Enhancing Security of a System Via Access by an Embedded Controller to A Secure Storage Device
First Claim
1. A system, comprising:
- a host processor and memory;
an embedded microcontroller coupled to the host processor;
an auxiliary memory coupled to the embedded microcontroller, wherein the auxiliary memory stores program instructions for verifying system security; and
one or more pre-boot security components coupled to the embedded microcontroller;
wherein upon power-up, but before host processor boot-up, the embedded microcontroller is operable to;
execute the program instructions to verify system security using the one or more pre-boot security components; and
if system security is verified, permit the host processor to be booted.
10 Assignments
0 Petitions
Accused Products
Abstract
System and method for performing pre-boot security verification in a system that includes a host processor and memory, an embedded microcontroller with an auxiliary memory, e.g., an on-chip ROM, or memory controlled to prohibit user-tampering with the contents of the memory, and one or more pre-boot security components coupled to the embedded microcontroller. Upon power-up, but before host processor boot-up, the embedded microcontroller accesses the auxiliary memory and executes the program instructions to verify system security using the one or more pre-boot security components. The one or more pre-boot security components includes at least one identity verification component, e.g., a smart card, or a biometric sensor, e.g., a fingerprint sensor, a retinal scanner, and/or a voiceprint sensor, etc., and/or at least one system verification component, e.g., TPM, to query the system for system state information, and verify that the system has not been compromised.
92 Citations
17 Claims
-
1. A system, comprising:
-
a host processor and memory; an embedded microcontroller coupled to the host processor; an auxiliary memory coupled to the embedded microcontroller, wherein the auxiliary memory stores program instructions for verifying system security; and one or more pre-boot security components coupled to the embedded microcontroller; wherein upon power-up, but before host processor boot-up, the embedded microcontroller is operable to; execute the program instructions to verify system security using the one or more pre-boot security components; and if system security is verified, permit the host processor to be booted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for verifying security in a computer system comprising a host processor and memory, the method comprising:
-
upon power-up, but before host processor boot-up, an embedded microcontroller coupled to the host processor and memory accessing an auxiliary memory that stores program instructions for verifying system security, and executing the program instructions to verify system security using one or more pre-boot security components coupled to the embedded microcontroller; and if system security is verified, invoking boot-up of the host processor.
-
Specification