Methods and apparatus to provide secure firmware storage and service access
First Claim
Patent Images
1. A method of controlling access to execution resources comprising:
- receiving a request to execute an instruction in a pre-boot environment;
determining an identity of the instruction;
determining if an access control list includes an entry corresponding to the instruction; and
selectively allowing the execution of the instruction if the access control list includes an entry corresponding to the instruction.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus to provide secure firmware storage and service access are disclosed. One example method may include receiving a request to execute an instruction in a pre-boot environment, determining an identity of the instruction, determining if an access control list includes an entry corresponding to the instruction, and selectively allowing the execution of the instruction if the access control list includes an entry corresponding to the instruction.
34 Citations
23 Claims
-
1. A method of controlling access to execution resources comprising:
-
receiving a request to execute an instruction in a pre-boot environment;
determining an identity of the instruction;
determining if an access control list includes an entry corresponding to the instruction; and
selectively allowing the execution of the instruction if the access control list includes an entry corresponding to the instruction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An article of manufacture comprising a machine-accessible medium having a plurality of machine accessible instructions that, when executed, cause a machine to:
-
receive a request to execute an instruction in a pre-boot environment;
determine an identity of the instruction;
determine if an access control list includes an entry corresponding to the instruction; and
selectively allow the execution of the instruction if the access control list includes an entry corresponding to the instruction. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system comprising:
-
an execution environment configured to execute code;
a instruction to be executed;
a platform security unit coupled to the execution environment and receiving a request to execute the instruction in a pre-boot environment, wherein the platform security unit is configured to;
determine an identity of the instruction, determine if an access control list includes an entry corresponding to the instruction, and selectively allow the execution of the instruction by the execution environment if the access control list includes an entry corresponding to the instruction. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
Specification