System and method for secure initial program load for diskless workstations
First Claim
1. A method executed by a computer system comprised of a client and a server in a network for providing a secure operating system comprisingstoring a shared key at said client;
- communicating signals across said network comprising a request including said shared key from said client to said server interconnected by said network for activating said operating system at said client;
authenticating said request at said server;
communicating signals across said network comprising a response from said server to said client in response to said authenticated said request, said response from said server including at least a portion of said operating system;
authenticating said at least a portion of said operating system at said client with said shared key; and
activating said operating system at said client in response to said response from said server.
1 Assignment
0 Petitions
Accused Products
Abstract
A client workstation generates a network request for an initial program load. The request is serviced by a server which preferably includes in the reply to the client the addresses of an authentication server (AS), client, and a secure initial program load server (SECIPL). The client then requests an SECIPL service ticket from the AS, also sending a common identifier known to the AS and the client, preferably stored in the client ROM. This identifier is utilized by the AS to validate the ticket request as originating from a bona fide client, whereupon the ticket is provided by the AS to the client, the SECIPL service ticket is then presented by the client to the SECIPL server which then authenticates that the ticket is bona fide and was received by the client from the AS. The SECIPL then provides a secure kernel to the client, either encrypted with a key known to the SECIPL and client, or otherwise secured by a cryptographic checksum utilizing a key known to the client and the SECIPL. In this manner, the client workstation is thereby assured that an authenticated boot image has been received through potentially non-secure communication links.
-
Citations
24 Claims
-
1. A method executed by a computer system comprised of a client and a server in a network for providing a secure operating system comprising
storing a shared key at said client; -
communicating signals across said network comprising a request including said shared key from said client to said server interconnected by said network for activating said operating system at said client; authenticating said request at said server; communicating signals across said network comprising a response from said server to said client in response to said authenticated said request, said response from said server including at least a portion of said operating system; authenticating said at least a portion of said operating system at said client with said shared key; and activating said operating system at said client in response to said response from said server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method executed by a computer system for providing a secure operating environment at a client station, comprising
storing a service key at a secure boot server; -
generating a request for a secure boot image from said client to a boot server; receiving a response from said boot server by said client; communicating a request encoded by a key known by said client and an authentication server, corresponding in part to said boot server response, by said client to said authentication server for a token for said secure boot image comprised of at least said service key and a shared key; storing said shared key at said client; communicating said token from said authentication server to said client in response to said request; communicating said token from said client to said secure boot server; verifying said token with said service key at said secure boot server; communicating to said client from said secure boot server, in response to said verifying, at least a portion of an operating system authenticatable by said client with said shared key; authenticating said at last a portion of said operating system by said client with said shared key; and executing by said client said at least a portion of said operating system in response to said authenticating. - View Dependent Claims (9, 10, 11)
-
-
12. A method executed by a computer system including at least one client workstation interconnected to a network for providing an authenticated operating system at said client workstation comprising
specifying a first key, a service key, and a shared key; -
transmitting onto said network a first request from said client workstation for an operating environment; authenticating said first request received from said network with said first key; transmitting a token corresponding to said first key, said service key and said shared key onto said network, and to said client in response to said authenticating said receiving first request; transmitting onto said network a second request functionally related to said token from said client workstation for said operating environment; authenticating said second request received from said network with said service key; transmitting information at least partially encrypted with said shared key onto said network and to said client workstation in response to said authenticating said received second request; decrypting said at least partially encrypted information at said client with said shared key; and executing said operating environment at said client workstation in response to said decrypting of said at least partially encrypted information. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A system for providing a secure operating system for a client in a network environment, comprising
authentication server means interconnected to said network for authenticating a request from said client for said operating system and providing to said client an indicator of authenticating; -
secure program load server means interconnected to said network for determining said client has received said indicator and transmitting encrypted data including at least a portion of an operating system on said network to said client in response to said determining; and
said network to said client in response to said determining; andclient workstation means interconnected to said network for executing said secure operating system in response to unencrypting of said data by said client. - View Dependent Claims (20, 21, 22, 23)
-
-
24. A system for providing a secure operating system for a client in a network environment, comprising
authentication server means interconnected to said network for authenticating a request from said client for said operating system and providing to said client an indicator of authenticating; -
secure program load server means interconnected to said network for determining said client has received said indicator and transmitting at least a portion of an operating system and a cryptographic checksum of said portion of said operating system on said network to said client in response to said determining; and client workstation means interconnected to said network for executing said secure operating system in response to authenticating said portion of said operating system with said cryptographic checksum by said client.
-
Specification