US2017134354A1PendingUtilityA1

Hardware-Based Credential Distribution

51
Assignee: MICROSOFT TECHNOLOGY LICENSING LLCPriority: Nov 18, 2010Filed: Jan 23, 2017Published: May 11, 2017
Est. expiryNov 18, 2030(~4.3 yrs left)· nominal 20-yr term from priority
H04L 63/062H04L 63/102H04L 63/0823G06F 21/31H04L 67/303H04L 63/08
51
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

This document describes various techniques for distributing credentials based on hardware profiles. A resource access request including a hardware profile is transmitted to a remote entity having access to a previous hardware profile and a credential useful to access a resource is received if at least a portion of the hardware profile matches the previous hardware profile.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A computing device comprising:
 a network interface configured to communicate data over a network;   one or more processors; and   a memory coupled to the one or more processors and including processor-executable instructions that, responsive to execution by the one or more processors, implement a resource access manager to:
 transmit, via the network interface, a resource access request to a remote entity, the resource access request including:
 a unique identifier of the computing device, the unique identifier of the computing device being generated in association with a secure registration process prior to transmitting the resource access request; and 
 a hardware profile of the computing device; and 
 
 receive a credential useful to access a resource of the remote entity, via the network interface and responsive to:
 a determination that the hardware profile matches at least a portion of a previous hardware profile; and 
 a determination that a credential distribution frequency limit associated with the unique identifier has not been exceeded. 
 
   
     
     
         2 . The computing device as recited in  claim 1 , wherein the credential distribution frequency limit is effective to limit a frequency at which the remote entity distributes credentials associated with the unique identifier. 
     
     
         3 . The computing device as recited in  claim 1 , wherein the credential distribution frequency limit is effective to limit credentials distributed in association with the unique identifier to one credential per one interval of time. 
     
     
         4 . The computing device as recited in  claim 1 , wherein the hardware profile of the computing device comprises a collection of serial numbers, model numbers, or parameters of hardware components of the computing device. 
     
     
         5 . The computing device as recited in  claim 1 , wherein the computing device is further implemented to receive the unique identifier from the remote entity in association with the secure registration process. 
     
     
         6 . The computing device as recited in  claim 1 , wherein the unique identifier is a certificate that is digitally signed or encrypted with a private key. 
     
     
         7 . The computing device as recited in  claim 1 , wherein the resource is a service provided by the remote entity or a resource server associated with the remote entity. 
     
     
         8 . A method comprising:
 transmitting, via a network interface of a computing device, a resource access request for a resource to a remote entity, the resource access request including:
 a unique identifier of the computing device, the unique identifier of the computing device being generated in association with a secure registration process prior to transmitting the resource access request; and 
 a hardware profile of the computing device; 
   receiving, via the network interface, a credential useful to access the resource responsive to:
 a determination that the hardware profile matches at least a portion of a stored hardware profile associated with the unique identifier; and 
 a determination that a frequency of credential distribution associated with the unique identifier of the computing device does not exceed a credential distribution frequency limit associated with the unique identifier of the computing device. 
   
     
     
         9 . The method as recited in  claim 8 , wherein the credential distribution frequency limit is effective to limit a frequency at which the remote entity distributes credentials associated with the unique identifier. 
     
     
         10 . The method as recited in  claim 8 , wherein the credential distribution frequency limit is effective to limit credentials distributed in association with the unique identifier to one credential per one interval of time. 
     
     
         11 . The method as recited in  claim 8 , wherein the hardware profile of the computing device includes a collection of serial numbers, model numbers, or parameters of hardware components of the computing device. 
     
     
         12 . The method as recited in  claim 8 , wherein the unique identifier of the computing device is a certificate that is digitally signed or encrypted with a private key. 
     
     
         13 . The method as recited in  claim 8 , wherein the determination that the hardware profile matches at least a portion of a stored hardware profile associated with the unique identifier employs a fuzzy-logic algorithm. 
     
     
         14 . The method as recited in  claim 8 , further comprising transmitting, to the remote entity, an initial hardware profile for storage as the stored hardware profile in association with the unique identifier. 
     
     
         15 . One or more computer-readable storage devices comprising processor-executable instructions that, responsive to execution by one or more processors, cause a computing device to:
 transmit a resource access request to a remote entity, the resource access request including a unique identifier of the computing device and a hardware profile of the computing device; and   receive, from the remote entity, a credential useful to access a resource of the remote entity responsive to:
 a determination that the hardware profile matches at least a portion of a stored hardware profile associated with the unique identifier; and 
 a determination that a credential distribution limit associated with the unique identifier of the computing device has not been exceeded, the credential distribution limit limiting a total number of credentials to be issued by the remote entity in association with the unique identity of the computing device. 
   
     
     
         16 . The one or more computer-readable storage devices as recited in  claim 15 , wherein the credential distribution limit is further based on a rate at which credentials are distributed in association with the unique identifier. 
     
     
         17 . The one or more computer-readable storage devices as recited in  claim 15 , wherein the hardware profile of the computing device includes a collection of serial numbers, model numbers, or parameters of hardware components of the computing device. 
     
     
         18 . The one or more computer-readable storage devices as recited in  claim 15 , wherein the resource is a software product or a software update and receiving the credential is effective to enable the computing device to access the software product or the software update. 
     
     
         19 . The one or more computer-readable storage devices as recited in  claim 15 , wherein the credential distribution frequency limit is effective to limit credentials distributed in association with the unique identifier to one credential per one interval of time. 
     
     
         20 . The one or more computer-readable storage devices as recited in  claim 15 , wherein the computer device is further caused to transmit, to the remote entity, an initial hardware profile for storage as the stored hardware profile in association with the unique identifier prior to transmitting a resource access request.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.