Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
First Claim
1. A method of facilitating secure operation of an integrated system having multiple levels of software, said method comprising:
- beginning system initialization by decrypting stored encrypted initialization code, said decrypting occurring at a data access control function of the integrated system;
authenticating a next level of software of the multiple levels of software before passing control of the integrated system to the next level of software; and
limiting ability of the next level of software to modify an operational characteristic of the integrated system, said limiting being implemented in hardware at the data access control function of the integrated system.
4 Assignments
0 Petitions
Accused Products
Abstract
Techniques are provided for initializing, maintaining, updating and recovering secure operation within an integrated system. The techniques, which employ a data access control function within the integrated system, include authenticating by a current level of software a next level of software within an integrated system. The authenticating occurs before control is passed to the next level of software. Further, an ability of the next level of software to modify an operational characteristic of the integrated system can be selectively limited via the data access control function. Techniques are also provided for initializing secure operation of the integrated system, for migrating data encrypted using a first key set to data encrypted using a second key set, for updating software and keys within the integrated system, and for recovering integrated system functionality following a trigger event.
87 Citations
26 Claims
-
1. A method of facilitating secure operation of an integrated system having multiple levels of software, said method comprising:
-
beginning system initialization by decrypting stored encrypted initialization code, said decrypting occurring at a data access control function of the integrated system;
authenticating a next level of software of the multiple levels of software before passing control of the integrated system to the next level of software; and
limiting ability of the next level of software to modify an operational characteristic of the integrated system, said limiting being implemented in hardware at the data access control function of the integrated system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
determining a software level update is available;
determining the current level of software is authorized to authenticate the updated level of software, and if so, proceeding to accept the software level update into the integrated system employing the data access control function.
-
-
6. The method of claim 5, wherein the updated level of software comprises an initialization code update, and wherein the method further includes:
-
authenticating and decrypting the initialization code update;
encrypting the decrypted initialization code update with a master key set maintained by the data access control function and a new version number; and
updating an initialization re-direction address maintained by the data access control function to a new, updated initialization location address.
-
-
7. The method of claim 5, wherein if the current level of software is unable to authenticate the software level update, then the software level update is held at the integrated system until an appropriate level of software is running and able to authenticate the software level update.
-
8. The method of claim 5, wherein the proceeding to accept the software level update into the integrated system comprises encrypting for storage the software level update, the encrypting comprising employing a new version number when encrypting the software level update.
-
9. The method of claim 1, further in combination with a method of initializing secure operation loading encrypted initialization code of an integrated system, said method comprising:
-
generating at least one key for the integrated system;
loading initialization code into the integrated system, the loading including using the at least one key to encrypt the initialization code via the data access control function of the integrated system.
-
-
10. The method of claim 9, wherein the generating comprises generating within the integrated system the at least one key.
-
11. The method of claim 9, further comprising loading additional code into the integrated system using the encrypted initialization code.
-
12. The method of claim 11, wherein the loading of additional code includes utilizing the encrypted initialization code to implement random key generation within the integrated system for use in encrypting the additional code by the data access control function.
-
13. The method of claim 9, wherein the loading further includes encrypting the initialization code using the at least one key and a memory address for whitening.
-
14. A system for facilitating secure operation of an integrated system having multiple levels of software, said method comprising:
-
means for beginning system initialization by decrypting stored encrypted initialization code, said decrypting occurring in hardware at a data access control function of the integrated system;
means for authenticating a next level of software of the multiple levels of software before passing control of the integrated system to the next level of software; and
means for limiting ability of the next level of software to modify an operational characteristic of the integrated system, said limiting being implemented in hardware at the data access control function of the integrated system. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
means for determining a software level update is available;
means for determining a current level of software is authorized to authenticate the updated level of software, and if so, proceeding to accept the software level update into the integrated system employing the data access control function.
-
-
19. The system of claim 18, wherein the updated level of software comprises an initialization code update, and wherein the system further includes:
-
means for authenticating and decrypting the initialization code update;
means for encrypting the decrypted initialization code update with a master key set maintained by the data access control function and a new version number; and
means for updating an initialization re-direction address maintained by the data access control function to a new, updated initialization location address.
-
-
20. The system of claim 18, wherein if the current level of software is unable to authenticate the software level update, then the software level update is held at the integrated system until an appropriate level of software is running and able to authenticate the software level update.
-
21. The system of claim 18, wherein the means for proceeding to accept the software level update into the integrated system comprises means for encrypting for storage the software level update, the means for encrypting comprising means for employing a new version number when encrypting the software level update.
-
22. The system of claim 14, further in combination with a system for loading encrypted initialization code of an integrated system, said system comprising:
-
means for generating at least one key for the integrated system;
means for loading initialization code into the integrated system, the means for loading including means for using the at least one key to encrypt the initialization code via the data access control function of the integrated system.
-
-
23. The system of claim 22, wherein the means for generating comprises means for generating within the integrated system the at least one key.
-
24. The system of claim 22, further comprising means for loading additional code into the integrated system using the encrypted initialization code.
-
25. The system of claim 22, wherein the means for loading of additional code includes means for utilizing the encrypted initialization code to implement random key generation within the integrated system for use in encrypting the additional code by the data access control function.
-
26. The system of claim 22, wherein the means for loading further includes means for encrypting the initialization code using the at least one key and a memory address for whitening.
Specification