Practical platform for high risk applications

US 20070180509A1
Filed: 01/11/2006
Published: 08/02/2007
Est. Priority Date: 12/07/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method for securing the client side of a transaction between a client and a service provider through a network comprising providing the client with an apparatus that a computer can boot from in order to provide an independent operating system environment, the apparatus comprising:

(a) a portable non-volatile memory element;

(b) an operating system environment stored on the portable non-volatile memory element;

(c) the operating system environment including client software for interfacing with the service provider to perform the transaction, wherein the client software is configured to encrypt communication with the service provider; and

(d) a bootloader for booting the operating system environment from the portable non-volatile memory element.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is a portable device that a computer can boot from, containing a prefabricated independent operating system environment which is engineered from the ground up to prioritize security while maximizing usability, in order to provide a safe, reliable and easy to use practical platform for high risk applications. An embodiment of the present invention may temporarily transform an ordinary computer into a naturally inexpensive logical appliance which encapsulates a turn-key functional solution within the digital equivalent of a military grade security fortress. This allows existing hardware to be conveniently leveraged to provide a self contained system which does not depend on the on-site labor of rare and expensive system integration and security experts.

Citations

318 Claims

1. A method for securing the client side of a transaction between a client and a service provider through a network comprising providing the client with an apparatus that a computer can boot from in order to provide an independent operating system environment, the apparatus comprising:
- (a) a portable non-volatile memory element;
  
  (b) an operating system environment stored on the portable non-volatile memory element;
  
  (c) the operating system environment including client software for interfacing with the service provider to perform the transaction, wherein the client software is configured to encrypt communication with the service provider; and
  
  (d) a bootloader for booting the operating system environment from the portable non-volatile memory element.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 2. The method of claim 1, wherein the network includes a computer communication component selected from the group consisting of:
    - a local area network;
      
      a wireless local area network (WLAN);
      
      a wide area network (WAN);
      
      a telephone network;
      
      an intranet; and
      
      the internet.
  - 3. The method of claim 1, wherein the transaction between the client and the service provider includes operations selected from the group consisting of:
    - performing a financial transaction;
      
      accessing financial information;
      
      accessing medical records;
      
      accessing a virtual private network;
      
      accessing a website;
      
      accessing an intranet portal;
      
      accessing a file server;
      
      accessing a database;
      
      accessing an email service;
      
      accessing an instant messaging service;
      
      accessing a voice over ip service;
      
      accessing a project collaboration service;
      
      accessing a source code repository;
      
      accessing a terminal client server; and
      
      accessing a custom application.
  - 4. The method of claim 1, wherein the service provider is an online financial services provider, and the client is a customer of the online financial services provider, whereby the client of the online financial services provider can boot a computer from the apparatus to safely access financial information or conduct online transactions.
  - 5. The method of claim 1, wherein the service provider is an employer, and the client is an employee, whereby the employee can boot an untrusted home computer from the apparatus to safely access network resources of the employer.
  - 6. The method of claim 1, wherein the service provider is a government, and the client is a citizen, whereby the citizen can boot a computer from the apparatus to safely access the government'"'"'s information and citizenship services.
  - 7. The method of claim 1, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including a second initialization component for loading a predetermined portion of the operating system environment into the computer'"'"'s main memory.
  - 8. The method of claim 7, wherein the second initializations component loads a large enough portion of the operating system environment into the computer'"'"'s main memory so that the computer no longer needs to read from the portable non-volatile memory element.
  - 9. The method of claim 1, wherein the apparatus that a computer can boot from further comprises (e) an autorun component for automatically executing a user assistance component when the apparatus is first inserted into the computer while the computer is running a local operating system on the computer, the autorun component being stored on the portable non-volatile memory element.
  - 10. The method of claim 9, wherein the user assistance component includes a component selected from the group consisting of:
    - (i) a user manual component for providing a user manual for the apparatus;
      
      (ii) a bios reconfiguration component for helping a user reconfigure the computer'"'"'s BIOS; and
      
      (iii) a boot disk creation component for helping a user create boot disks.
  - 11. The method of claim 9, wherein the user assistance component includes a smart reboot component for causing the local operating system to invoke a hibernation mode which preserves the state of the local operating system'"'"'s running applications before rebooting the computer from the apparatus.
  - 12. The method of claim 1, wherein the bootloader is stored on the portable non-volatile memory element wherein the computer can boot directly from the apparatus.
  - 13. The method of claim 1, wherein the bootloader is stored on a separate storage media, the separate storage media being of a type that the BIOS of the computer supports booting from, and wherein, the operating system environment includes a main initialization component for initiating the operating system environment, and the separate storage media contains a first initialization component for accessing the operating system environment stored on the portable non-volatile memory element and thereafter invoking the main initialization component.
  - 14. The method of claim 1, wherein the apparatus that a computer can boot from further comprises (e) a first interface component for operatively interfacing the apparatus with a device interface port of the computer as a peripheral device, the first interface component coupled to the portable non-volatile memory element.
  - 15. The method of claim 14, wherein the apparatus that a computer can boot from further comprises a cryptographic component for providing cryptographic services, the cryptographic component coupled to at least the first interface component.
  - 16. The method of claim 1, wherein the portable non-volatile memory element is a storage media that is compatible with media read/write interfaces of the computer.
  - 17. The method of claim 16, wherein the storage media is an optical media type in miniature form.
  - 18. The method of claim 16, wherein the storage media includes a component for providing a visual mark of authenticity.
  - 19. The method of claim 16, wherein the storage media provides a signature area.
  - 20. The method of claim 1, wherein the operating system environment includes a plurality of security mechanisms that are configured to provide a substantially fault-tolerant multi layered security architecture.
  - 21. The method of claim 20, wherein the operating system environment includes a mandatory access control component for enforcing a predetermined operating system level access control policy that substantially limits the potential damage that the compromise of any individual software component of the operating system environment will have on the overall security provided by the operating system environment.
  - 22. The method of claim 20, wherein the operating system environment includes an exploitation countermeasure component for substantially increasing how difficult it is to exploit a predetermined group of vulnerability types in software components of the operating system environment.
  - 23. The method of claim 1, wherein the operating system environment includes:
    - (i) a virtual private network component for establishing a virtual private network connection, and (ii) a network configuration component for establishing network connectivity, the network configuration component including a component for invoking the virtual private network component to establish a virtual private network connection after network connectivity is established.
  - 24. The method of claim 1, wherein the client component includes a component for providing a substantial indication to the service provider that the network service is being accessed securely from the operating system environment which is provided by the apparatus.
  - 25. The method of claim 24, wherein the client component includes:
    - a client cryptographic certificate; and
      
      a component for calculating a response to a cryptographic challenge provided by the service provider using the client cryptographic certificate.
  - 26. The method of claim 1, wherein the operating system environment includes a connectivity agent component for establishing network connectivity across a variety of circumstances with minimum user interaction.
  - 27. The method of claim 26, wherein the connectivity agent component includes:
    - a component for maintaining a list of previous network configurations in a predetermined storage location;
      
      a component for updating the list of previous network configurations according to the parameters of network configurations in which network connectivity was successfully established; and
      
      a component for attempting to establish network connectivity by applying network configurations from the list of previous network configurations.
  - 28. The method of claim 26, wherein the connectivity agent component includes a component for importing network configuration parameters from the files of the operating system installed on the computer'"'"'s internal storage devices.
  - 29. The method of claim 1, wherein the operating system environment includes:
    - (i) a persistent safe storage component for storing data persistently inside at least one persistent safe storage element, the persistent safe storage element comprising an opaque container, and (ii) a first initialization component for initializing the operating system environment, the first initialization component including;
      
      (ii1) an access component for attempting to locate and access the persistent safe storage element; and
      
      (ii2) a creation component for creating the persistent safe storage element if the access component fails to locate or access persistent safe storage element.

30. An apparatus that a computer can boot from, in order to provide an independent operating system environment, comprising:
- (a) a portable non-volatile memory element;
  
  (b) an operating system environment stored on the portable non-volatile memory element;
  
  (c) a bootloader for booting the operating system environment from the portable non-volatile memory element.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159)
- - 31. The apparatus of claim 30, wherein the operating system environment includes a plurality of security mechanisms that are configured to provide a substantially fault-tolerant multi layered security architecture.
  - 32. The apparatus of claim 31, further comprising (d) a first interface component for operatively interfacing the apparatus with a device interface port of the computer as a peripheral device, the first interface component coupled to the portable non-volatile memory element.
  - 33. The apparatus of claim 32, wherein the type of the first interface component is selected from the group consisting of universal serial bus (USB) and firewire and personal computer memory card international association (PCMCIA) and secure digital input output (SDIO) interface types.
  - 34. The apparatus of claim 32, further comprising (e) at least one additional interface component for operatively connecting the apparatus to a device interface port of the computer as a peripheral device, the type of the additional interface component differing from the type of the first interface component, whereby the apparatus is compatible with multiple types of device interface ports.
  - 35. The apparatus of claim 32, further comprising (e) a cryptographic component for providing cryptographic services, the cryptographic component coupled to at least the first interface component.
  - 36. The apparatus of claim 35, further comprising (f) a physical casing surrounding at least the cryptographic component, the physical casing including means for resisting tampering, wherein tampering with the physical casing will trigger the destruction of secret cryptographic data stored on the cryptographic component.
  - 37. The apparatus of claim 35, wherein the cryptographic component includes means for substantially resisting tampering.
  - 38. The apparatus of claim 35, wherein the cryptographic component includes means for providing public key cryptographic services.
  - 39. The apparatus of claim 38, wherein the services provided by the means for providing public key cryptographic services include:
    - secure generation and storage of private keys; and
      
      public-key decryption and encryption operations.
  - 40. The apparatus of claim 35, wherein the cryptographic component includes a cryptographic storage component for storing secret cryptographic data, wherein the cryptographic storage component is detachable from the apparatus.
  - 41. The apparatus of claim 35, wherein the cryptographic component includes a cryptographic interface protocol component for conforming to a standard authentication token interface protocol, whereby the apparatus can provide equivalent functionality in the same usage contexts as a traditional authentication token.
  - 42. The apparatus of claim 41, wherein the cryptographic interface protocol component includes means for conforming to the Cryptoki (PKCS 11) token standard.
  - 43. The apparatus of claim 41, wherein the cryptographic interface protocol component includes means for conforming to the ISO 7816 standard.
  - 44. The apparatus of claim 32, further comprising (e) a biometrical sensor component for measuring unique biological metrics, the biometrical sensor component coupled to at least the first interface component.
  - 45. The apparatus of claim 44, wherein the biometrical sensor component comprises component for reading a fingerprint.
  - 46. The apparatus of claim 44, further comprising (f) a cryptographic component for providing cryptographic services, the cryptographic component coupled to at least the first interface component, whereby the apparatus can support 2-factor authentication without using passwords.
  - 47. The apparatus of claim 32, further comprising (e) a physical casing surrounding at least the portable non-volatile memory element.
  - 48. The apparatus of claim 47, wherein the physical casing includes a component for providing a visual mark of authenticity.
  - 49. The apparatus of claim 48, wherein the component for providing a visual mark of authenticity comprises a hologram.
  - 50. The apparatus of claim 47, wherein the physical casing includes a signature area.
  - 51. The apparatus of claim 47, wherein the physical casing includes means for substantially resisting tampering.
  - 52. The apparatus of claim 51, wherein tampering with the physical casing will render the apparatus inoperative.
  - 53. The apparatus of claim 31, wherein the portable non-volatile memory element is storage media that is compatible with media read/write interfaces of the computer.
  - 54. The apparatus of claim 53, wherein the type of the storage media is selected from the group consisting of optical and magnetic and solid state storage media types.
  - 55. The apparatus of claim 53, wherein the storage media is an optical media type in miniature form.
  - 56. The apparatus of claim 53, wherein the storage media includes means for providing a visual mark of authenticity.
  - 57. The apparatus of claim 53, wherein the storage media provides a signature area.
  - 58. The apparatus of claim 31, wherein the portable non-volatile memory element is physically read-only.
  - 59. The apparatus of claim 31, wherein the bootloader is stored on the portable non-volatile memory element wherein the computer can boot directly from the apparatus.
  - 60. The apparatus of claim 31, wherein the bootloader is stored on a separate storage media, the separate storage media being of a type that the BIOS of the computer supports booting from, and wherein, the operating system environment includes main initialization component for initiating the operating system environment, and the separate storage media contains first initialization component for accessing the operating system environment stored on the portable non-volatile memory element and thereafter invoking the main initialization component.
  - 61. The apparatus of claim 31, further comprising (e) a separate cryptographic token.
  - 62. The apparatus of claim 31, wherein the operating system environment includes:
    - (i) a virtual private network component for establishing a virtual private network connection; and
      
      (ii) a network configuration component for establishing network connectivity, the network configuration component including a component for invoking the virtual private network component to establish a virtual private network connection after network connectivity is established.
  - 63. The apparatus of claim 62, wherein the operating system environment includes a component for restricting outgoing and incoming network traffic to only allow traffic from within the virtual private network connection, whereby the operating system environment is logically isolated from security threats on the public network through which the virtual private network connection is established.
  - 64. The apparatus of claim 31, wherein the operating system environment includes a personal firewall component for enforcing a predetermined network access control policy that substantially prevents unauthorized network traffic to and from client and server side applications of the operating system environment.
  - 65. The apparatus of claim 31, wherein the operating system environment includes a mandatory access control component for enforcing a predetermined operating system level access control policy that substantially limits the potential damage that the compromise of any individual software component of the operating system environment will have on the overall security provided by the operating system environment.
  - 66. The apparatus of claim 65, wherein the predetermined operating system level access control policy is configured to substantially minimize the privileges of each individual software component of the operating system environment, to the reduced set of privileges each individual software component needs to carry out its function.
  - 67. The apparatus of claim 31, wherein the operating system environment includes a trusted path execution component for preventing execution of software programs whose executable files are not in predetermined trusted filesystem paths.
  - 68. The apparatus of claim 31, wherein the operating system environment includes a logical compartment component for containing predetermined compartmentalized software programs within at least one logical compartment, wherein the predetermined compartmentalized software programs are logically isolated from the rest of the operating system environment.
  - 69. The apparatus of claim 68, wherein the logical compartment component includes a type of logical compartmentalization security mechanism selected from the group consisting of unix chroot and user mode linux and vmware and xen logical compartment types.
  - 70. The apparatus of claim 31, wherein the operating system environment includes a raw input output and memory protection component for preventing direct raw access to the operating system'"'"'s virtual memory and to the operating system'"'"'s hardware input output interfaces.
  - 71. The apparatus of claim 31, wherein the operating system environment includes an exploitation countermeasure component for substantially increasing how difficult it is to exploit a predetermined group of vulnerability types in software components of the operating system environment.
  - 72. The apparatus of claim 71, wherein the exploitation countermeasure component includes a component for increasing how difficult it is to exploit memory bounds violation vulnerability types in software components of the operating system environment.
  - 73. The apparatus of claim 71, wherein the exploit countermeasures component includes a component for increasing how difficult it is to exploit race condition vulnerability types in software components of the operating system environment.
  - 74. The apparatus of claim 31, wherein the operating system environment includes a predetermined group of software components which are compiled with a compiler toolchain that hardens the predetermined group of software components for preventing the exploitation of a predetermined group of vulnerability types in the predetermined group of software components.
  - 75. The apparatus of claim 74, wherein the compiler toolchain that is used to harden the predetermined group of software components is selected from the group consisting of gnu compiler toolchain with the ssp patch applied and gnu compiler toolchain with the stackguard patch applied.
  - 76. The apparatus of claim 74, wherein the compiler toolchain that is used to harden the predetermined group of software components provides substantial runtime protection against exploitation of buffer overflows vulnerability types in the predetermined group of software components.
  - 77. The apparatus of claim 31, wherein the operating system environment includes a client component for accessing a network service provided by a service provider, the client component including a component for providing a substantial indication to the service provider that the network service is being accessed securely from the operating system environment which is provided by the apparatus.
  - 78. The apparatus of claim 77, wherein the client component includes:
    - a client cryptographic certificate; and
      
      a component for calculating a response to a cryptographic challenge provided by the service provider using the client cryptographic certificate.
  - 79. The apparatus of claim 78, wherein the client component comprises a web browser that supports the secure sockets layer encryption protocol, the web browser including:
    - (i) an x509 client certificate; and
      
      (ii) a component for calculating a response to a cryptographic challenge provided by the service provider, using the x509 client certificate, the cryptographic challenge and the calculated response conforming to the challenge response mechanism defined by the secure sockets layer encryption protocol.
  - 80. The apparatus of claim 31, wherein the operating system environment includes an integrated training component for warning users of security risks.
  - 81. The apparatus of claim 80, wherein the integrated training component includes means for providing cautionary reminders embedded in logical proximity to problematic interfaces.
  - 82. The apparatus of claim 30, wherein the operating system environment includes:
    - (i) a virtual private network component for establishing a virtual private network connection; and
      
      (ii) a network configuration component for establishing network connectivity, the network configuration component including a component for invoking the virtual private network component to establish a virtual private network connection after network connectivity is established.
  - 83. The apparatus of claim 82, wherein the operating system environment includes a component for restricting outgoing and incoming network traffic to only allow traffic from within the virtual private network connection, whereby the operating system environment is logically isolated from security threats on the public network through which the virtual private network connection is established.
  - 84. The apparatus of claim 30, wherein the operating system environment includes a connectivity agent for establishing network connectivity across a variety of circumstances with minimum user interaction.
  - 85. The apparatus of claim 84, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including a second initialization component for invoking the connectivity agent.
  - 86. The apparatus of claim 84, wherein the connectivity agent includes:
    - a component for determining network interface hardware of the computer; and
      
      a component for attempting to establish network connectivity by iterating through each of the determined network interfaces, in a predetermined order sorted by the type of the determined network interfaces, and applying to each determined network interface appropriate predetermined default configuration parameters.
  - 87. The apparatus of claim 86, wherein the connectivity agent includes a wireless configuration component for configuring a wireless network interface by determining a list of wireless networks that are detected by the wireless network interface, and for each wireless network in the list of wireless networks, attempting to establish network connectivity by associating the wireless network interface with the wireless network and applying to the wireless network interface appropriate predetermined default configuration parameters.
  - 88. The apparatus of claim 87, wherein the wireless configuration component sorts the list of wireless networks detected by the wireless network interface according to the signal strength of each wireless network.
  - 89. The apparatus of claim 86, wherein the connectivity agent includes:
    - a component for determining a list of wireless networks that are detected by a wireless type network interface; and
      
      a component for interacting with a user to choose with which wireless network to associate the wireless network interface.
  - 90. The apparatus of claim 84, wherein the connectivity agent includes:
    - a component for maintaining a list of previous network configurations in a predetermined storage location;
      
      a component for updating the list of previous network configurations according to the parameters of network configurations in which network connectivity was successfully established; and
      
      a component for attempting to establish network connectivity by applying network configurations from the list of previous network configurations.
  - 91. The apparatus of claim 90, wherein the component for attempting to establish network connectivity includes a component for prioritizing the order in which network configurations from the list of previous network configurations are each applied by calculating odds indicating how likely each network configuration is to work based on historical patterns.
  - 92. The apparatus of claim 84, wherein the connectivity agent includes a component for importing network configuration parameters from the files of the operating system installed on the computer'"'"'s internal storage devices.
  - 93. The apparatus of claim 84, wherein the connectivity agent includes a component for testing whether an attempted configuration of the network was successful by performing a predetermined reliable operation that requires network connectivity.
  - 94. The apparatus of claim 84, wherein the connectivity agent includes:
    - a manual configuration component for interacting with the user to manually provide network configuration parameters; and
      
      a component for invoking the manual configuration component if automatic network configuration attempts fail.
  - 95. The apparatus of claim 84, wherein the connectivity agent includes a manual override component for allowing the user to cancel automatic network configuration attempts and perform an immediate manual configuration of the network.
  - 96. The apparatus of claim 84, wherein the operating system environment includes a client component for accessing a network service provided by a service provider, the client component including a component for providing a substantial indication to the service provider that the network service is being accessed securely from the operating system environment which is provided by the apparatus.
  - 97. The apparatus of claim 96, wherein the client component includes:
    - a client cryptographic certificate; and
      
      a component for calculating a response to a cryptographic challenge provided by the service provider using the client cryptographic certificate.
  - 98. The apparatus of claim 97, wherein the client component comprises a web browser that supports the secure sockets layer encryption protocol, the web browser including:
    - (i) an x509 client certificate; and
      
      (ii) a component for calculating a response to a cryptographic challenge provided by the service provider, using the x509 client certificate, the cryptographic challenge and the calculated response conforming to the challenge response mechanism defined by the secure sockets layer encryption protocol.
  - 99. The apparatus of claim 30, wherein the operating system environment includes:
    - (i) a persistent safe storage component for storing data persistently inside at least one persistent safe storage element, the persistent safe storage element comprising an opaque container, and (ii) a first initialization component for initializing the operating system environment, the first initialization component including;
      
      (ii1) an access component for attempting to locate and access the persistent safe storage element; and
      
      (ii2) a creation component for creating the persistent safe storage element if the access component fails to locate or access persistent safe storage element.
  - 100. The apparatus of claim 99, wherein the persistent safe storage component includes a component for setting up the opaque container as a virtual block device containing a filesystem.
  - 101. The apparatus of claim 99, wherein the access component attempts to locate and access the persistent safe storage element within a filesystem of the local operating system on the computer'"'"'s internal storage devices, and the creation component creates the persistent safe storage element within a filesystem of the local operating system on the computer'"'"'s internal storage devices.
  - 102. The apparatus of claim 101, wherein the creation component includes:
    - a component for determining which internal storage partition has the most free space; and
      
      a component for creating the persistent safe storage element automatically on the internal storage partition that is determined to have the most free space.
  - 103. The apparatus of claim 101, wherein the creation component includes a component for interacting with the user to select the partition in which the persistent safe storage element will be created.
  - 104. The apparatus of claim 99, wherein the first initialization component includes a component for allowing the user to choose to cancel creation of the persistent safe storage element.
  - 105. The apparatus of claim 99, wherein the first initialization component includes a component for allowing the user to choose to purge the persistent safe storage element.
  - 106. The apparatus of claim 99, wherein the access component attempts to locate and access the persistent safe storage element at a predetermined network storage location;
    - and the creation component creates the persistent safe storage element at a predetermined network storage location.
  - 107. The apparatus of claim 99, wherein the persistent safe storage component includes a component for encrypting the opaque container with a secret key.
  - 108. The apparatus of claim 107, wherein the persistent safe storage component includes a component for encrypting the secret key, and wherein, the persistent safe storage element further comprises a key file for storing the encrypted secret key.
  - 109. The apparatus of claim 107, wherein the persistent safe storage component includes:
    - a component for encrypting the secret key, a component for embedding the encrypted secret key within the opaque container.
  - 110. The apparatus of claim 107, further comprising:
    - (d) a first interface component for operatively interfacing the apparatus with a device interface port of the computer as a peripheral device, the first interface component coupled to the portable non-volatile memory element; and
      
      (e) a cryptographic component for providing cryptographic services, the cryptographic component coupled to at least the first interface component; and
      
      wherein, the persistent safe storage component includes a component for encrypting the secret key using the cryptographic component.
  - 111. The apparatus of claim 107, further comprising (d) a separate cryptographic token, and wherein, the persistent safe storage component includes a component for encrypting the secret key using the separate cryptographic token.
  - 112. The apparatus of claim 107, wherein the persistent safe storage component includes:
    - a component for receiving a password provided by a user, a component for encrypting the secret key using the password.
  - 113. The apparatus of claim 99, wherein the persistent safe storage component includes a fingerprint calculation component for calculating a fingerprint that uniquely identifies an instance of the persistent safe storage element.
  - 114. The apparatus of claim 113, wherein the persistent safe storage component includes a component for embedding a predetermined portion of the fingerprint within the names of the files of the persistent safe storage element.
  - 115. The apparatus of claim 113, wherein the persistent safe storage component includes a component for embedding a predetermined portion of the fingerprint within the contents of the files of the persistent safe storage element.
  - 116. The apparatus of claim 113, further comprising:
    - (d) a first interface component for operatively interfacing the apparatus with a device interface port of the computer as a peripheral device, the first interface component coupled to the portable non-volatile memory element; and
      
      (e) a cryptographic component for providing cryptographic services, the cryptographic component coupled to at least the first interface component; and
      
      wherein, the fingerprint calculation component includes a component for calculating the fingerprint as the hash of a predetermined portion of the unique data stored on the cryptographic component.
  - 117. The apparatus of claim 113, further comprising (d) a separate cryptographic token, and wherein, the fingerprint calculation component includes a component for calculating the fingerprint as the hash of a predetermined portion of the unique data stored on the separate cryptographic token.
  - 118. The apparatus of claim 113, wherein the fingerprint calculation component includes a component for calculating the fingerprint using uniquely identifying information provided by the user.
  - 119. The apparatus of claim 99, wherein the first initialization component includes a boot data component for maintaining within the persistent safe storage element boot data created during the boot process that is useful for enabling boot process optimizations.
  - 120. The apparatus of claim 119, wherein the boot data component includes a component for maintaining hardware configuration parameters within the persistent safe storage element.
  - 121. The apparatus of claim 119, wherein the boot data component includes a component for maintaining a record of initialized system state within the persistent safe storage element.
  - 122. The apparatus of claim 99, wherein the operating system environment includes network configuration component for establishing network connectivity, the network configuration component including a component for maintaining network configuration parameters within the persistent storage element.
  - 123. The apparatus of claim 122, wherein the network configuration component includes a connectivity agent component for establishing network connectivity across a variety of circumstances with minimum user interaction, the connectivity agent component including:
    - a component for maintaining a list of previous network configurations within the persistent storage element;
      
      a component for updating the list of previous network configurations according to the parameters of network configurations in which network connectivity was successfully established; and
      
      a component for attempting to establish network connectivity by applying network configurations from the list of previous network configurations.
  - 124. The apparatus of claim 30, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including:
    - (i) a hardware profiling component for determining current hardware profile of the computer;
      
      (ii) a component for determining whether hardware parameters need to be configured, comprising;
      
      (ii1) a component for determining if a previous hardware profile has been previously saved to a predetermined storage location, and (ii2) a component for determining if hardware profile has changed by comparing the current hardware profile with the previous hardware profile if it is determined that the previous hardware profile exists; and
      
      (iii) a component for configuring and saving hardware parameters if it is determined that hardware parameters need to be configured, comprising;
      
      (iii1) a hardware configuration component for determining hardware configuration parameters, (iii2) a component for saving determined hardware configuration parameters within a predetermined storage location, and (iii3) a component for saving current hardware profile within a predetermined storage location; and
      
      (iv) a component for loading hardware drivers based on saved hardware configuration parameters.
  - 125. The apparatus of claim 124, wherein the hardware profiling component includes a component for querying the BUS of the computer for hardware identification information.
  - 126. The apparatus of claim 124, wherein the hardware configuration component includes a component for importing hardware configuration parameters from the files of the operating system installed on the computer'"'"'s internal storage devices.
  - 127. The apparatus of claim 124, wherein the hardware configuration component includes a component for looking up hardware configuration parameters in a database that associates hardware configuration parameters with hardware information that can be derived from the current hardware profile.
  - 128. The apparatus of claim 124, wherein the hardware configuration component includes a component for interacting with the user to manually provide hardware configuration parameters.
  - 129. The apparatus of claim 30, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including a state maintenance component for maintaining a record of initialized system state within a predetermined storage location.
  - 130. The apparatus of claim 129, wherein the state maintenance component comprises:
    - (i) a hardware profiling component for determining a current hardware profile of the computer;
      
      (ii) component for determining whether the computer'"'"'s hardware profile has changed, comprising;
      
      (ii1) component for determining if a previous hardware profile which has been previously saved to a predetermined storage location exists;
      
      (ii2) component for determining if hardware profile has changed by comparing the current hardware profile with the previous hardware profile if it is determined that the previous hardware profile exists;
      
      (iii) component for determining if a record of initialized system state has been previously saved to a predetermined storage location. (iv) component for restoring state of the computer from the previously saved record of initialized system state, if previously saved record of initialized system state exists and if it is determined the computer'"'"'s hardware profile has not changed since the previously saved record of initialized system state was created;
      
      (v) component for creating a record of initialized system state and saving it to a predetermined storage location along with the current hardware profile, if a previously saved hardware profile does not exist, or if it is determined that the hardware profile has changed.
  - 131. The apparatus of claim 129, wherein the state maintenance component includes:
    - component for creating an efficient record of initialized system state that requires only memory pages that are allocated to be saved; and
      
      component for restoring system state from the efficient record of initialized system state.
  - 132. The apparatus of claim 30, wherein the operating system environment includes:
    - (i) logical volume management component for storing data inside a logical volume element, and (ii) first initialization component for initializing the operating system environment, the first initialization component including;
      
      (ii1) an access component for attempting to locate and access the logical volume element on the computer'"'"'s internal storage devices; and
      
      (ii2) a creation component for creating the logical volume element on the computer'"'"'s internal storage devices if the access component fails to locate or access logical volume element.
  - 133. The apparatus of claim 132, wherein the creation component includes a configuration dialog component for interacting with the user to configure which partitions of the computer'"'"'s internal storage devices are pooled into creation of the logical volume element.
  - 134. The apparatus of claim 133, wherein the configuration dialog component includes:
    - a component for calculating a recommended configuration for the logical volume element; and
      
      a component for allowing the user to choose to configure the logical volume element according to the calculated recommended configuration.
  - 135. The apparatus of claim 134, wherein the component for calculating a recommended configuration includes a component for detecting empty partitions which can be safely pooled into creation of the logical volume element without loosing data.
  - 136. The apparatus of claim 133, wherein the configuration dialog component includes a partition identification component for displaying the identifying information of a partition.
  - 137. The apparatus of claim 136, wherein the partition identification component includes a component selected from the group consisting of:
    - a component for displaying the filesystem contents of a partition;
      
      a component for displaying the type of filesystem contained in a partition;
      
      a component for displaying a partition'"'"'s label;
      
      a component for displaying the size of a partition; and
      
      a component for displaying the type of a partition.
  - 138. The apparatus of claim 132, wherein the access component includes a component for attempting to locate a partition containing the configuration parameters of the logical volume element, and wherein, the creation component includes a component for creating a partition containing the configuration parameters of the logical volume element.
  - 139. The apparatus of claim 30, wherein the operating system environment includes:
    - (i) a first software application, and (ii) a migration agent for migrating application data between the first software application and a second software application that is substantially isomorphic to the first software application.
  - 140. The apparatus of claim 139, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including:
    - a component for determining if a local operating system is stored in the computer'"'"'s internal storage devices; and
      
      a component for executing the migration agent if it is determined that the local operating system exists.
  - 141. The apparatus of claim 139, wherein the application data that is migrated by the migration agent includes predetermined types of application content data and application configuration data.
  - 142. The apparatus of claim 139, wherein the first software application is selected from the group consisting of:
    - a web browser;
      
      an email client; and
      
      an instant messenger client.
  - 143. The apparatus of claim 139, wherein the first software application is selected from the group consisting of:
    - a web server;
      
      a mail server;
      
      a database server;
      
      a file server;
      
      a name server; and
      
      a firewall.
  - 144. The apparatus of claim 139, wherein the migration agent includes a data migration component for migrating application data from the data files of the second software application to the data files of the first software application, the data migration component including:
    - (i) a data parsing component for parsing the data files of the second software application to extract a plurality of data elements;
      
      (ii) a translating component for translating each of the data elements extracted by the data parsing component into the closest analog supported by the first software application; and
      
      (iii) a component for saving the data elements translated by the translating component to the data files of the first software application.
  - 145. The apparatus of claim 144, wherein the data parsing component includes:
    - (i1) a component for loading a predetermined portion of the second software application containing predetermined software routines for reading the data files of the second software application; and
      
      (i2) a component for calling the predetermined software routines to leverage the data parsing functionality provided by the second software application.
  - 146. The apparatus of claim 145, wherein the data parsing component further includes:
    - (i3) a component for calculating a hash of the predetermined portion of the second software application containing predetermined software routines for reading the data files of the second software application; and
      
      (i4) a hash verification component for verifying the integrity of the predetermined portion of the second software application by looking up the calculated hash in a whitelist of known good hashes.
  - 147. The apparatus of claim 146, wherein the hash verification component includes a component for updating the whitelist of known good hashes over the network.
  - 148. The apparatus of claim 139, wherein the migration agent includes a component for providing the user with a navigational interface for specifying the location of exported application data or backup archives created by the second software application.
  - 149. The apparatus of claim 139, wherein the migration agent includes a component for providing the user with the choice of searching automatically to locate the second software application within the filesystems on the computer'"'"'s internal storage devices.
  - 150. The apparatus of claim 139, wherein the migration agent includes an application search component for searching automatically to locate the second software application, the application search component including:
    - (i) an enumeration component for enumerating resources of the local operating system stored on the computer'"'"'s internal storage devices; and
      
      (ii) a pattern matching component for attempting to match the resources enumerated by the enumeration component against a list comprising at least one signature pattern identifying the second software application.
  - 151. The apparatus of claim 150, wherein the enumeration component includes:
    - (i1) a component for locating the Microsoft windows registry within the filesystems on the computer'"'"'s internal storage devices; and
      
      (i2) a registry enumeration component for enumerating the Microsoft windows registry to extract registry keys and values, and wherein, the pattern matching component includes a component for attempting to match the registry keys and values extracted by the registry enumeration component against a list comprising at least one predetermined registry signature pattern identifying the second software application.
  - 152. The apparatus of claim 150, wherein the enumeration component includes a filesystem enumeration component for recursively enumerating the directory and file names within the filesystems of the local operating system stored on the computer'"'"'s internal storage devices, and wherein, the pattern matching component includes a component for attempting to match the names of files and directories enumerated by the filesystem enumeration component against a list comprising at least one predetermined signature pattern identifying the second software application.
  - 153. The apparatus of claim 150, wherein the enumeration component includes a GUI enumeration component for enumerating the GUI interfaces of the local operating system environment stored on the computer'"'"'s internal storage devices to extract GUI elements, and wherein, the pattern matching component includes a component for attempting to match the GUI elements extracted by the GUI enumeration component against a list comprising at least one predetermined GUI element signature pattern identifying the second software application.
  - 154. The apparatus of claim 150, wherein the application search component further includes:
    - a component for updating the list of signature patterns identifying the second software application over the network.
  - 155. The apparatus of claim 139, wherein the migration agent includes a synchronization component for synchronizing application data between the first software application and the second software application, the synchronization component including a component for adjusting the data files of the first software application and the second software application so that the semantical content of both is substantially equivalent.
  - 156. The apparatus of claim 155, wherein the synchronization component includes a conflict detection component for determining that a synchronization conflict has occurred, and wherein, the migration agent further includes a component for interacting with the user to determine whether to prefer data from the first software application or the second software application when the conflict detection component determines that a synchronization conflict has occurred.
  - 157. The apparatus of claim 155, wherein the migration agent further includes a synchronization trigger component for interacting with the user to specify the triggering criteria according to which synchronization of application data will be automatically performed, and wherein, the operating system environment further includes a component for triggering the synchronization component according to the triggering criteria specified by the user in the synchronization trigger component.
  - 158. The apparatus of claim 157, wherein the synchronization trigger component includes an event configuration component for interacting with the user to specify systems events as the triggering criteria according to which synchronization of application data will be automatically performed, and wherein, the operating system environment further includes a component for triggering the synchronization component according to the system events specified by the user in the event configuration component.
  - 159. The apparatus of claim 157, wherein the synchronization trigger component includes a synchronization scheduling component for interacting with the user to specify a chronological schedule as the triggering criteria according to which synchronization of application data will be automatically performed, and wherein, the operating system environment further includes a component for triggering the synchronization component according to the chronological schedule specified by the user in the synchronization scheduling component.

160. A method for providing an independent secure operating system environment on a computer, comprising:
- (a) providing a portable non-volatile memory element;
  
  (b) storing an operating system environment on the portable non-volatile memory element; and
  
  (c) providing a bootloader for initial bootstrapping of the operating system environment from the portable non-volatile memory element, wherein initialization of the operating system environment is started by booting the computer from the portable non-volatile memory element using the bootloader.
- View Dependent Claims (161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255, 256, 257, 258, 259, 260, 261, 262, 263, 264, 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, 285, 286, 287, 288, 289, 290, 291, 292, 293, 294)
- - 161. The method of claim 160, wherein the operating system environment includes a plurality of security mechanisms that are configured to provide a substantially fault-tolerant multi layered security architecture.
  - 162. The method of claim 161, further comprising (e) providing a first interface that is compatible with a device interface port of the computer, the first interface coupled to the portable non-volatile memory element, wherein the portable non-volatile memory element can be operatively connected to the device interface port of the computer as a peripheral device.
  - 163. The method of claim 162, wherein the type of the first interface is selected from the group consisting of universal serial bus (USB) and firewire and personal computer memory card international association (PCMCIA) and secure digital input output (SDIO) interface types.
  - 164. The method of claim 162, further comprising (f) providing at least one additional interface, the type of the additional interface differing from the type of the first interface.
  - 165. The method of claim 162, further comprising (f) providing a hardware cryptographic component, the hardware cryptographic component operatively connected to at least the first interface.
  - 166. The method of claim 165, further comprising (g) providing a physical casing surrounding at least the hardware cryptographic component, the physical casing being substantially tamper resistant, wherein tampering with the physical casing will trigger the destruction of secret cryptographic data that is stored on the hardware cryptographic component.
  - 167. The method of claim 165, wherein the hardware cryptographic component is substantially resistant to tampering.
  - 168. The method of claim 165, wherein the hardware cryptographic component is configured to provide public key cryptographic services.
  - 169. The method of claim 168, wherein the public key cryptographic services the hardware cryptographic component is configured to provide includes:
    - secure generation and storage of private keys; and
      
      public-key decryption and encryption operations.
  - 170. The method of claim 165, wherein the hardware cryptographic component includes a hardware element within which secret cryptographic data is stored, wherein the hardware element is detachable.
  - 171. The method of claim 165, wherein the hardware cryptographic component is configured to conform to a standard authentication token interface protocol, whereby other devices that support standard authentication token interface protocols can interface with the cryptographic functions of the hardware cryptographic component.
  - 172. The method of claim 171, wherein the hardware cryptographic component is configured to conform to the Cryptoki (PKCS 11) token standard.
  - 173. The method of claim 171, wherein the hardware cryptographic component is configured to conform to the ISO 7816 standard.
  - 174. The method of claim 162, further comprising (f) providing a biometrical sensor for measuring unique biological metrics, the biometrical sensor coupled to at least the first interface.
  - 175. The method of claim 174, wherein the biometrical sensor is a fingerprint reader.
  - 176. The method of claim 174, further comprising (g) providing a hardware cryptographic component, the hardware cryptographic component coupled to at least the first interface, whereby the operating system environment can support 2-factor authentication without using passwords.
  - 177. The method of claim 162, further comprising (f) providing a physical casing surrounding at least the portable non-volatile memory element.
  - 178. The method of claim 177, wherein the physical casing includes a visual mark of authenticity.
  - 179. The method of claim 178, wherein the visual mark of authenticity comprises a hologram.
  - 180. The method of claim 177, wherein the physical casing includes a signature area.
  - 181. The method of claim 177, wherein the physical casing provides substantial resistance to tampering.
  - 182. The method of claim 181, wherein tampering with the physical casing will render the portable non-volatile memory element inoperative.
  - 183. The method of claim 161, wherein the portable non-volatile memory element is storage media that is compatible with media read/write interfaces of the computer.
  - 184. The method of claim 183, wherein the type of the storage media is selected from the group consisting of optical and magnetic and solid state storage media types.
  - 185. The method of claim 183, wherein the storage media is an optical media type in miniature form.
  - 186. The method of claim 183, wherein the storage media provides a visual mark of authenticity.
  - 187. The method of claim 183, wherein the storage media provides a signature area.
  - 188. The method of claim 161, wherein the portable non-volatile memory element is physically read-only.
  - 189. The method of claim 161, wherein the act of initializing the operating system environment on the computer includes loading a predetermined portion of the operating system environment into the computer'"'"'s main memory if enough the main memory is available.
  - 190. The method of claim 189, wherein the act of loading a predetermined portion of the operating system environment into the computer'"'"'s main memory, comprises loading a large enough portion of the operating system environment into the main memory so that the computer no longer needs to read from the portable non-volatile memory element.
  - 191. The method of claim 161, wherein the bootloader is contained on the portable non-volatile memory element, wherein the act of initializing the operating system environment on the computer is started by booting the computer directly from the portable non-volatile memory element.
  - 192. The method of claim 161, wherein the bootloader is contained on a separate storage media, the separate storage media of a type that the BIOS of the computer supports booting from, the operating system environment includes main initialization software for initiating the operating system environment, and the separate storage media contains first initialization software for loading the software necessary for accessing the operating system environment stored on the portable non-volatile memory element and thereafter invoking the main initialization software, wherein, the act of initializing the operating system environment on the computer is started by booting the computer using the bootloader contained on the separate storage media, the bootloader starting the first initialization software which transfers control of the boot process to the main initialization software, after accessing the operating system environment.
  - 193. The method of claim 161, further comprising (e) providing a separate cryptographic token.
  - 194. The method of claim 161, further comprising (e) storing an autorun element on the portable non-volatile memory element for automatically executing a predetermined software program when the portable non-volatile memory element is interfaced with the computer while the computer is running a local operating system on the computer.
  - 195. The method of claim 194, wherein the predetermined software program executed by the autorun element includes software selected from the group consisting of:
    - (i) software that provides a user manual;
      
      (ii) software that helps a user reconfigure the computer'"'"'s BIOS; and
      
      (iii) software that helps the user create boot disks.
  - 196. The method of claim 194, wherein the predetermined software program executed by the autorun element includes software for causing the local operating system to invoke a hibernation mode which preserves the state of the local operating system'"'"'s running applications before rebooting the computer from the portable non-volatile memory element.
  - 197. The method of claim 161, wherein the operating system environment includes:
    - (i) network configuration software for establishing network connectivity; and
      
      (ii) virtual private network software for establishing a virtual private network connection;
      
      wherein, the network configuration software invokes the virtual private network software to establish a virtual private network connection after network connectivity is established.
  - 198. The method of claim 197, wherein the operating system environment is configured to allow outgoing and incoming network traffic exclusively from the virtual private network connection established by the virtual private network software, whereby the operating system environment is logically isolated from security threats on the public network through which the virtual private network connection is established.
  - 199. The method of claim 161, wherein the operating system environment includes personal firewall software configured to enforce a predetermined network access control policy for substantially preventing unauthorized network traffic to and from client and server side applications of the operating system environment.
  - 200. The method of claim 161, wherein the operating system environment includes a mandatory access control security mechanism configured to enforce a predetermined operating system level access control policy for substantially limiting the potential damage that the compromise of any individual software component of the operating system environment will have on the security provided by the operating system environment.
  - 201. The method of claim 200, wherein the predetermined operating system level access control policy is configured to substantially minimize the privileges of each individual software component of the operating system environment, to the reduced set of privileges each individual software component needs to carry out its function.
  - 202. The method of claim 161, wherein the operating system environment includes a trusted path execution security mechanism configured to prevent execution of software programs whose executable files are not in predetermined trusted filesystem paths.
  - 203. The method of claim 161, wherein the operating system environment includes a logical compartment security mechanism configured to contain predetermined compartmentalized software programs within at least one logical compartment, wherein the predetermined compartmentalized software programs are logically isolated from the rest of the operating system environment.
  - 204. The method of claim 203, wherein the type of logical compartment security mechanism is selected from the group consisting of unix chroot and user mode linux and vmware and xen logical compartment types.
  - 205. The method of claim 161, wherein the operating system environment includes a raw input output and memory protection security mechanism configured to prevent direct raw access to the operating system'"'"'s virtual memory and to the operating system'"'"'s hardware input output interfaces.
  - 206. The method of claim 161, wherein the operating system environment includes an exploit countermeasure configured to harden the operating system environment for preventing the exploitation of a predetermined group of vulnerability types in software components of the operating system environment.
  - 207. The method of claim 206, wherein the exploit countermeasure includes a memory bounds violation exploitation countermeasure for increasing how difficult it is to exploit memory bounds violation vulnerability types in software components of the operating system environment.
  - 208. The method of claim 206, wherein the exploit countermeasure includes a race condition exploitation countermeasure for increasing how difficult it is to exploit race condition vulnerability types in software components of the operating system environment.
  - 209. The method of claim 161, wherein the operating system environment includes a predetermined group of software components which are compiled with a compiler toolchain that hardens the predetermined group of software components for preventing the exploitation of a predetermined group of vulnerability types in the predetermined group of software components.
  - 210. The method of claim 209, wherein the compiler toolchain that is used to harden the predetermined group of software components is selected from the group consisting of gnu compiler toolchain with the ssp patch applied and gnu compiler toolchain with the stackguard patch applied.
  - 211. The method of claim 209, wherein the compiler toolchain that is used to harden the predetermined group of software components provides substantial runtime protection against exploitation of buffer overflows vulnerability types in the predetermined group of software components.
  - 212. The method of claim 161, wherein the operating system environment includes a client application for accessing a network service provided by a service provider, and wherein, the client application is configured to provide a substantial indication to the service provider that the network service is being accessed securely from the operating system environment.
  - 213. The method of claim 212, wherein the client application includes a client side cryptographic certificate, wherein the client side cryptographic certificate is used by the client application to calculate a response to a cryptographic challenge provided by the service provider.
  - 214. The method of claim 213, wherein the client application comprises a web browser that supports the secure sockets layer encryption protocol, the web browser including an x509 client side certificate, wherein the x509 client side certificate is used by the web browser to calculate a response to a cryptographic challenge provided by the service provider, the cryptographic challenge and the calculated response conforming to the challenge response mechanism defined by the secure sockets layer encryption protocol.
  - 215. The method of claim 161, wherein the operating system environment includes integrated training materials for warning users of security risks.
  - 216. The method of claim 215, wherein the integrated training materials include cautionary reminders embedded in logical proximity to problematic interfaces.
  - 217. The method of claim 160, wherein the operating system environment includes:
    - (i) virtual private network software for establishing a virtual private network connection; and
      
      (ii) network configuration software for establishing network connectivity, wherein the network configuration software invokes the virtual private network software to establish a virtual private network connection after network connectivity is established.
  - 218. The method of claim 217, wherein the operating system environment is configured to allow outgoing and incoming network traffic exclusively from the virtual private network connection established by the virtual private network software, whereby the operating system environment is logically isolated from security threats on the public network through which the virtual private network connection is established.
  - 219. The method of claim 160, wherein the operating system environment includes connectivity agent software for establishing network connectivity across a variety of circumstances with minimum user interaction.
  - 220. The method of claim 219, wherein the act of initializing the operating system environment on the computer includes executing the connectivity agent software.
  - 221. The method of claim 219, wherein the connectivity agent software is configured to determine network interface hardware of the computer, and for each network interface, in a predetermined order sorted by the type of the network interface, attempts to establish network connectivity by applying to the network interface appropriate predetermined default configuration parameters.
  - 222. The method of claim 221, wherein the connectivity agent software is further configured to establish network connectivity with a wireless network interface by determining a list of wireless networks that are detected by the wireless network interface, and for each wireless network in the list of wireless networks, attempting to establish network connectivity by associating the wireless network interface with the wireless network and applying to the wireless network interface appropriate predetermined default configuration parameters.
  - 223. The method of claim 222, wherein the connectivity agent software is further configured to sort the list of wireless networks detected by the wireless network interface according to the signal strength of each wireless network.
  - 224. The method of claim 221, wherein the connectivity agent software is further configured to establish network connectivity with a wireless network interface by determining a list of wireless networks that are detected by the wireless network interface, and allowing the user to interact with the connectivity agent software to influence with which wireless network to associate the wireless network interface.
  - 225. The method of claim 219, wherein the connectivity agent software is configured to maintain a list of previous network configurations saved to a predetermined storage location, the list of previous network configurations updated according to the parameters of network configurations in which network connectivity was successfully established, wherein, the connectivity agent software will attempt to apply network configurations from the list of previous network configurations to establish network connectivity.
  - 226. The method of claim 225, wherein the order in which the connectivity agent software attempts to apply network configurations from the list of previous network configurations, is prioritized according to odds that are calculated based on historical patterns which are used to determine how likely each network configuration is to work.
  - 227. The method of claim 219, wherein the connectivity agent software is configured to import network configuration parameters from the files of the operating system installed on the computer'"'"'s internal storage devices.
  - 228. The method of claim 219, wherein the connectivity agent software is configured to perform a predetermined reliable operation that requires network connectivity as a test for determining whether an attempted configuration of the network was successful.
  - 229. The method of claim 219, wherein the connectivity agent software is configured to interact with the user to manually provide network configuration parameters if automatic network configuration attempts fail.
  - 230. The method of claim 219, wherein the connectivity agent software is configured to provide a manual override option for allowing the user to cancel automatic network configuration attempts and perform an immediate manual configuration of the network.
  - 231. The method of claim 219, wherein the operating system environment includes a client application for accessing a network service provided by a service provider, and wherein, the client application is configured to provide a substantial indication to the service provider that the network service is being accessed securely from the operating system environment.
  - 232. The method of claim 231, wherein the client application includes a client side cryptographic certificate, wherein the client side cryptographic certificate is used by the client application to calculate a response to a cryptographic challenge provided by the service provider.
  - 233. The method of claim 232, wherein the client application comprises a web browser that supports the secure sockets layer encryption protocol, the web browser including an x509 client side certificate, wherein the x509 client side certificate is used by the web browser to calculate a response to a cryptographic challenge provided by the service provider, the cryptographic challenge and the calculated response conforming to the challenge response mechanism defined by the secure sockets layer encryption protocol.
  - 234. The method of claim 160, wherein the operating system environment includes software that defines a persistent safe storage mechanism for storing data persistently inside at least one persistent safe storage element, the persistent safe storage element comprising at least an opaque container, and wherein, the act of initializing the operating system environment on the computer includes:
    - (i) attempting to locate and access the persistent safe storage element; and
      
      (ii) creating the persistent safe storage element if the persistent safe storage element can not be located or accessed.
  - 235. The method of claim 234, wherein the software that defines a persistent safe storage mechanism is configured to setup the opaque container as a virtual block device containing a filesystem.
  - 236. The method of claim 234, wherein the act of attempting to locate and access the persistent safe storage element, comprises attempting to locate and access the persistent safe storage element within a filesystem of the local operating system on the computer'"'"'s internal storage devices, and the act of creating the persistent safe storage element if the persistent safe storage element can not be located or accessed, comprises creating the persistent safe storage element within a filesystem of the local operating system on the computer'"'"'s internal storage devices.
  - 237. The method of claim 236, wherein the act of creating the persistent safe storage element within a filesystem of the local operating system on the computer'"'"'s internal storage devices includes automatically creating the persistent safe storage element on the internal storage partition that has the most free space.
  - 238. The method of claim 236, wherein the act of creating the persistent safe storage element within a filesystem of the local operating system on the computer'"'"'s internal storage devices includes interacting with the user to select the partition in which the persistent safe storage element will be created.
  - 239. The method of claim 234, wherein the act of initializing the operating system environment on the computer includes providing the user a choice to cancel the creation of the persistent storage element if the persistent safe storage element can not be located or accessed.
  - 240. The method of claim 234, wherein the act of initializing the operating system environment on the computer includes providing the user a choice to purge the persistent safe storage element.
  - 241. The method of claim 234, wherein the act of attempting to locate and access the persistent safe storage element comprises attempting to locate and access the persistent safe storage element at a predetermined network storage location, and the act of creating the persistent safe storage element if the persistent safe storage element can not be located or accessed comprises creating the persistent safe storage element at a predetermined network storage location.
  - 242. The method of claim 234, wherein the software that defines a persistent safe storage mechanism is configured to encrypt the opaque container with a secret key.
  - 243. The method of claim 242, wherein the software that defines a persistent safe storage mechanism is further configured to encrypt the secret key, and wherein, the persistent safe storage element further comprises a key file in which the encrypted secret key is stored.
  - 244. The method of claim 242, wherein the software that defines a persistent safe storage mechanism is further configured to:
    - encrypt the secret key; and
      
      embed the encrypted secret key within the opaque container.
  - 245. The method of claim 242, further comprising:
    - (e) providing a first interface that is compatible with a device interface port of the computer, the first interface coupled to at least the portable non-volatile memory element, wherein the portable non-volatile memory element can be operatively connected to the device interface port of the computer as a peripheral device; and
      
      (f) providing a hardware cryptographic component, the hardware cryptographic component coupled to at least the first interface;
      
      and wherein, the software that defines a persistent safe storage mechanism is further configured to encrypt the secret key using the hardware cryptographic component.
  - 246. The method of claim 242, further comprising (e) providing a separate cryptographic token, and wherein, the software that defines a persistent safe storage mechanism is further configured to encrypt the secret key using the separate cryptographic token.
  - 247. The method of claim 242, wherein the software that defines a persistent safe storage mechanism is further configured to encrypt the secret key using a password provided by the user.
  - 248. The method of claim 234, wherein the software that defines a persistent safe storage mechanism is configured to calculate a fingerprint for uniquely identifying the persistent safe storage element.
  - 249. The method of claim 248, wherein a predetermined portion of the fingerprint is embedded within the names of the files of the persistent safe storage element.
  - 250. The method of claim 248, wherein a predetermined portion of the fingerprint is embedded within the contents of the files of the persistent safe storage element.
  - 251. The method of claim 248, further comprising:
    - (e) providing a first interface that is compatible with a device interface port of the computer, the first interface coupled to at least the portable non-volatile memory element, wherein the portable non-volatile memory element can be operatively connected to the device interface port of the computer as a peripheral device; and
      
      (f) providing a hardware cryptographic component, the hardware cryptographic component coupled to at least the first interface;
      
      and wherein, the fingerprint is calculated as the fingerprint of a predetermined portion of the unique data stored on the hardware cryptographic component.
  - 252. The method of claim 248, further comprising (e) providing a separate cryptographic token, and wherein, the fingerprint is calculated as the fingerprint of a predetermined portion of the unique data stored on the separate cryptographic token.
  - 253. The method of claim 248, wherein the fingerprint is calculated from uniquely identifying information provided by the user.
  - 254. The method of claim 234, wherein the act of initializing the operating system environment on the computer includes maintaining within the persistent safe storage element first boot data created during the boot process that is useful for enabling boot process optimizations.
  - 255. The method of claim 254, wherein the first boot data includes hardware configuration parameters.
  - 256. The method of claim 254, wherein the first boot data includes a record of initialized system state.
  - 257. The method of claim 234, wherein the operating system environment includes network configuration software for establishing network connectivity, wherein the network configuration software is configured to maintain network configuration parameters within the persistent storage element.
  - 258. The method of claim 257, wherein the network configuration software includes connectivity agent software for establishing network connectivity across a variety of circumstances with minimum user interaction, wherein the connectivity agent software is configured to maintain a list of previous network configurations saved to the persistent storage element, the list of previous network configurations adjusted according to the parameters of network configurations in which network connectivity was successfully established, wherein, the connectivity agent software will attempt to apply network configurations from the list of previous network configurations to establish network connectivity.
  - 259. The method of claim 160, wherein the act of initializing the operating system environment on the computer includes:
    - (i) determining current hardware profile of the computer;
      
      (ii) if a previous hardware profile which has been previously saved to a predetermined storage location exists, then comparing the current hardware profile with the previous hardware profile;
      
      (iii) if the current hardware profile does not equal the previous hardware profile, or if the previous hardware profile does not exist, then;
      
      (iii1) determining hardware configuration parameters, (iii2) saving determined hardware configuration parameters to a predetermined storage location, and (iii3) saving current hardware profile to a predetermined storage location; and
      
      (iv) loading hardware drivers based on saved hardware configuration parameters.
  - 260. The method of claim 259, wherein the act of determining the current hardware profile of the computer comprises querying the BUS of the computer for hardware identification information.
  - 261. The method of claim 259, wherein the act of determining hardware configuration parameters includes importing hardware configuration parameters from the files of the operating system installed on the computer'"'"'s internal storage devices.
  - 262. The method of claim 259, wherein the act of determining hardware configuration parameters includes looking up hardware configuration parameters in a database that associates hardware configuration parameters with hardware information that can be derived from the current hardware profile.
  - 263. The method of claim 259, wherein the act of determining hardware configuration parameters includes interacting with the user to manually provide hardware configuration parameters.
  - 264. The method of claim 160, wherein the act of initializing the operating system environment on the computer includes maintaining a record of initialized system state.
  - 265. The method of claim 264, wherein the act of maintaining a record of initialized system state comprises:
    - (i) determining a current hardware profile of the computer;
      
      (ii) if a previous hardware profile which has been previously saved to a predetermined storage location exists, then comparing the current hardware profile with the previous hardware profile;
      
      (iii) if the current hardware profile is equal to the previous hardware profile, and if a record of initialized system state has been previously saved to a predetermined storage location, then restoring state of the computer from the previously saved record of initialized system state;
      
      (iv) if the current hardware profile does not equal the previous hardware profile, or if the previous hardware profile does not exist, then;
      
      (iv1) saving record of initialized system state to a predetermined storage location; and
      
      (iv2) saving current hardware profile to a predetermined storage location;
  - 266. The method of claim 264, wherein the record of initialized system state requires only memory pages that are allocated to be saved as part of the record of initialized system state.
  - 267. The method of claim 160, wherein the operating system environment includes logical volume management software for storing data inside a logical volume element, and wherein, the act of initializing the operating system environment on the computer includes:
    - (i) attempting to locate and access the logical volume element within the computer'"'"'s internal storage devices; and
      
      (ii) creating the logical volume element within the computer'"'"'s internal storage devices if the logical volume element can not be located or accessed.
  - 268. The method of claim 267, wherein the act of creating the logical volume element if the logical volume element can not be located or accessed includes interacting with the user to configure which partitions of the computer'"'"'s internal storage devices will not be pooled into creation of the logical volume element.
  - 269. The method of claim 268, wherein the act of interacting with the user to configure which partitions of the computer'"'"'s internal storage devices will not be pooled into creation of the logical volume element includes:
    - calculating a recommended configuration for the logical volume element according to predetermined rules that are optimized for a predetermined usage context; and
      
      allowing the user to choose to configure the logical volume element according to the calculated recommended configuration.
  - 270. The method of claim 269, wherein the act of calculating a recommended configuration for the logical volume element comprises determining which partitions of the computer'"'"'s internal storage devices contain filesystems which are not empty.
  - 271. The method of claim 268, wherein the act of interacting with the user to configure which partitions of the computer'"'"'s internal storage devices will not be pooled into creation of the logical volume element includes displaying for each partition identifying information.
  - 272. The method of claim 271, wherein the identifying information displayed for each partition includes partition information selected from the group consisting of:
    - partition filesystem contents;
      
      partition filesystem type;
      
      partition label;
      
      partition size; and
      
      partition type.
  - 273. The method of claim 267, wherein the act of attempting to locate and access the logical volume element includes attempting to locate a bootstrap partition containing the configuration parameters for the logical volume element, and the act of creating the logical volume element if the logical volume element can not be located or accessed includes creating a bootstrap partition containing the configuration parameters for the logical volume element.
  - 274. The method of claim 160, wherein the operating system environment includes:
    - (i) a first software application configured to maintain its data files in a predetermined storage location; and
      
      (ii) migration agent software for migrating application data between the data files of the first software application and the data files of a second software application that is substantially isomorphic to the first software application.
  - 275. The method of claim 274, wherein the act of initializing the operating system environment on the computer includes:
    - determining if a local operating system is stored in the computer'"'"'s internal storage devices; and
      
      executing the migration agent software if it is determined that the local operating system exists.
  - 276. The method of claim 274, wherein the application data that is migrated by the migration agent software includes predetermined types of application content data and application configuration data.
  - 277. The method of claim 274, wherein the first software application is selected from the group consisting of:
    - a web browser;
      
      an email client;
      
      an instant messenger client; and
      
      a voice over ip (VoIP) client.
  - 278. The method of claim 274, wherein the first software application is selected from the group consisting of:
    - a web server;
      
      a mail server;
      
      a database server;
      
      a file server;
      
      a name server;
      
      a firewall;
      
      an intrusion detection system; and
      
      an intrusion prevention system.
  - 279. The method of claim 274, wherein the migration agent software is configured to migrate application data from the data files of the second software application to the data files of the first software application by:
    - (i) parsing the data files of the second software application to extract a plurality of data elements;
      
      (ii) translating each of the extracted data elements into the closest analog supported by the first software application; and
      
      (iii) saving the translated data elements to the data files of the first software application.
  - 280. The method of claim 279, wherein the migration agent software is configured to parse the data files of the second software application by:
    - (i1) loading a predetermined portion of the second software application containing predetermined software routines for reading the data files of the second software application; and
      
      (i2) calling the predetermined software routines to leverage the required software functionality provided by the second software application.
  - 281. The method of claim 280, wherein the migration agent software is configured to calculate a hash of the predetermined portion of the second software application containing predetermined software routines for reading the data files of the second software application, and verify the integrity of the predetermined portion of the second software application by looking up the calculated hash in a whitelist of known good hashes.
  - 282. The method of claim 281, wherein the migration agent software is configured to update the whitelist of known good hashes over the network.
  - 283. The method of claim 274, wherein the migration agent software is configured to provide the user with a navigational interface for specifying the location of exported application data or backup archives created by the second software application.
  - 284. The method of claim 274, wherein the migration agent software is configured to provide the user with the choice of searching automatically to locate the second software application within the filesystems of the local operating system stored on the computer'"'"'s internal storage devices.
  - 285. The method of claim 274, wherein the migration agent software is configured to search automatically to locate the second software application by:
    - (i) enumerating resources of the local operating system stored on the computer'"'"'s internal storage devices; and
      
      (ii) attempting to match the enumerated resources against a list comprising at least one signature pattern identifying the second software application.
  - 286. The method of claim 285, wherein the migration agent software is configured to search automatically to locate the second software application by:
    - (i) locating the Microsoft windows registry within the filesystems on the computer'"'"'s internal storage devices;
      
      (ii) enumerating the Microsoft windows registry to extract registry keys and values; and
      
      (iii) attempting to match the extracted registry keys and values against a list comprising at least one predetermined registry signature pattern identifying the second software application.
  - 287. The method of claim 285, wherein the migration agent software is configured to search automatically to locate the second software application by:
    - (i) enumerating recursively the directory and file names within the filesystems of the local operating system stored on the computer'"'"'s internal storage devices; and
      
      (ii) attempting to match the names of files and directories against a list comprising at least one predetermined signature pattern identifying the second software application.
  - 288. The method of claim 285, wherein the migration agent software is configured to search automatically to locate the second software application by:
    - (i) enumerating the GUI interfaces of the local operating system environment stored on the computer'"'"'s internal storage devices to extract GUI elements; and
      
      (ii) attempting to match the extracted GUI elements against a list comprising at least one predetermined GUI element signature pattern identifying the second software application.
  - 289. The method of claim 285, wherein the migration agent software is configured to update the list of signature patterns identifying the second software application over the network.
  - 290. The method of claim 274, wherein the migration agent software is configured to support synchronization of application data between the first software application and the second software application, wherein synchronization of application data adjusts the data files of the first software application and the second software application so that the semantical content of both is substantially equivalent.
  - 291. The method of claim 290, wherein the migration agent software is configured to interact with the user to determine whether to prefer data from the first software application or the second software application when a synchronization conflict occurs.
  - 292. The method of claim 290, wherein the migration agent software is configured to allow the user to specify the triggering criteria according to which synchronization of application data will be automatically performed.
  - 293. The method of claim 292, wherein the migration agent software is configured to allow the user to specify systems events as the triggering criteria according to which synchronization of application data will be automatically performed.
  - 294. The method of claim 292, wherein the migration agent software is configured to allow the user to specify a chronological schedule as the triggering criteria according to which synchronization of application data will be automatically performed.

295. A method for providing an independent operating system environment on a computer, comprising:
- (a) inserting into the computer an apparatus that the computer can boot from, the apparatus comprising;
  
  (a1) a portable non-volatile memory element, (a2) an operating system environment stored on the portable non-volatile memory element, and (a3) a bootloader for booting the operating system environment from the portable non-volatile memory element; and
  
  (b) booting the computer from the apparatus.
- View Dependent Claims (296, 297, 298, 299, 300, 301, 302, 303, 304)
- - 296. The method of claim 295, wherein the apparatus that a computer can boot from further comprises:
    - (i) a first interface component for operatively interfacing the apparatus with a device interface port of the computer as a peripheral device, the first interface component coupled to the portable non-volatile memory element; and
      
      (ii) a cryptographic component for providing cryptographic services, the cryptographic component coupled to at least the first interface component.
  - 297. The method of claim 295, wherein the operating system environment includes a connectivity agent component for establishing network connectivity across a variety of circumstances with minimum user interaction.
  - 298. The method of claim 295, wherein the operating system environment includes a plurality of security mechanisms that are configured to provide a substantially fault-tolerant multi layered security architecture.
  - 299. The method of claim 295, wherein the operating system environment includes:
    - (i) a virtual private network component for establishing a virtual private network connection, and (ii) a network configuration component for establishing network connectivity, the network configuration component including a component for invoking the virtual private network component to establish a virtual private network connection after network connectivity is established.
  - 300. The method of claim 295, wherein the operating system environment includes:
    - (i) a first software application, and (ii) a migration agent for migrating application data between the first software application and a second software application that is substantially isomorphic to the first software application.
  - 301. The method of claim 295, wherein the operating system environment includes:
    - (i) logical volume management component for storing data inside a logical volume element, and (ii) first initialization component for initializing the operating system environment, the first initialization component including;
      
      (ii1) an access component for attempting to locate and access the logical volume element on the computer'"'"'s internal storage devices; and
      
      (ii2) a creation component for creating the logical volume element on the computer'"'"'s internal storage devices if the access component fails to locate or access logical volume element.
  - 302. The method of claim 295, wherein the operating system environment includes:
    - (i) a persistent safe storage component for storing data persistently inside at least one persistent safe storage element, the persistent safe storage element comprising an opaque container, and (ii) a first initialization component for initializing the operating system environment, the first initialization component including;
      
      (ii1) an access component for attempting to locate and access the persistent safe storage element; and
      
      (ii2) a creation component for creating the persistent safe storage element if the access component fails to locate or access persistent safe storage element.
  - 303. The method of claim 295, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including:
    - (i) a hardware profiling component for determining current hardware profile of the computer;
      
      (ii) a component for determining whether hardware parameters need to be configured, comprising;
      
      (ii1) a component for determining if a previous hardware profile has been previously saved to a predetermined storage location, and (ii2) a component for determining if hardware profile has changed by comparing the current hardware profile with the previous hardware profile if it is determined that the previous hardware profile exists; and
      
      (iii) a component for configuring and saving hardware parameters if it is determined that hardware parameters need to be configured, comprising;
      
      (iii1) a hardware configuration component for determining hardware configuration parameters, (iii2) a component for saving determined hardware configuration parameters within a predetermined storage location, and (iii3) a component for saving current hardware profile within a predetermined storage location; and
      
      (iv) a component for loading hardware drivers based on saved hardware configuration parameters.
  - 304. The method of claim 295, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including a state maintenance component for maintaining a record of initialized system state within a predetermined storage location.

305. A computer system comprising:
- (a) a network;
  
  (b) a service provider interfacing with the network;
  
  (c) a client computer interfacing with the network; and
  
  (d) an apparatus that the client computer can boot from, the apparatus comprising;
  
  (d1) a portable non-volatile memory element, (d2) an operating system environment stored on the portable non-volatile memory element, (d3) a bootloader for booting the operating system environment from the portable non-volatile memory element, wherein the client computer communicates with the service provider over the network.
- View Dependent Claims (306, 307, 308, 309, 310, 311)
- - 306. The system of claim 305, wherein the operating system environment includes a plurality of security mechanisms that are configured to provide a substantially fault-tolerant multi layered security architecture.
  - 307. The system of claim 305, wherein the operating system environment includes:
    - (i) a virtual private network component for establishing a virtual private network connection, and (ii) a network configuration component for establishing network connectivity, the network configuration component including a component for invoking the virtual private network component to establish a virtual private network connection after network connectivity is established.
  - 308. The system of claim 305, wherein the operating system environment includes a connectivity agent component for establishing network connectivity across a variety of circumstances with minimum user interaction.
  - 309. The system of claim 305, wherein the operating system environment includes:
    - (i) a persistent safe storage component for storing data persistently inside at least one persistent safe storage element, the persistent safe storage element comprising an opaque container, and (ii) a first initialization component for initializing the operating system environment, the first initialization component including;
      
      (ii1) an access component for attempting to locate and access the persistent safe storage element; and
      
      (ii2) a creation component for creating the persistent safe storage element if the access component fails to locate or access persistent safe storage element.
  - 310. The system of claim 305, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including:
    - (i) a hardware profiling component for determining current hardware profile of the computer;
      
      (ii) a component for determining whether hardware parameters need to be configured, comprising;
      
      (ii1) a component for determining if a previous hardware profile has been previously saved to a predetermined storage location, and (ii2) a component for determining if hardware profile has changed by comparing the current hardware profile with the previous hardware profile if it is determined that the previous hardware profile exists; and
      
      (iii) a component for configuring and saving hardware parameters if it is determined that hardware parameters need to be configured, comprising;
      
      (iii1) a hardware configuration component for determining hardware configuration parameters, (iii2) a component for saving determined hardware configuration parameters within a predetermined storage location, and (iii3) a component for saving current hardware profile within a predetermined storage location; and
      
      (iv) a component for loading hardware drivers based on saved hardware configuration parameters.
  - 311. The system of claim 305, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including a state maintenance component for maintaining a record of initialized system state within a predetermined storage location.

312. A method of communicating between a client computer and a service provider comprising:
- (a) interfacing a service provider with a network;
  
  (b) interfacing a client computer with the network;
  
  (c) inserting into the client computer an apparatus that the client computer can boot from, the apparatus comprising;
  
  (c1) a portable non-volatile memory element, (c2) an operating system environment stored on the portable non-volatile memory element, and (c3) a bootloader for booting the operating system environment from the portable non-volatile memory element, wherein the client computer communicates with the service provider over the network, and (d) booting the client computer from the apparatus.
- View Dependent Claims (313, 314, 315, 316, 317, 318)
- - 313. The method of claim 312, wherein the operating system environment includes a plurality of security mechanisms that are configured to provide a substantially fault-tolerant multi layered security architecture.
  - 314. The method of claim 312, wherein the operating system environment includes:
    - (i) a virtual private network component for establishing a virtual private network connection, and (ii) a network configuration component for establishing network connectivity, the network configuration component including a component for invoking the virtual private network component to establish a virtual private network connection after network connectivity is established.
  - 315. The method of claim 312, wherein the operating system environment includes a connectivity agent component for establishing network connectivity across a variety of circumstances with minimum user interaction.
  - 316. The method of claim 312, wherein the operating system environment includes:
    - (i) a persistent safe storage component for storing data persistently inside at least one persistent safe storage element, the persistent safe storage element comprising an opaque container, and (ii) a first initialization component for initializing the operating system environment, the first initialization component including;
      
      (ii1) an access component for attempting to locate and access the persistent safe storage element; and
      
      (ii2) a creation component for creating the persistent safe storage element if the access component fails to locate or access persistent safe storage element.
  - 317. The method of claim 312, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including:
    - (i) a hardware profiling component for determining current hardware profile of the computer;
      
      (ii) a component for determining whether hardware parameters need to be configured, comprising;
      
      (ii1) a component for determining if a previous hardware profile has been previously saved to a predetermined storage location, and (ii2) a component for determining if hardware profile has changed by comparing the current hardware profile with the previous hardware profile if it is determined that the previous hardware profile exists; and
      
      (iii) a component for configuring and saving hardware parameters if it is determined that hardware parameters need to be configured, comprising;
      
      (iii1) a hardware configuration component for determining hardware configuration parameters, (iii2) a component for saving determined hardware configuration parameters within a predetermined storage location, and (iii3) a component for saving current hardware profile within a predetermined storage location; and
      
      (iv) a component for loading hardware drivers based on saved hardware configuration parameters.
  - 318. The method of claim 312, wherein the operating system environment includes a first initialization component for initializing the operating system environment, the first initialization component including a state maintenance component for maintaining a record of initialized system state within a predetermined storage location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alon Swartz, Liraz Siri
Original Assignee
Alon Swartz, Liraz Siri
Inventors
Siri, Liraz, Swartz, Alon

Application Number

US11/330,697
Publication Number

US 20070180509A1
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/575   Secure boot

G06F 9/4406   Loading of operating system

Practical platform for high risk applications

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

318 Claims

Specification

Solutions

Use Cases

Quick Links

Practical platform for high risk applications

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

318 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links