Apparatus and method for preventing access by malware to locally backed up data
First Claim
1. A method for providing malware protection in connection with processing circuitry including hardware resources and software resources managed by a primary operating system, the method comprising:
- providing a trusted operating system to control access to a portion of a local storage area of the hardware resources, wherein only the trusted operating system is configured to enable writing to the portion of the local storage area, wherein the local storage area comprises a drive that is access restrictable based on definable ranges comprising at least a first partition including the primary operating system, a second partition including the trusted operating system that is read only, and a third partition including the portion of the local storage area; and
storing backup files for the primary operating system in the portion of the local storage area responsive to the trusted operating system granting access to write to the portion of the local storage area, wherein the portion of the local storage area is normally maintained in a read only state, and wherein storing the backup files comprises enabling, via the trusted operating system, writing to the portion of the local storage area via controlling access to a key accessible only to the trusted operating system, and the key is only available to the trusted operating system responsive to determining a predefined boot sequence was employed.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for providing malware protection in connection with processing circuitry including hardware resources and software resources managed by a primary operating system may include providing a trusted operating system to control access to a portion of a local storage area of the hardware resources. In this context, only the trusted operating system is configured to enable writing to the portion of the local storage area. The method may further include storing backup files for the primary operating system in the portion of the local storage area responsive to the trusted operating system granting access to write to the portion of the local storage area.
13 Citations
14 Claims
-
1. A method for providing malware protection in connection with processing circuitry including hardware resources and software resources managed by a primary operating system, the method comprising:
-
providing a trusted operating system to control access to a portion of a local storage area of the hardware resources, wherein only the trusted operating system is configured to enable writing to the portion of the local storage area, wherein the local storage area comprises a drive that is access restrictable based on definable ranges comprising at least a first partition including the primary operating system, a second partition including the trusted operating system that is read only, and a third partition including the portion of the local storage area; and storing backup files for the primary operating system in the portion of the local storage area responsive to the trusted operating system granting access to write to the portion of the local storage area, wherein the portion of the local storage area is normally maintained in a read only state, and wherein storing the backup files comprises enabling, via the trusted operating system, writing to the portion of the local storage area via controlling access to a key accessible only to the trusted operating system, and the key is only available to the trusted operating system responsive to determining a predefined boot sequence was employed. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for providing malware protection, the apparatus comprising processing circuitry including hardware resources and software resources managed by a primary operating system, the apparatus further including a trusted operating system configured to control access to a portion of a local storage area of the hardware resources,
wherein the local storage area comprises a drive that is access restrictable based on definable ranges comprising at least a first partition including the primary operating system, a second partition including the trusted operating system, and a third partition including the portion of the local storage area, wherein the second partition is read only; -
wherein the portion of the local storage area stores backup files for the primary operating system and is normally maintained in a read only state, and wherein the trusted operating system is configured to enable writing to the portion of the local storage area via controlling access to a key accessible only to the trusted operating system, and the key is only available to the trusted operating system responsive to determining a predefined boot sequence was employed; and wherein only the trusted program operating system is configured to enable writing to the portion of the local storage area. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification