Platform authentication via a transparent second factor
First Claim
1. A platform authenticating system comprising:
- at least one of a BIOS portion and an EFI portion comprising;
a block device emulator configured to;
detect a block device coupled to the system; and
open a file on the block device; and
a block device driver configured to access information on the block device.
4 Assignments
0 Petitions
Accused Products
Abstract
Firmware of a system is configured to allow secondary devices, such as a smart card, to be used for authentication. In an example embodiment, the secondary device is a CCID smart card in compliance with the ISO 7816 specification. The smart card is inserted into a card reader coupled to the system prior to booting the system. The firmware comprises an emulator and driver configured to allow authentication information from the smart card to be utilized to allow execution of the boot process. In an example embodiment, the smart card comprises external keys for use with BITLOCKER™. The secondary device is compatible with systems implementing a BIOS and with systems implementing EFI. Authentication also can be accomplished via devices that do not provide data storage, such as a biometric device or the like.
35 Citations
20 Claims
-
1. A platform authenticating system comprising:
at least one of a BIOS portion and an EFI portion comprising; a block device emulator configured to; detect a block device coupled to the system; and open a file on the block device; and a block device driver configured to access information on the block device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method for authenticating a platform via a block device, the method comprising:
-
detecting a block device via at least one of a BIOS portion of the platform and an EFI portion of the platform; authenticating the detected block device; retrieving information from the block device for allowing an execution of a boot process of the system. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer-readable medium, having computer-executable instruction stored thereon for authenticating a platform via a block device by performing the steps of:
-
detecting a block device via a block device emulator of at least one of a BIOS portion of the platform system and an EFI portion of the platform; and opening a file on the block device via the block device emulator; and accessing, via a block driver of the least one BIOS portion and EFI portion, information on the block device. - View Dependent Claims (17, 18, 19, 20)
-
Specification
-
- Resources
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsUreche, Tony, Maclver, Douglas M., Wooten, David R., Thom, Stefan, Holt, Erik, Sledz, Dan
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/17
-
CPC Class CodesG06F 21/34 involving the use of extern...G06F 21/575 Secure bootG06Q 20/3415 Cards acting autonomously a...G06Q 20/3563 Software being resident on ...G06Q 20/388 using mutual authentication...G06Q 20/40 Authorisation, e.g. identif...G06Q 20/409 Device specific authenticat...G07F 7/1008 Active credit-cards provide...
