Secure BIOS
First Claim
Patent Images
1. A system for securely updating an executable code, comprising:
- first storage means for storing a code update;
second storage means for storing said executable code; and
first processing means for authenticating and validating said code update, said first processing means being coupled to said second storage means.
1 Assignment
0 Petitions
Accused Products
Abstract
A subsystem prevents unauthorized modification of BIOS program code embedded in modifiable non-volatile memory devices such as flash memory. A cryptographic coprocessor containing the BIOS memory device performs authentication and validation on the BIOS upgrade based on a public/private key protocol. The authentication is performed by verifying the digital signature embedded in the BIOS upgrade.
516 Citations
43 Claims
-
1. A system for securely updating an executable code, comprising:
-
first storage means for storing a code update; second storage means for storing said executable code; and first processing means for authenticating and validating said code update, said first processing means being coupled to said second storage means. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for securely updating an executable code, comprising:
-
a first storage element for containing a code update; a second storage element that contains said executable code; and a security processor coupled to said second storage element, said security processor for authenticating said code update based on at least one certificate and validating said code update based on a digital signature. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for securely updating an executable code, the method comprising:
-
providing a first storage element for storing a code update; providing a second storage element for storing said executable code; configuring said first storage element to contain at least one certificate; providing a security processor for accessing said second storage element; authenticating said code update based on said at least one digital certificate by said security processor; and updating said executable code with said code update if said code update is authenticated. - View Dependent Claims (20, 21, 22, 23)
-
-
24. A system comprising:
-
a first storage element for containing a code update; a second storage element that contains an executable code; and a security processor coupled to said second storage element, the security processor for authenticating the code update based on at least one certificate. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A system comprising:
-
a first storage element for containing a code update; a second storage element that contains an executable code; and a security processor coupled to the second storage element, the security processor for validating said code update. - View Dependent Claims (34, 35, 36, 37, 38)
-
-
39. A system comprising:
-
a first storage element that contains information; a second storage element for containing update information; and a security processor coupled to the first storage element, the security processor validating the update information to determine whether the update information is to be subsequently loaded into the first storage element. - View Dependent Claims (40, 41, 42, 43)
-
Specification