ENFORCEMENT OF ATTESTATION OF READ-ONLY PROTECTED MEMORY DURING ATTESTATION VALIDITY PERIOD

Organization Name

microsoft technology licensing, llc

Inventor(s)

Maxwell Christopher Renke of Sammamish WA (US)

Andrea Allievi of Seattle WA (US)

Giridhar Viswanathan of Redmond WA (US)

Benjamin M. Schultz of Bellevue WA (US)

Hari R. Pulapaka of Redmond WA (US)

David Guy Weston of Seattle WA (US)

ENFORCEMENT OF ATTESTATION OF READ-ONLY PROTECTED MEMORY DURING ATTESTATION VALIDITY PERIOD - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240338493 titled 'ENFORCEMENT OF ATTESTATION OF READ-ONLY PROTECTED MEMORY DURING ATTESTATION VALIDITY PERIOD

The abstract of the patent application describes a method for enforcing attestation of read-only protected memory during the validity period of an attestation report. When a change in the read-only protected memory protection status of a software component is detected, the client computer system checks that the attestation report's validity time period has not expired. If the report is still valid, the system then identifies any read-only memory protection (ROMP) attested properties that are no longer valid due to the change in memory protection status. Based on this information, the system initiates a remedial action to prevent the software component from interacting with a relying party computer system.

• Identification of changes in read-only protected memory protection status
• Checking validity of attestation report
• Detection of invalid ROMP attested properties
• Initiation of remedial action to prevent interaction with relying party computer system

Potential Applications: - Secure software component verification - Preventing unauthorized access to protected memory - Enhancing system security and integrity

Problems Solved: - Ensuring the integrity of read-only protected memory - Preventing unauthorized access to sensitive data - Enhancing trust in software components

Benefits: - Improved system security - Enhanced protection of sensitive data - Increased trust in software components

Commercial Applications: Title: Secure Memory Protection System for Software Components This technology can be applied in industries such as cybersecurity, software development, and data protection. It can be used to secure sensitive information, prevent unauthorized access, and enhance the overall security of computer systems.

Questions about the technology: 1. How does this technology improve the security of software components? - This technology enhances security by enforcing attestation of read-only protected memory and preventing unauthorized access to sensitive data. 2. What are the potential implications of this technology in the cybersecurity industry? - This technology can significantly improve the integrity and security of computer systems, making it a valuable tool for cybersecurity professionals.

Original Abstract Submitted

enforcing attestation of read-only protected memory during attestation validity period. a client computer system identifies a change in a read-only protected memory protection status for a software component loaded at the client computer system. the client computer system then determines that a validity time period of an attestation report is unexpired. the attestation report comprises one or more attested properties, including one or more read-only memory protection (romp) attested properties for the software component. the client computer system also determines that at least one romp attested property for the software component is no longer valid due to the change in the read-only protected memory protection status for a software component. based on the at least one romp attested property for the software component being no longer valid, the client computer system initiates a remedial action to prevent interaction of the software component with a relying party computer system.