Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage

US 6,510,521 B1
Filed: 07/08/1998
Issued: 01/21/2003
Est. Priority Date: 02/09/1996
Status: Expired due to Term

First Claim

Patent Images

1. In a computer system comprising a non-volatile storage having stored therein data content, a method for protecting the non-volatile storage from unauthorized write access, the method comprising:

a) reading a plurality of associated authentication functions from the non-volatile storage, and securing the plurality of associated authentication functions on the computer system; and

b) selectively invoking the associated authentication functions to authenticate the write data of a write access to the non-volatile storage.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electronic signature is generated in a predetermined manner and attached to a transferable unit of write data, to facilitate authenticating the write data before allowing the write data to be written into a protected non-volatile storage. The write data is authenticated using a collection of secured authentication functions. Additionally, the actual writing of the authenticated write data into the protected non-volatile storage is performed by a secured copy utility.

Citations

34 Claims

1. In a computer system comprising a non-volatile storage having stored therein data content, a method for protecting the non-volatile storage from unauthorized write access, the method comprising:
- a) reading a plurality of associated authentication functions from the non-volatile storage, and securing the plurality of associated authentication functions on the computer system; and
  
  b) selectively invoking the associated authentication functions to authenticate the write data of a write access to the non-volatile storage.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer implemented method as set forth in claim 1, wherein step (a) comprises securing the authentication functions in a secured portion of memory of the computer system.
  - 3. The computer implemented method as set forth in claim 2, wherein the authentication functions of step (a) are implemented as a plurality of system basic input/output services (BIOS) of the computer system;
    - and step (a) comprises copying the plurality of system BIOS into system management memory of the computer system during system initialization, the system management memory being normally not mapped into a normal system memory space of the computer system except when the computer system is executing in a system management mode, and the system management memory being write protected except for system initialization and system execution mode transition.
  - 4. The computer implemented method as set forth in claim 1, wherein the associated electronic signature is generated by encrypting a first digest with a secret private key, the first digest being generated based on the content of the write data of the write access;
    - and step (b) comprises
5. The computer implemented method as set forth in claim 4, wherein step (b) further comprises step (b.4) conditionally invoking a secured copy utility of the secured authentication functions to copy the write data into the protected nonvolatile storage if the first and second digests compared successfully in step (b.3).
6. The computer implemented method of claim 4, wherein unsecuring the secured associated authentication functions (b.1) comprises issuing a system management interrupt (SMI) placing the computer system into SMM, wherein the system management memory is mapped to the normal memory space from which the associated authentication functions are selectively invoked to authenticate received data.

7. A computer system comprising:
- (a) a non-volatile storage having stored therein data content;
  
  (b) a plurality of authentication functions associated with the data content and stored in the non-volatile storage, to authenticate the write data of a write access to the non-volatile storage wherein the associated authentication functions authenticate the write data using an electronic signature which is functionally dependent on the content of the write data;
  
  (c) a secured memory unit to store and secure the plurality of associated authentication functions when read from the non-volatile storage; and
  
  (d) a processor coupled to the non-volatile storage and the secured memory unit to selectively invoke the associated authentication functions to authenticate the write data of a write access to the non-volatile storage.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The computer system as set forth in claim 7, wherein the plurality of authentication functions include
- 9. The computer system as set forth in claim 8, wherein the decryption function, the message digest function and the digest comparison function are implemented as a plurality of system basic input/output services (BIOS) of the computer system, which are copied into the secured memory unit during system initialization, the secured memory unit being normally not mapped into a normal system memory space of the computer system except when the processor is executing in a system management mode, and the secured memory unit being write protected except for system initialization and processor execution mode transition.
- 10. The computer system as set forth in claim 9, whereinthe non-volatile storage is a FLASH memory storage unit for storing system BIOS;
  - the decryption function, the message digest function, the digest encryption function and the public key are pre-stored in the FLASH memory storage unit;
    
    the computer system further includes main memory coupled to the processor; and
    
    the write data of the write access are system BIOS updates staged in a buffer in the main memory.
- 11. The computer system as set forth in claim 10, whereinthe computer system further includes a memory controller coupled to the processor, the main memory, the secured memory unit and the FLASH memory for controlling memory access;
  - a FLASH security circuit coupled to the memory controller and the FLASH memory for qualifying a write signal provided by the memory controller to the FLASH memory for the write access, and for generating an interrupt to place the processor in the system management mode.
- 12. The computer system as set forth in claim 11, whereinthe computer system further includes an I/O port coupled to the processor and the FLASH security circuit for notifying the FLASH security circuit of the write access.
- 13. The computer system as set forth in claim 8, wherein the plurality of authentication functions further include a copy function for conditionally copying the write data of the write access into the non-volatile storage if the digest comparison function successfully compares the first and second digests.
- 14. The computer system of claim 7, wherein the processor enters system management mode (SMM) upon receipt of a system management interrupt (SMI), whereafter, the processor selectively invokes the associated authentication functions to authenticate received data.

15. A computer system motherboard comprising:
- (a) a non-volatile memory storage unit; and
  
  (b) system basic input/output services (BIOS) and a plurality of associated authentication functions stored in the non-volatile memory storage unit, wherein the plurality of associated authentication functions authenticate the write data of a write access to update the system BIOS using an electronic signature that is functionally dependent on the content of the system BIOS updates.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
- - 16. The computer system motherboard as set forth in claim 15, wherein the computer system motherboard further includes
- 17. The computer system motherboard as set forth in claim 16, wherein the computer system motherboard further includes(d) system management memory for storing and securing the plurality of authentication functions during operation of the computer system, the plurality of authentication functions being copied into the system management memory during system initialization, the system management memory being normally not mapped into a normal system memory space of the computer system except when the computer system is executing in a system management mode, and the system management memory being write protected except for system initialization and system execution mode transition.
- 18. The computer system motherboard as set forth in claim 17, wherein the computer system motherboard further comprises(e) a processor coupled to the non-volatile memory storage and the system management memory for invoking the authentication functions during operation of the computer system in system management mode to authenticate the system BIOS updates, and to allow only authenticated system BIOS updates to be written from the buffer of main memory into the non-volatile memory storage unit.
- 19. The computer system motherboard as set forth in claim 18, wherein the computer system motherboard further comprises:
  - (f) a memory controller coupled to the processor, the main memory, the system management memory and the non-volatile memory storage unit for controlling memory access;
    
    (g) a non-volatile memory access security circuit coupled to the memory controller and the non-volatile memory storage unit for qualifying a write signal provided by the memory controller to the non-volatile memory storage unit for a write access initiated to write the system BIOS updates into the non-volatile memory storage unit, and for generating an interrupt to place the computer system in the system management mode.
- 20. The computer system motherboard as set forth in claim 19, wherein the computer system motherboard further includes an I/O port coupled to the processor and the non-volatile memory access security circuit for notifying the non-volatile memory security circuit of the write access.
- 21. The computer system motherboard of claim 17, wherein the computer system enters system management mode (SMM) upon receipt of a system management interrupt (SMI), whereafter the computer system selectively invokes the associated authentication functions to authenticate received data.
- 22. The computer system motherboard as set forth in claim 15, wherein the plurality of authentication functions includea decryption function for reconstituting a first digest by decrypting the electronic signature with a public key, the electronic signature being generated by encrypting the first digest with a secret private key in a complementary manner, a message digest function for generating a second digest based on the content of the system BIOS updates in the same manner the first digest was generated, and a digest comparison function for determining whether the system BIOS updates are authentic by comparing the first and second digests.
- 23. The computer system as set forth in claim 22, wherein the plurality of authentication functions further include a copy function for conditionally copying the system BIOS updates into the non-volatile memory storage unit if the digest comparison function successfully compares the first and second digests.

24. A storage medium having stored thereon a plurality of executable instructions that, when executed, implement a set of system basic input/output services (BIOS) and authenticate a system BIOS update using an electronic signature associated with the system BIOS update, wherein the content of the electronic signature is functionally dependent on the content of the system BIOS update.
- View Dependent Claims (25, 26, 27, 28)
- - 25. The storage medium of claim 24, wherein the plurality of executable instructions for authenticating a system BIOS update may be read from the storage medium and retained in secured memory upon initialization of a host computer system.
  - 26. The storage medium of claim 25, wherein the secured memory is a system management memory that is not mapped into system memory space of the computer system unless the computer system is to execute in a system management mode, and the system management memory is write protected except for system initialization and system execution mode transition.
  - 27. The storage medium of claim 24, wherein the plurality of executable instructions, when executed, implement:
    - a decryption function that uses a public key to decrypt an electronic signature to generate a first digest, a message digest function to generate a second digest based, at least in part, on the content of a system BIOS update, and a digest comparison function for comparing the first digest to the second digest.
  - 28. The storage medium of claim 24, wherein the plurality of executable instructions, when executed, further copy a system BIOS update into the storage medium if the digest comparison function indicates that the first digest and the second digest are complementary.

29. A FLASH memory having stored therein a plurality of executable instructions that, when executed, authenticate a system BIOS update.
- View Dependent Claims (30, 31, 32)
- - 30. The FLASH memory of claim 29, wherein the executable instructions, when executed, use a public key to decrypt an electronic signature to generate a first digest.
  - 31. The FLASH memory of claim 30, wherein the executable instructions, when executed, apply a message digest function to a system BIOS update to generate a second digest.
  - 32. The FLASH memory of claim 31, wherein the executable instructions, when executed, compare the first digest with the second digest.

33. A FLASH memory having stored therein a plurality of executable instructions that, when executed, authenticate a BIOS update by:
- a) decrypting an electronic signature to generate a first digest;
  
  b) creating a second digest from a system BIOS update; and
  
  c) comparing the first digest with the second digest.

34. A storage medium having stored therein:
- a) a plurality of executable instructions that, when executed, present a system BIOS update for authentication by a computer system having a non-volatile memory containing a BIOS; and
  
  b) an electronic signature for the system BIOS update.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Albrecht, Mark, Wildgrube, Frank
Primary Examiner(s)
Peeso, Thomas R.

Application Number

US09/111,542
Time in Patent Office

1,658 Days
Field of Search

380/285, 380/30, 705/57, 705/76, 713/168, 713/170, 713/176, 713/193, 713/200, 713/201, 713/189
US Class Current

713/193
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 12/1466   Key-lock mechanism

G06F 21/572   Secure firmware programming...

G06F 21/79   in semiconductor storage me...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2211/1097   Boot, Start, Initialise, Power

Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links