Computer with a modified north bridge, security engine and smart card having a secure boot capability and method for secure booting a computer
First Claim
1. A system for securely booting a computer including a main central processing unit, main random access memory, peripheral devices controllers and a bus coupled to said peripheral devices controllers, said system comprising:
- a) a memory controller hub coupled to said central processing unit, said random access memory and said bus;
b) a security engine including a security kernel stored in a second memory coupled to said memory controller;
c) a smart card coupled to said security engine.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system to provide secure boot process for a personal computer. A security kernel forming part of the invention typically resides in the upper area in memory for encrypting/decrypting data from any application that is running under the operating system. The invention allows two operating systems to work separately using the same hardware. The method and system also provides real time encryption for any peripheral that has been selected for which encryption is required during run time operations such as while receiving or sending confidential information over the Internet using a modem or network connection. In place of a standard BIOS, the invention utilizes a security engine including a kernel stored in a flash memory, a modified north bridge and a smart card for auto burning the flash memory portion of the security engine and key generation.
260 Citations
24 Claims
-
1. A system for securely booting a computer including a main central processing unit, main random access memory, peripheral devices controllers and a bus coupled to said peripheral devices controllers, said system comprising:
-
a) a memory controller hub coupled to said central processing unit, said random access memory and said bus;
b) a security engine including a security kernel stored in a second memory coupled to said memory controller;
c) a smart card coupled to said security engine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 24)
-
-
23. A method for securely booting a computer including a main central processing unit, main random access memory, peripheral devices controllers and a bus coupled said peripheral devices controllers, said method comprising the steps of:
-
a) sending a command to initiate a verification for a digital signature;
b) attempting to verify said digital signature using a predetermined algorithm;
c) if said digital signature is verified, enabling a main central processing unit and allowing a boot of an operating system;
d) if said digital signature is not verified, display a predetermined message and disable said peripheral device controllers.
-
Specification