Securely Recovering a Computing Device
First Claim
1. A computer implemented method, comprising:
- loading a code image digitally sinned by a signature into a device, the code image being received from a host over a communication link;
determining if the code image is certified by verifying the signature using a fingerprint embedded within ROM (read only memory) of the device; and
executing the code image if the code image is certified to establish an operating environment of the device.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a ROM (read only memory) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.
-
Citations
20 Claims
-
1. A computer implemented method, comprising:
-
loading a code image digitally sinned by a signature into a device, the code image being received from a host over a communication link; determining if the code image is certified by verifying the signature using a fingerprint embedded within ROM (read only memory) of the device; and executing the code image if the code image is certified to establish an operating environment of the device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A machine-readable medium having instructions stored therein, which when executed by a machine, cause the machine to perform a method, the method comprising:
-
loading a code image digitally signed by a signature into a device, the code image being received from a host over a communication link; determining if the code image is certified by verifying the signature using a fingerprint embedded within ROM (read only memory) of the device; and executing the code image if the code image is certified to establish an operating environment of the device. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A digital processing system, comprising;
-
a ROM (read only memory) to store a fingerprint embedded therein; a mass storage to store a code image digitally signed by a signature and received from a host over a communication link; a main memory; and a processor coupled to the ROM, the mass storage, and the main memory to verify the code image using the fingerprint and upon successfully verifying the code image, to execute the code image in the main memory to establish an operating environment of the digital processing system.
-
-
14. An apparatus, comprising:
-
means for loading a code image digitally signed by a signature into a device the code image being received from a host over a communication link; means for determining if the code image is certified by verifying the signature using a fingerprint embedded within ROM (read only memory) of the device; and means for executing the code image if the code image is certified to establish an operating environment of the device.
-
-
15. A computer implemented method, comprising:
-
in response to a failure of loading an executable image of a device, the device communicating with a host via a communication link to signal that the device is in a recovery mode to receive from the host a new executable image corresponding to the failed executable image; verifying the new executable image using a digital certificate embedded within the secure ROM of the portable device; upon successfully verifying the new executable image, executing the new executable image; and optionally storing the verified new executable image in the mass storage of the portable device, replacing the failed executable image. - View Dependent Claims (16)
-
-
17. A computer implemented method, comprising:
-
in response to successfully authenticating a portable device over a communication link based in part on a unique identifier (ID) embedded within a secure ROM (read-only memory) of the portable device, determining whether the portable device is in a recovery mode as a result of a failure to initialize an operating environment of the portable device; retrieving an executable image from a server over a network, the executable image being digitally signed by a signature if it is determined that the portable device is in the recovery mode; and delivering the retrieved executable image to the portable device over the communication link, wherein the portable device verifies the signature of the executable image using a digital certificate embedded wit the secure ROM, and wherein the verified executable image is loaded in a main memory of the portable device to establish the operating environment for the portable device. - View Dependent Claims (18)
-
-
19. A machine-readable medium having instructions stored therein, which when executed by a machine, cause the machine to perform a method, the method comprising:
-
in response to successfully authenticating a portable device over a communication line based in part on a unique identifier (ID) embedded within a secure ROM (read-only memory) of the portable device, determining whether the portable device is in a recovery mode as a result of a failure to initialize an operating environment of the portable device; retrieving an executable image from a server over a network, the executable image being digitally signed by a signature if it is determined that the portable device is in the recovery mode; and delivering the retrieved executable image to the portable device over the communication link, wherein the portable device verifies the signature of the executable image using a digital certificate embedded with the secure ROM, and wherein the verified executable image is loaded in a main memory of the portable device to establish the operating environment for the portable device. - View Dependent Claims (20)
-
Specification