MANAGING BOOTING OF SECURE DEVICES WITH UNTRUSTED SOFTWARE
First Claim
1. On a device having a collection of hardware resources designated as a security block, a method of executing an unsigned operating system, said method comprising:
- loading an operating system;
determining that said operating system has not been signed by a trusted entity;
determining that said device is in a first operational mode, said first operational mode allowing execution of unsigned operating systems;
responsive to determining that said device is in said first operational mode, disabling operating system access to said security block; and
executing said operating system.
6 Assignments
0 Petitions
Accused Products
Abstract
Normally, at the time of manufacturing, security may be provided to a device being manufactured through the loading of an operating system that has been cryptographically signed. The present application discloses a “factory mode” for the device. The “factory mode” allows the device to execute untrusted operating system code, such as unsigned operating system code and operating system code that has been signed, but the certificate authority is not trusted. To support execution of untrusted operating system code in a secure manner, the device may be adapted to prevent data of predetermined type from being loaded on the device while the device is in the “factory mode”. In contrast to the “factory mode”, the secure mode of the device is referred to herein as a “product mode”. There develops a need to manage, in a secure manner, transitions between the “product mode” and the “factory mode”.
32 Citations
23 Claims
-
1. On a device having a collection of hardware resources designated as a security block, a method of executing an unsigned operating system, said method comprising:
-
loading an operating system; determining that said operating system has not been signed by a trusted entity; determining that said device is in a first operational mode, said first operational mode allowing execution of unsigned operating systems; responsive to determining that said device is in said first operational mode, disabling operating system access to said security block; and executing said operating system. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A secure device comprising:
-
a security block; and a processor adapted to; load an operating system; determine that said operating system has not been signed by a trusted entity; determine that said device is in a first operational mode, said first operational mode allowing execution of unsigned operating systems; disable operating system access to said security block; and execute said unsigned operating system. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 19, 20)
-
-
17. A computer readable medium containing computer-executable instructions that, when performed by a processor in a secure device, wherein the secure device includes a security block, cause said processor to:
-
load an operating system; determine that said operating system has not been signed by a trusted entity; determine that said device is in a first operational mode, said first operational mode allowing execution of unsigned operating systems; disable operating system access to said security block; and execute said unsigned operating system. - View Dependent Claims (18, 21, 22, 23)
-
Specification