System for protecting computers via intelligent tokens or smart cards

US 5,448,045 A
Filed: 02/26/1993
Issued: 09/05/1995
Est. Priority Date: 02/26/1992
Status: Expired due to Term

First Claim

Patent Images

1. A method for reducing the possibility of corruption of critical information required in the operation of a computer comprising:

storing the critical information in a device,communicating authorization information between the device and the computer, andin the course of booting the computer, executing modified boot code that causes the device, in response to the authorization information, to allow the computer access to the critical information stored in the device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The possibility of corruption of critical information required in the operation of a computer is reduced by storing the critical information in a device; communicating authorization information between the device and the computer; and causing the device, in response to the authorization information, to enable the computer to read the critical information stored in the device. The device includes a housing, a memory within the housing containing information needed for startup of the host computer, and a communication channel for allowing the memory to be accessed externally of the housing. The device is initialized by storing the critical information in memory on the device, storing authorization information in memory on the device, and configuring a microprocessor in the device to release the critical information to the computer only after completing an authorization routine based on the authorization information.

Citations

17 Claims

1. A method for reducing the possibility of corruption of critical information required in the operation of a computer comprising:
- storing the critical information in a device,communicating authorization information between the device and the computer, andin the course of booting the computer, executing modified boot code that causes the device, in response to the authorization information, to allow the computer access to the critical information stored in the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1 wherein the steps of communicating authorization information and enabling the computer to read comprisea user entering a password, andthe device verifying the password.
  - 3. The method of claim 1 wherein the authorization information comprises biometric information about a user.
  - 4. The method of claim 1 further comprisingstoring a password in the device,in the device, comparing the stored password with an externally supplied password, andbasing a determination of whether to enable the computer to read the stored critical information on the results of the step of comparing the passwords.
  - 5. The method of claim 1 wherein the device comprises a microprocessor and a memory.
  - 6. The method of claim 5 wherein the device comprises a pocket-sized card containing the microprocessor and the memory.
  - 7. The method of claim 1 wherein said critical information comprises boot-sector information used in starting the computer.
  - 8. The method of claim 1 wherein said critical information comprises executable code.
  - 9. The method of claim 1 wherein said critical information comprises system data or user data.
  - 10. The method of claim 1 further comprisingthe computer booting itself from the critical information read from the device.
  - 11. The method of claim 1 further comprising storing the modified boot code in the form of a BIOS extension.
  - 12. The method of claim 1 wherein the steps of communicating authorization information and enabling the computer to read, comprisethe device passing to the computer, secret information shared with the computer, andthe computer validating the shared secret information passed from the device.
  - 13. The method of claim 12 wherein the shared secret information comprises a host access code.
  - 14. The method of claim 1 wherein the authorization information comprises file signatures for executable code.
  - 15. The method of claim 1 wherein the authorization information comprises a user'"'"'s cryptographic key.
  - 16. The method of claim 1 wherein the stored critical information includes file integrity information.

17. A method of booting a computer, comprisingstoring, in a device which is separate from the computer, boot information, user authorization information, and device authorization information in the form of a secret shared with the computer,providing a communication link between the device and the computer,receiving possibly valid authorization information from a user,in the device, checking the possibly valid authorization information against the stored user authorization information to determine validity,if the password is determined to be valid, passing the boot information and the shared secret information from the device to the computer,in the computer, checking the validity of the shared secret information, andin the course of booting the computer, executing modified boot code that causes, if the shared secret information is valid, the boot information to be used in booting the computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intellectual Ventures Trusted Platform Assets LLC (Intellectual Ventures LLC)
Original Assignee
Paul C. Clark
Inventors
Clark, Paul C.
Primary Examiner(s)
SHEPPERD, JOHN W

Application Number

US08/023,628
Time in Patent Office

921 Days
Field of Search

235/375, 235/380, 235/382, 235/382.5, 380/4, 380/25
US Class Current

235/382
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/575   Secure boot

G06F 2221/2153   Using hardware token as a s...

G06F 9/4401   Bootstrapping security arra...

System for protecting computers via intelligent tokens or smart cards

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System for protecting computers via intelligent tokens or smart cards

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links