Secure management of configuration parameters in a computing platform

US 20040025011A1
Filed: 07/14/2003
Published: 02/05/2004
Est. Priority Date: 07/30/2002
Status: Active Grant

First Claim

Patent Images

1. A method of configuring a processing device, comprising the steps of:

accessing a certificate bound to the processing device;

authenticating the certificate;

reading configuration parameters from the certificate, if properly authenticated;

configuring the processing device responsive to the configuration parameters.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing platform (10) protects system firmware (30) using a manufacturer certificate (36). The manufacturer certificate binds the system firmware (30) to the particular computing platform (10). The manufacturer certificate also stores configuration parameters and device identification numbers. A secure run-time platform data checker (200) and a secure run-time checker (202) check the system firmware during operation of the computing platform (10) to ensure that the system firmware (30) or information in the manufacturer certificate (36) has not been altered. Application software files (32) and data files (34) are bound to the particular computing device (10) by a platform certificate (38). Configuration parameters may be stored in a data file (34) with an associated platform certificate (38).

Citations

22 Claims

1. A method of configuring a processing device, comprising the steps of:
- accessing a certificate bound to the processing device;
  
  authenticating the certificate;
  
  reading configuration parameters from the certificate, if properly authenticated;
  
  configuring the processing device responsive to the configuration parameters.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 wherein the steps of accessing the certificate, authenticating the certificate, and reading configuration parameters from the certificate are performed whenever the processing device is initially powered.
  - 3. The method of claim 2 wherein the steps of accessing the certificate, authenticating the certificate, and reading configuration parameters from the certificate are repeated upon a system reset/boot.
  - 4. The method of claim 1 wherein the configuring step includes the step of configuring hardware in the processing device responsive to the configuration parameters.
  - 5. The method of claim 1 wherein the configuring step includes the step of configuring software in the processing device responsive to the configuration parameters.

6. A processing device comprising:
- processing circuitry;
  
  a memory coupled to the processing circuitry;
  
  wherein the processing circuitry;
  
  accesses a certificate bound to the processing device and stored in the memory;
  
  authenticates the certificate;
  
  reads configuration parameters from the certificate, if properly authenticated;
  
  configures the processing device responsive to the configuration parameters.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The processing device of claim 6 wherein the processing circuitry accesses the certificate, authenticates the certificate, and reads configuration parameters from the certificate whenever the processing device is initially powered.
  - 8. The processing device of claim 7 wherein the processing circuitry accesses the certificate, authenticates the certificate, and reads configuration parameters from the certificate upon a system reset/boot.
  - 9. The processing device of claim 6 wherein the processing circuitry configures hardware in the processing device responsive to the configuration parameters.
  - 10. The processing device of claim 6 wherein the processing circuitry configures software in the processing device responsive to the configuration parameters.
  - 11. The processing device of claim 6 wherein the certificate can be created and modified only by the manufacturer of the processing device.

12. A method of configuring a processing device, comprising the steps of:
- accessing a certificate bound to the processing device;
  
  authenticating the certificate;
  
  reading configuration parameters from a data file associated with the certificate, if the certificate is properly authenticated;
  
  configuring the processing device responsive to the configuration parameters.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The method of claim 12 wherein the steps of accessing the certificate, authenticating the certificate, and reading configuration parameters are performed whenever the processing device is initially powered.
  - 14. The method of claim 13 wherein the steps of accessing the certificate, authenticating the certificate, and reading configuration parameters are repeated upon a system reset/boot.
  - 15. The method of claim 12 wherein the configuring step includes the step of configuring hardware in the processing device responsive to the configuration parameters.
  - 16. The method of claim 12 wherein the configuring step includes the step of configuring software in the processing device responsive to the configuration parameters.

17. A processing device comprising:
- processing circuitry;
  
  a memory coupled to the processing circuitry;
  
  wherein the processing circuitry;
  
  accesses a certificate bound to the processing device and stored in the memory;
  
  authenticates the certificate;
  
  reads configuration parameters from a data file associated with the certificate, if the certificate is properly authenticated;
  
  configures the processing device responsive to the configuration parameters.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The processing device of claim 17 wherein the processing circuitry accesses the certificate, authenticates the certificate, and reads configuration parameters whenever the processing device is initially powered.
  - 19. The processing device of claim 18 wherein the processing circuitry accesses the certificate, authenticates the certificate, and reads configuration parameters upon a system reset/boot.
  - 20. The processing device of claim 17 wherein the processing circuitry configures hardware in the processing device responsive to the configuration parameters.
  - 21. The processing device of claim 17 wherein the processing circuitry configures software in the processing device responsive to the configuration parameters.
  - 22. The processing device of claim 17 wherein the certificate can be created and modified only by the manufacturer of the processing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Texas Instruments, Inc.
Original Assignee
Texas Instruments, Inc.
Inventors
Azema, Jerome, Chateau, Alain, Balard, Eric

Granted Patent

US 8,122,244 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/10   Protecting distributed prog...

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 2212/1052   Security improvement

G06F 2221/2153   Using hardware token as a s...

H04L 2209/603   Digital right managament [DRM]

H04L 2209/80   Wireless

H04L 9/0822   using key encryption key

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

Secure management of configuration parameters in a computing platform

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secure management of configuration parameters in a computing platform

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links