Run-time firmware authentication
First Claim
1. A computing device comprising:
- a processing system;
a memory coupled to said processing system;
a system program stored in said memory;
a secure checking program for repeatedly authenticating said system program during operation of the computing device to ensure that the system program is not modified during execution.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing platform (10) protects system firmware (30) using a manufacturer certificate (36). The manufacturer certificate binds the system firmware (30) to the particular computing platform (10). The manufacturer certificate may also store configuration parameters and device identification numbers. A secure run-time platform data checker (200) and a secure run-time checker (202) check the system firmware during operation of the computing platform (10) to ensure that the system firmware (30) or information in the manufacturer certificate (36) has not been altered. Application software files (32) and data files (34) are bound to the particular computing device (10) by a platform certificate (38). A key generator may be used to generate a random key and an encrypted key may be generated by encrypting the random key using a secret identification number associated with the particular computing platform (10). Only the encrypted key is stored in the platform certificate (36).
132 Citations
24 Claims
-
1. A computing device comprising:
-
a processing system;
a memory coupled to said processing system;
a system program stored in said memory;
a secure checking program for repeatedly authenticating said system program during operation of the computing device to ensure that the system program is not modified during execution. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of controlling the operation of a computing device, comprising the step of:
-
comparing a current state of a system program executed by the computing device with a known secure state of the system program;
repeating the comparing step during operation of the computing device to determine any variation of the system program from the known secure state. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification