Some embodiments include virtual trusted platform module keys having a public portion on top of an private portion including an encrypted hardware trusted platform module key.
    Type: Application
    Filed: September 28, 2007
    Publication date: April 2, 2009
    Inventors: Tasneem Brutch, Alok Kumar, Vincent Scarlata, Faraz A. Siddiqi, Ned M. Smith, Willard M. Wiseman
  • Publication number: 20090044187
    Abstract: A data processing system isolates a virtual trusted platform module (vTPM) manager in the processing system from other management software in the processing system. In one example process, the processing system launches a virtual machine monitor (VMM) that includes a memory-mapped input/output (MMIO) trap. The processing system also launches a vTPM manager in a first virtual machine (VM). In addition, the processing system launches a second VM to contain virtual machine management programs other than the vTPM manager and the MMIO trap. Other embodiments are described and claimed.
    Type: Application
    Filed: August 10, 2007
    Publication date: February 12, 2009
    Inventors: Ned M. Smith, Willard M. Wiseman, Faraz A. Siddiqi, Tasneem Brutch, Vincent R. Scarlata, Alok Kumar, Kalpana M. Roge, Murari Kumar
  • Publication number: 20080244261
    Abstract: A device, method, and system are disclosed. In one embodiment, the device includes storage to contain more than one trust root, and logic to associate each command ordinal sent to the device with one of the trust roots.
    Type: Application
    Filed: March 29, 2007
    Publication date: October 2, 2008
    Inventors: Willard M. Wiseman, David W. Grawrock
  • Publication number: 20080235754
    Abstract: A processing system has a processing unit, nonvolatile storage, and secure nonvolatile memory with inherent access control. The nonvolatile storage includes an authenticated code (AC) module, a launch policy setting, and a second code module. The secure nonvolatile memory includes an integrity metric for the launch policy setting. When executed by the processing unit, the AC module computes a new integrity metric for the launch policy setting, and uses the new integrity metric for the launch policy setting and the integrity metric for the launch policy setting to determine whether the launch policy setting should be trusted. The AC module may also compute a new integrity metric for the second code module, and may use the launch policy setting and the new integrity metric for the second code module to determine whether the second code module should be allowed to execute.
    Type: Application
    Filed: March 19, 2007
    Publication date: September 25, 2008
    Inventors: Willard M. Wiseman, Simon P. Johnson
  • Publication number: 20080155256
    Abstract: In one embodiment of the present invention, a method includes verifying an initiating logical processor of a system; validating a trusted agent with the initiating logical processor if the initiating logical processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example.
    Type: Application
    Filed: December 27, 2007
    Publication date: June 26, 2008
    Inventors: John H. Wilson, Ioannis T. Schoinas, Mazin S. Yousif, Linda J. Rankin, David W. Grawrock, Robert J. Greiner, James A. Sutton, Kushagra Vaid, Willard M. Wiseman
  • Patent number: 7318150
    Abstract: A system and method to support platform firmware as a trusted process. Measurement of a trusted portion of original firmware are measured by a core root of trust measurement (CRTM). The measurement is stored in a secure manner during pre-boot. During operating system (OS)-runtime, requests are made to access an unqualified current version of firmware corresponding to a secure execution mode. A portion of the current firmware analogous to the trusted portion is measured. The measurements of the trusted original portion and unqualified current portion are compared to verify they match. If they match, it indicates that the current portion and the trusted portion are one in the same. Thus, the current portion of firmware is trustworthy. Accordingly, the firmware may be executed as a trusted process. Embodiments employ locality to enforce the trusted process. The use of locality prevents unqualified users (i.e., software) from accessing data stored by trusted firmware.
    Type: Grant
    Filed: February 25, 2004
    Date of Patent: January 8, 2008
    Assignee: Intel Corporation
    Inventors: Vincent J. Zimmer, Willard M. Wiseman, Jing Li
  • Patent number: 7216369
    Abstract: An apparatus may include a root of trust for measurement (RTM) module coupled to a verified platform security property policy module and a comparison module. The comparison module may operate to prevent transfer of control to an operating system (and/or halt the boot process) if a policy included in the platform security property policy module is violated. A system may include a memory coupled to a processor, a platform security property policy module, and a comparison module. The memory may include an RTM. A method may include beginning execution at an entry point within an RTM, determining that the RTM is trustworthy, determining that a main initialization code associated with a platform is trustworthy and transferring control to the main initialization code, and otherwise, refraining from transferring control to the main initialization code.
    Type: Grant
    Filed: June 28, 2002
    Date of Patent: May 8, 2007
    Assignee: Intel Corporation
    Inventors: Willard M. Wiseman, David W. Grawrock
  • Patent number: 7210169
    Abstract: An originator device allows for a unique passphrase to be communicated to a service system. The originator device has a fixed token in which a unique platform identifier is recorded and a processor to generate a representation of the platform configuration. This representation is communicated to the registry service as a unique, platform-specific passphrase associated with the originator.
    Type: Grant
    Filed: August 20, 2002
    Date of Patent: April 24, 2007
    Assignee: Intel Corporation
    Inventors: Ned McArthur Smith, Selim Aissi, Willard M. Wiseman
  • Publication number: 20040193888
    Abstract: An integrity signature may provide information about a platform used to create a digital signature. The value of a digital signature may be related to the integrity and trustworthiness of the platform on which it is created. Signed platform integrity information provides a measure of trust regarding the platform used to create the digital signature. The integrity signature may be created separately from a document signature, or a combined integrity and document signature may be provided.
    Type: Application
    Filed: March 31, 2003
    Publication date: September 30, 2004
    Inventors: Willard M. Wiseman, David W. Grawrock
  • Publication number: 20040039946
    Abstract: An originator device allows for a unique passphrase to be communicated to a service system. The originator device has a fixed token in which a unique platform identifier is recorded and a processor to generate a representation of the platform configuration. This representation is communicated to the registry service as a unique, platform-specific passphrase associated with the originator.
    Type: Application
    Filed: August 20, 2002
    Publication date: February 26, 2004
    Applicant: Intel Corporation
    Inventors: Ned McArthur Smith, Selim Aissi, Willard M. Wiseman
  • Publication number: 20040039937
    Abstract: A credential management device has a protected domain and a credential manager to perform credential transactions. A credential transaction may comprise determining if a platform is operating in a trusted mode and releasing an operation credential if the platform is operating in a trusted mode. A credential transaction may comprise validating incoming credentials from other platforms.
    Type: Application
    Filed: August 20, 2002
    Publication date: February 26, 2004
    Applicant: Intel Corporation
    Inventors: Selim Aissi, Ned McArthur Smith, Willard M. Wiseman
  • Publication number: 20040003288
    Abstract: An apparatus may include a root of trust for measurement (RTM) module coupled to a verified platform security property policy module and a comparison module. The comparison module may operate to prevent transfer of control to an operating system (and/or halt the boot process) if a policy included in the platform security property policy module is violated. A system may include a memory coupled to a processor, a platform security property policy module, and a comparison module. The memory may include an RTM. A method may include beginning execution at an entry point within an RTM, determining that the RTM is trustworthy, determining that a main initialization code associated with a platform is trustworthy and transferring control to the main initialization code, and otherwise, refraining from transferring control to the main initialization code.
    Type: Application
    Filed: June 28, 2002
    Publication date: January 1, 2004
    Applicant: Intel Corporation
    Inventors: Willard M. Wiseman, David W. Grawrock