Mechanism for providing both a secure and attested boot
First Claim
Patent Images
1. A platform comprising:
- a first memory to contain a plurality of components including at least a first core component and at least one platform-based component associated with the first core component; and
a processor to perform pre-boot authentication operations on the first core component prior to passing control of the pre-boot authentication to the first core component to authenticate the at least one platform-based component.
1 Assignment
0 Petitions
Accused Products
Abstract
In general, one embodiment of the invention involves a secure platform comprising a processor and a first memory containing a plurality of components. These components include at least a first core component and at least one platform-based component associated with the first core component. Under control by processor, pre-boot authentication is sequentially performed on the core components prior to passing control of the pre-boot authentication to that core component. Each core component authenticates platform-based components associated therewith.
-
Citations
27 Claims
-
1. A platform comprising:
-
a first memory to contain a plurality of components including at least a first core component and at least one platform-based component associated with the first core component; and
a processor to perform pre-boot authentication operations on the first core component prior to passing control of the pre-boot authentication to the first core component to authenticate the at least one platform-based component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method comprising:
-
commencing a pre-boot authentication of components within a platform by performing a pre-boot authentication operation on a first core component; and
once the first core component has been authenticated, (i) passing control of the pre-boot authentication to the first core component once the first core component has been authenticated, and (ii) continuing performance of the pre-boot authentication under control of the first core component. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. Software stored in machine readable medium executed by internal circuitry within a platform to perform pre-boot authentication, the software comprising:
-
(a) a first component operating as a root of trust;
(b) a second component being authenticated by the first module prior to receiving control of the pre-boot authentication from the first component; and
(c) a third component being authenticated by the second component using Authentication Services published by the first component. - View Dependent Claims (25, 26, 27)
-
Specification