15 July 2002. Thanks to DB.
See related Microsoft DRM patents:
In addition to the Microsoft individuals mentioned in relation to Palladium, AMDs Chief Security Architect, Geoffrey Strongin, appears to play a key role in the hardware system that secures Microsofts Palladium operating system. While a patent search on Mr. Strongin does not show much of interest in reference to the Palladium architecture, a company that Mr. Strongin has worked closely with in developing a trusted client PC motherboard design does (see below).
The Trusted Client: AMD and Wave Mother Board Reference Design, Dr. Kevin R. Lefebvre, Dr. Bill Chang, Wave Systems Corp., and Geoffrey Strongin, AMD, Aug. 16, 2000
Lee, MA November 22, 2000, Wave Systems Corp. (NASDAQ:WAVX) today announced it has received two new patents further bolstering its industry-leading Trust @ the Edge architecture for secure digital relationships and commerce over the Internet. With the granting of U.S. Patent # 6,138,239, Method and System For Authenticating and Utilizing Secure Resources In a Computer System, and U.S. Patent # 6,092,202, Method and System for Secure Transactions In a Computer System, Wave Systems continues to define the necessary architectures and capabilities to move the security of Internet based transactions into the user's Trusted Client environment. This intellectual property complements prior patents that Wave has received, including content metering and security mechanisms. These new Trust @ the Edge capabilities are essential for the next generation of digital commerce applications and systems.
United States Patent 6,138,239
Inventors: Veil October 24, 2000
Method and system for authenticating and utilizing secure resources in a computer system
A system and method for executing secure transactions on a computer system is disclosed. The computer system includes a memory. In one aspect, the method and system include providing a basic input output system (BIOS) on the computer system, providing a secure peripheral coupled with the computer system, and providing a master security co-processor coupled with the computer system. The BIOS includes first unit for indicating a first trust relationship with the BIOS. The secure peripheral includes second unit for indicating a second trust relationship with the secure peripheral. The master security co-processor is for processing sensitive data on the computer system and includes third unit for indicating a third trust relationship with the master security co-processor. The method and system further includes utilizing the BIOS to verify at least one of the first trust relationship, the second trust relationship, or the third trust relationship using the first unit for indicating the first trust relationship, the second unit for indicating the second trust relationship, or the third unit for indicating the third trust relationship. In another aspect, the method and system are for executing an application utilizing sensitive data on a computer system. The computer system includes a master security co-processor and a secure peripheral. In this aspect, the method and system include establishing a secure channel for communication between the master security co-processor and the secure peripheral for executing a portion of the application and executing the portion of the application by the master security co-processor utilizing the secure channel.
United States Patent 6,092,202
Inventors: Veil, et al. July 18, 2000
Method and system for secure transactions in a computer system
A method and system for secure transactions. The method and system comprise a security co-processor and an interface for interfacing the security co-processor to a host computer system. The method and system wherein secure transaction processing is performed locally in the security co-processor and non-secure transaction processing is performed in the host computer system. The method and system further include means for providing trusted input coupled to the security co-processor. In addition, the method and system include a second interface coupled to the security co-processor for receiving sensitive data from a smart card, and a trusted display coupled to the security co-processor for providing true transaction information. One advantage of the method and system in accordance with the present invention is that transactions are protected from unauthorized intrusion and, in addition, participation is proven so that transactions cannot be repudiated. Another advantage is that the method and system maintain compatibility with smart cards technology. Yet another advantage is that, because the security co-processor has functionality, smart cards require built-in functionality only for storing sensitive data including account number and private-key and for providing digital signatures to prove participation. Moreover, smart cards can carry biometric data to be recognized by the method and system for an even more reliable proof of participation and card-holder verification. With less built-in functionality, the smart cards are less complex and less expensive. Finally, the method and system are easily implemented with current technology, and the overall cost of the system is reduced.