INFORMATION PROCESSING APPARATUS AND CONTROL METHOD THEREFOR
First Claim
1. An information processing apparatus including a security chip, comprising:
- a counter unit configured to hold a counter value which monotonically increases;
a version management unit configured to manage a current version number of software in the information processing apparatus by the counter value held in the counter unit;
a first verification unit configured to verify validity of update software of the software and a version number of the update software;
a rollback detection unit configured to detect, by comparing the version number of the update software with the current version number of the software held in the counter unit, whether a version of the update software is newer than a version of the current software;
an update unit configured to update the software using the update software if the rollback detection unit determines that the version of the update software is newer than the version of the current software; and
a second verification unit configured to verify whether the update unit has successfully updated the software,wherein if the second verification unit determines that the software has been successfully updated, the version management unit increases the version number held in the counter unit until the version number matches the version number of the update software.
1 Assignment
0 Petitions
Accused Products
Abstract
This invention prevents rollback of firmware of an information processing apparatus. The apparatus including a security chip includes a counter which holds a value which monotonically increases, a version management unit which manages a current version number of software in the apparatus, a first verification unit which verifies validity of update software of the software and a version number of the update software, a rollback detection unit which detects whether a version of the update software is newer than a version of the current software, an update unit which updates the software using the update software, and a second verification unit which verifies whether the update unit has successfully updated the software. If the software has been successfully updated, the version management unit increases the value held in the counter until the value matches the version number of the update software.
44 Citations
8 Claims
-
1. An information processing apparatus including a security chip, comprising:
-
a counter unit configured to hold a counter value which monotonically increases; a version management unit configured to manage a current version number of software in the information processing apparatus by the counter value held in the counter unit; a first verification unit configured to verify validity of update software of the software and a version number of the update software; a rollback detection unit configured to detect, by comparing the version number of the update software with the current version number of the software held in the counter unit, whether a version of the update software is newer than a version of the current software; an update unit configured to update the software using the update software if the rollback detection unit determines that the version of the update software is newer than the version of the current software; and a second verification unit configured to verify whether the update unit has successfully updated the software, wherein if the second verification unit determines that the software has been successfully updated, the version management unit increases the version number held in the counter unit until the version number matches the version number of the update software. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A control method for an information processing apparatus using a security chip, comprising:
-
holding a counter value which monotonically increases; managing a current version number of software by the counter value; verifying validity of update software of the software and a version number of the update software; detecting, by comparing the version number of the update software with the current version number of the software indicated by the counter value, whether a version of the update software is newer than a version of the current software; updating the software using the update software if it is determined that the version of the update software is newer than the version of the current software; and verifying whether the software has been successfully updated, wherein if it is determined, in the verifying whether the software has been successfully updated, that the software has been successfully updated, the version number indicated by the counter value is increased in the managing until the version number matches the version number of the update software.
-
-
7. A non-transitory computer-readable storage medium storing a program to be executed by a processor of an information processing apparatus using a security chip, wherein the processor
holds a counter value which monotonically increases, manages a current version number of software by the counter value, verifies validity of update software of the software and a version number of the update software, detects, by comparing the version number of the update software with the current version number of the software indicated by the counter value, whether a version of the update software is newer than a version of the current software, updates the software using the update software if it is determined that the version of the update software is newer than the version of the current software, and verifies whether the software has been successfully updated, and if it is determined in the verification that the software has been successfully updated, the version number indicated by the counter value is increased in the management until the version number matches the version number of the update software.
-
8. An information processing apparatus using a security chip which holds a counter unit capable of monotonically increasing a counter, comprising:
-
a management unit configured to manage a version number of software of the information processing apparatus by the counter of the counter unit; and an update unit configured to update the software, wherein if the update by the update unit succeeds, the management unit increases the counter of the counter unit up to a version number of the software after the update, and if the update by the update unit fails, the update unit returns the software to the software before the update.
-
Specification