Server active management technology (AMT) assisted secure boot

US 20080244257A1
Filed: 03/30/2007
Published: 10/02/2008
Est. Priority Date: 03/30/2007
Status: Active Grant

First Claim

Patent Images

1. A system for secure boot on a platform, comprising:

a host processor coupled with a firmware memory store;

firmware for booting the host processor, the firmware to utilize one or more signature keys during boot, each signature key associated with a software image to be loaded on the platform during boot; and

a second processor on the platform, the second processor communicatively coupled to a secure area of a memory store, the secure area of the memory store being inaccessible to the firmware and other host processor applications;

the second processor configured to manage the one or more signature keys to control image loading during boot.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some embodiments, the invention involves a system and method relating to secure booting of a platform. In at least one embodiment, the present invention is intended to securely boot a platform using one or more signature keys stored in a secure location on the platform, where access to the signature is by a microcontroller on the platform and the host processor has no direct access to alter the signature key. Other embodiments are described and claimed.

85 Citations

View as Search Results

13 Claims

1. A system for secure boot on a platform, comprising:
- a host processor coupled with a firmware memory store;
  
  firmware for booting the host processor, the firmware to utilize one or more signature keys during boot, each signature key associated with a software image to be loaded on the platform during boot; and
  
  a second processor on the platform, the second processor communicatively coupled to a secure area of a memory store, the secure area of the memory store being inaccessible to the firmware and other host processor applications;
  
  the second processor configured to manage the one or more signature keys to control image loading during boot.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The system as recited in claim 1, wherein the secure area of memory store resides on the firmware memory store.
  - 3. The system as recited in claim 2, wherein the firmware memory store is flash memory partitioned by a chipset on the platform, the partitioning to make the secure memory area inaccessible to the firmware.
  - 4. The system as recited in claim 1, wherein the firmware is configured to retrieve a signature key from the firmware memory store if the signature key is not available in the secure memory area.
  - 5. The system as recited in claim 1, wherein the firmware will not load or launch the software image if the signature key associated with the software image fails validation.
  - 6. The system as recited in claim 5, wherein validation failure is a result of at least one of an expired certificate, missing certificate or a revoked certificate.
  - 7. The system as recited in claim 1, wherein a signature key comprises at least one of a platform key, protected variable key, or a public key.
  - 8. The system as recited in claim 7, wherein the one or more signature keys comprise a hierarchy of signature keys where a higher level key protects a lower level key.
  - 9. The system as recited in claim 8, wherein the platform key is a higher level than a protected variable key which is a higher level than a public key, wherein a public key is associated with each software image to be loaded during boot.
  - 10. The system as recited in claim 1, wherein the second processor has out-of-band communication capabilities and is configured to validate the one or more signature keys and to access at least one of a certificate validation or online certificate revocation list from a remote location via out-of-band communication.
  - 11. The system as recited in claim 10, wherein the certificate validation or online certificate revocation list is retrieved from at least one of a local area network, remote network, location on the public Internet, a location on an intranet, or a machine accessible bulletin board.
  - 12. The system as recited in claim 10, wherein the second processor comprises one of an active management technology microcontroller, a manageability engine controller, or a baseboard management controller.

13. A method for secure boot on a platform, comprising:
- commencing a secure boot of a host processor on the platform by platform firmware;
  
  determining whether a second processor has access to at least one signature key associated with a software image to be loaded at boot and stored in a secure store, andif so, then retrieving the at least one signature key from the secure store by the second processor, butif not, then retrieving the at least one signature key from a firmware store;

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Zimmer, Vincent J., Vaid, Kushagra, Shekhar, Mrigank

Granted Patent

US 8,984,265 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/2
CPC Class Codes

G06F 21/575 Secure boot

H04L 9/0827 involving distinctive inter...

Server active management technology (AMT) assisted secure boot

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

85 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Server active management technology (AMT) assisted secure boot

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

85 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links