Dennis Edward Mattoon, 67Auburn, WA

2018037, Dec 27, 2018

Jun 21, 2017

15/629139

- Redmond WA, US
Robert Karl SPIGER - Seattle WA, US
Dennis MATTOON - Kirkland WA, US
Paul ENGLAND - Bellevue WA, US

H04L 29/06

A smart device, connected device, Internet of Things (IoT) device, etc. is configured with an embedded certificate authority. The embedded certificate authority generates a compound certificate that is signed at least by a manufacturer certificate securely stored on the device. The compound certificate includes a representation of a state of the device, which is based on one or more measurements of code executable on the device. The compound certificate may be used by an external device communicating with the smart device to determine whether the device is in a trusted state. Because the compound certificate is chained to a manufacturer certificate, the external device can communicate with the manufacturer (or an employed party) to determine whether the state of the device should be trusted.

2018013, May 10, 2018

Jul 19, 2017

15/654126

- Redmond WA, US
Ronald Aigner - Redmond WA, US
Dennis J. Mattoon - Redmond WA, US
Stuart H. Schaefer - Sammamish WA, US
Merzin Kapadia - Newcastle WA, US
Robert Karl Spiger - Seattle WA, US
David R. Wooten - Greenville SC, US
Paul England - Bellevue WA, US

Microsoft Technology Licensing, LLC - Redmond WA

H04L 9/32
H04L 29/06
G06F 21/72
G06F 21/62
G06F 21/53

Techniques for a trust service for a client device are described. In various implementations, a trust service is implemented remotely from a client device and provides various trust-related functions to the client device. According to various implementations, communication between a client device and a remote trust service is authenticated by a client identifier (ID) that is maintained by both the client device and the remote trust service. In at least some implementations, the client ID is stored on a location of the client device that is protected from access by (e.g., is inaccessible to) device components such as an operating system, applications, and so forth. Thus, the client ID may be utilized to generate signatures to authenticate communications between the client device and the remote trust service.

2017010, Apr 13, 2017

Oct 12, 2015

14/880746

- Redmond WA, US
Andrey Marochko - Redmond WA, US
Dennis Mattoon - Kirkland WA, US
Paul England - Bellevue WA, US

G06F 21/57
H04L 9/32
H04L 9/08
G06F 9/44

Systems and methods facilitating a framework that provides a core trusted computing base (TCB) of an electronic device with various security capabilities. The framework can include a low-resource device and at least one distributed resource. The low-resource device can be configured to generate sealing keys, migration keys, and attestation keys that are based on a device secret associated with the low-resource device and one or more software modules. The low-resource device can further be configured to use the migration keys and the sealing keys to both verify a software update and migrate secrets from a previous version of the software to a newer version of the software. Additionally, the low-resource device can be configured to generate an attestation statement using the attestation keys and perform attestation using the attestation statement and the at least one distributed resource.

2017010, Apr 13, 2017

Oct 12, 2015

14/880813

- Redmond WA, US
Andrey Marochko - Redmond WA, US
Dennis Mattoon - Kirkland WA, US
Paul England - Bellevue WA, US

H04L 9/00
G06F 9/445
G06F 21/57
G06F 21/71
H04L 9/08

Systems and methods facilitating a framework that provides a core trusted computing base (TCB) of an electronic device with various security capabilities. The framework can include a low-resource device and at least one distributed resource. The low-resource device can be configured to generate sealing keys, migration keys, and attestation keys that are based on a device secret associated with the low-resource device and one or more software modules. The low-resource device can further be configured to use the migration keys and the sealing keys to both verify a software update and migrate secrets from a previous version of the software to a newer version of the software. Additionally, the low-resource device can be configured to generate an attestation statement using the attestation keys and perform attestation using the attestation statement and the at least one distributed resource.

2016011, Apr 21, 2016

Oct 20, 2014

14/519010

- Redmond WA, US
Ronald Aigner - Redmond WA, US
Dennis J. Mattoon - Redmond WA, US
Stuart H. Schaefer - Sammamish WA, US
Merzin Kapadia - Newcastle WA, US
Robert Karl Spiger - Seattle WA, US
David R. Wooten - Greenville SC, US
Paul England - Bellevue WA, US

H04L 9/32
H04L 29/06
G06F 21/53

Techniques for a trust service for a client device are described. In various implementations, a trust service is implemented remotely from a client device and provides various trust-related functions to the client device. According to various implementations, communication between a client device and a remote trust service is authenticated by a client identifier (ID) that is maintained by both the client device and the remote trust service. In at least some implementations, the client ID is stored on a location of the client device that is protected from access by (e.g., is inaccessible to) device components such as an operating system, applications, and so forth. Thus, the client ID may be utilized to generate signatures to authenticate communications between the client device and the remote trust service.

2015011, Apr 23, 2015

Jan 17, 2014

14/158210

- Redmond WA, US
Dennis James Mattoon - Redmond WA, US
Paul England - Bellevue WA, US

Microsoft Corporation - Redmond WA

H04L 9/32

713156, 713155

The subject disclosure is directed towards certifying cryptographic data for a crypto-processor outside of a controlled environment. The crypto-processor and a certifying entity maintain shared secret data for the purpose of verifying security of cryptographic key generation by the crypto-processor's firmware. In order to certify new cryptographic keys, the crypto-processor uses the shared secret data to verify the crypto-processor's firmware/hardware to the certifying entity. By protecting the shared secret data from exposure to compromised firmware, the shared secret data may be used to compute another secret conveying to the certifying entity whether the firmware can be trusted or not.

2014025, Sep 11, 2014

Mar 11, 2013

13/794693

- Redmond WA, US
Andrey Marochko - Redmond WA, US
Dennis Mattoon - Redmond WA, US
David R. Wooten - Redmond WA, US

Microsoft Corporation - Redmond WA

G06F 21/57

713 2

A “Secure Code Launcher” establishes platform trustworthiness, i.e., a trusted computing base (TCB), and uses hardware or firmware based components to securely launch one or more software components. The Secure Code Launcher measures and loads software components by interfacing with security extension functionality integral to one or more hardware or firmware-based components in the computing device. For example, various embodiments of the Secure Code Launcher include firmware-based components that interface with security extension functionality integral to the computing device to measure and load boot managers, operating system (OS) loaders, or other OS components including OS kernels. Similarly, the Secure Code Launcher is capable of measuring and loading software components responsible for installing an instance of an OS. In addition, various embodiments of the Secure Code Launcher provide a hypervisor loader that measures and loads a hypervisor which in turn measures and loads operating system components including virtual machines.