Monitoring Bootable Busses
First Claim
Patent Images
1. A boot module for use in enforcing booting from a designated memory, the boot module comprising:
- a processor;
a memory storing instructions executable by the processor and data corresponding to an authorized boot sequence;
at least one port coupled to the processor for monitoring a corresponding communication bus for signals related to a boot operation from an unauthorized location; and
an output operable to disrupt the computer when a boot operation from an unauthorized location is detected.
2 Assignments
0 Petitions
Accused Products
Abstract
A security circuit in a computer monitors data busses that support memory capable of booting the computer during the computer reset/boot cycle. When activity oil one of the data busses indicates the computer is booting from a non-authorized memory location, the security circuit disrupts the computer, for example, by causing a reset. Execution from the non-authorized memory location may occur when an initial jump address at a known location, such as the top of memory, is re-programmed to a memory location having a rogue BIOS program.
39 Citations
20 Claims
-
1. A boot module for use in enforcing booting from a designated memory, the boot module comprising:
-
a processor; a memory storing instructions executable by the processor and data corresponding to an authorized boot sequence; at least one port coupled to the processor for monitoring a corresponding communication bus for signals related to a boot operation from an unauthorized location; and an output operable to disrupt the computer when a boot operation from an unauthorized location is detected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10, 11, 12, 13, 14)
-
-
9. A method of preventing a boot cycle in a computer from other than a designated memory comprising:
-
designating a first memory to support an authorized boot cycle; monitoring a data bus coupled to a second memory capable of supporting the boot cycle; determining when the boot cycle is being supported by the second memory; and interrupting the boot cycle when being supported by the second memory.
-
-
15. A computer arranged and adapted to support booting from a known memory containing an authorized basic input/output system (BIOS) code, the computer comprising:
-
a first processor; a plurality memory devices, each coupled to a respective data bus; and a security circuit coupled to at least one of the respective data busses, the security circuit comprising; a second processor; a memory coupled to the processor; at least one port coupled to one of the respective data busses; and an output that causes a disruption in an operation of the computer responsive to a signal from the second processor when the computer boots from a non-authorized one of the plurality of memory devices. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification