Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage
First Claim
Patent Images
1. In a computer system comprising a non-volatile storage having stored therein data content, a method for protecting the non-volatile storage from unauthorized write access, the method comprising:
- a) reading a plurality of associated authentication functions from the non-volatile storage, and securing the plurality of associated authentication functions on the computer system; and
b) selectively invoking the associated authentication functions to authenticate the write data of a write access to the non-volatile storage.
0 Assignments
0 Petitions
Accused Products
Abstract
An electronic signature is generated in a predetermined manner and attached to a transferable unit of write data, to facilitate authenticating the write data before allowing the write data to be written into a protected non-volatile storage. The write data is authenticated using a collection of secured authentication functions. Additionally, the actual writing of the authenticated write data into the protected non-volatile storage is performed by a secured copy utility.
-
Citations
34 Claims
-
1. In a computer system comprising a non-volatile storage having stored therein data content, a method for protecting the non-volatile storage from unauthorized write access, the method comprising:
-
a) reading a plurality of associated authentication functions from the non-volatile storage, and securing the plurality of associated authentication functions on the computer system; and
b) selectively invoking the associated authentication functions to authenticate the write data of a write access to the non-volatile storage. - View Dependent Claims (2, 3, 4, 5, 6)
(b.1) invoking a secured decryption function of the secured authentication functions to reconstitute the first digest by decrypting the associated electronic signature using a secured public key complementary to the secret private key, (b.2) invoking a secured message digest function of the secured authentication functions to generate a second digest based on the content of the write data of the write access, and (b.3) invoking a secured digest comparison function of the secured authentication functions to determine if the write data of the write access is authentic by comparing the first and second digests.
-
-
5. The computer implemented method as set forth in claim 4, wherein step (b) further comprises step (b.4) conditionally invoking a secured copy utility of the secured authentication functions to copy the write data into the protected nonvolatile storage if the first and second digests compared successfully in step (b.3).
-
6. The computer implemented method of claim 4, wherein unsecuring the secured associated authentication functions (b.1) comprises issuing a system management interrupt (SMI) placing the computer system into SMM, wherein the system management memory is mapped to the normal memory space from which the associated authentication functions are selectively invoked to authenticate received data.
-
7. A computer system comprising:
-
(a) a non-volatile storage having stored therein data content;
(b) a plurality of authentication functions associated with the data content and stored in the non-volatile storage, to authenticate the write data of a write access to the non-volatile storage wherein the associated authentication functions authenticate the write data using an electronic signature which is functionally dependent on the content of the write data;
(c) a secured memory unit to store and secure the plurality of associated authentication functions when read from the non-volatile storage; and
(d) a processor coupled to the non-volatile storage and the secured memory unit to selectively invoke the associated authentication functions to authenticate the write data of a write access to the non-volatile storage. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
a decryption function for reconstituting a first digest by decrypting the electronic signature with a public key, the electronic signature being generated by encrypting the first digest with a secret private key in a complementary manner, a message digest function for generating a second digest based on the content of the write data of the write access in the same manner the first digest was generated, and a digest comparison function for determining whether the write data of the write access is authentic by comparing the first and second digests. -
9. The computer system as set forth in claim 8, wherein the decryption function, the message digest function and the digest comparison function are implemented as a plurality of system basic input/output services (BIOS) of the computer system, which are copied into the secured memory unit during system initialization, the secured memory unit being normally not mapped into a normal system memory space of the computer system except when the processor is executing in a system management mode, and the secured memory unit being write protected except for system initialization and processor execution mode transition.
-
10. The computer system as set forth in claim 9, wherein
the non-volatile storage is a FLASH memory storage unit for storing system BIOS; -
the decryption function, the message digest function, the digest encryption function and the public key are pre-stored in the FLASH memory storage unit;
the computer system further includes main memory coupled to the processor; and
the write data of the write access are system BIOS updates staged in a buffer in the main memory.
-
-
11. The computer system as set forth in claim 10, wherein
the computer system further includes a memory controller coupled to the processor, the main memory, the secured memory unit and the FLASH memory for controlling memory access; a FLASH security circuit coupled to the memory controller and the FLASH memory for qualifying a write signal provided by the memory controller to the FLASH memory for the write access, and for generating an interrupt to place the processor in the system management mode.
-
12. The computer system as set forth in claim 11, wherein
the computer system further includes an I/O port coupled to the processor and the FLASH security circuit for notifying the FLASH security circuit of the write access. -
13. The computer system as set forth in claim 8, wherein the plurality of authentication functions further include a copy function for conditionally copying the write data of the write access into the non-volatile storage if the digest comparison function successfully compares the first and second digests.
-
14. The computer system of claim 7, wherein the processor enters system management mode (SMM) upon receipt of a system management interrupt (SMI), whereafter, the processor selectively invokes the associated authentication functions to authenticate received data.
-
-
15. A computer system motherboard comprising:
-
(a) a non-volatile memory storage unit; and
(b) system basic input/output services (BIOS) and a plurality of associated authentication functions stored in the non-volatile memory storage unit, wherein the plurality of associated authentication functions authenticate the write data of a write access to update the system BIOS using an electronic signature that is functionally dependent on the content of the system BIOS updates. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
(c) main memory for staging the system BIOS updates in a buffer. -
17. The computer system motherboard as set forth in claim 16, wherein the computer system motherboard further includes
(d) system management memory for storing and securing the plurality of authentication functions during operation of the computer system, the plurality of authentication functions being copied into the system management memory during system initialization, the system management memory being normally not mapped into a normal system memory space of the computer system except when the computer system is executing in a system management mode, and the system management memory being write protected except for system initialization and system execution mode transition. -
18. The computer system motherboard as set forth in claim 17, wherein the computer system motherboard further comprises
(e) a processor coupled to the non-volatile memory storage and the system management memory for invoking the authentication functions during operation of the computer system in system management mode to authenticate the system BIOS updates, and to allow only authenticated system BIOS updates to be written from the buffer of main memory into the non-volatile memory storage unit. -
19. The computer system motherboard as set forth in claim 18, wherein the computer system motherboard further comprises:
-
(f) a memory controller coupled to the processor, the main memory, the system management memory and the non-volatile memory storage unit for controlling memory access;
(g) a non-volatile memory access security circuit coupled to the memory controller and the non-volatile memory storage unit for qualifying a write signal provided by the memory controller to the non-volatile memory storage unit for a write access initiated to write the system BIOS updates into the non-volatile memory storage unit, and for generating an interrupt to place the computer system in the system management mode.
-
-
20. The computer system motherboard as set forth in claim 19, wherein the computer system motherboard further includes an I/O port coupled to the processor and the non-volatile memory access security circuit for notifying the non-volatile memory security circuit of the write access.
-
21. The computer system motherboard of claim 17, wherein the computer system enters system management mode (SMM) upon receipt of a system management interrupt (SMI), whereafter the computer system selectively invokes the associated authentication functions to authenticate received data.
-
22. The computer system motherboard as set forth in claim 15, wherein the plurality of authentication functions include
a decryption function for reconstituting a first digest by decrypting the electronic signature with a public key, the electronic signature being generated by encrypting the first digest with a secret private key in a complementary manner, a message digest function for generating a second digest based on the content of the system BIOS updates in the same manner the first digest was generated, and a digest comparison function for determining whether the system BIOS updates are authentic by comparing the first and second digests. -
23. The computer system as set forth in claim 22, wherein the plurality of authentication functions further include a copy function for conditionally copying the system BIOS updates into the non-volatile memory storage unit if the digest comparison function successfully compares the first and second digests.
-
- 24. A storage medium having stored thereon a plurality of executable instructions that, when executed, implement a set of system basic input/output services (BIOS) and authenticate a system BIOS update using an electronic signature associated with the system BIOS update, wherein the content of the electronic signature is functionally dependent on the content of the system BIOS update.
- 29. A FLASH memory having stored therein a plurality of executable instructions that, when executed, authenticate a system BIOS update.
-
33. A FLASH memory having stored therein a plurality of executable instructions that, when executed, authenticate a BIOS update by:
-
a) decrypting an electronic signature to generate a first digest;
b) creating a second digest from a system BIOS update; and
c) comparing the first digest with the second digest.
-
-
34. A storage medium having stored therein:
-
a) a plurality of executable instructions that, when executed, present a system BIOS update for authentication by a computer system having a non-volatile memory containing a BIOS; and
b) an electronic signature for the system BIOS update.
-
Specification