Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function

US 6,715,085 B2
Filed: 04/18/2002
Issued: 03/30/2004
Est. Priority Date: 04/18/2002
Status: Active Grant

First Claim

Patent Images

1. A method of facilitating secure operation of an integrated system having multiple levels of software, said method comprising:

beginning system initialization by decrypting stored encrypted initialization code, said decrypting occurring at a data access control function of the integrated system;

authenticating a next level of software of the multiple levels of software before passing control of the integrated system to the next level of software; and

limiting ability of the next level of software to modify an operational characteristic of the integrated system, said limiting being implemented in hardware at the data access control function of the integrated system.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are provided for initializing, maintaining, updating and recovering secure operation within an integrated system. The techniques, which employ a data access control function within the integrated system, include authenticating by a current level of software a next level of software within an integrated system. The authenticating occurs before control is passed to the next level of software. Further, an ability of the next level of software to modify an operational characteristic of the integrated system can be selectively limited via the data access control function. Techniques are also provided for initializing secure operation of the integrated system, for migrating data encrypted using a first key set to data encrypted using a second key set, for updating software and keys within the integrated system, and for recovering integrated system functionality following a trigger event.

87 Citations

View as Search Results

26 Claims

1. A method of facilitating secure operation of an integrated system having multiple levels of software, said method comprising:
- beginning system initialization by decrypting stored encrypted initialization code, said decrypting occurring at a data access control function of the integrated system;
  
  authenticating a next level of software of the multiple levels of software before passing control of the integrated system to the next level of software; and
  
  limiting ability of the next level of software to modify an operational characteristic of the integrated system, said limiting being implemented in hardware at the data access control function of the integrated system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the limiting comprises limiting ability of the next level of software to modify at least one of a key set(s), an access table(s), an access level(s) and an access parameter(s) maintained by the data access control function.
  - 3. The method of claim 2, wherein said limiting comprises at least one of hiding the key set(s) or locking access to the access table(s), the access level(s) or the access parameter(s) maintained by the data access control function.
  - 4. The method of claim 1, further comprising authenticating said initialization code to be employed in initializing secure operation of the integrated system, said authentication of the initialization code being performed by said data access control function of the integrated system.
  - 5. The method of claim 1, in combination with a method for updating a level of software, said method for updating the level of software comprising:
6. The method of claim 5, wherein the updated level of software comprises an initialization code update, and wherein the method further includes:
- authenticating and decrypting the initialization code update;
  
  encrypting the decrypted initialization code update with a master key set maintained by the data access control function and a new version number; and
  
  updating an initialization re-direction address maintained by the data access control function to a new, updated initialization location address.
7. The method of claim 5, wherein if the current level of software is unable to authenticate the software level update, then the software level update is held at the integrated system until an appropriate level of software is running and able to authenticate the software level update.
8. The method of claim 5, wherein the proceeding to accept the software level update into the integrated system comprises encrypting for storage the software level update, the encrypting comprising employing a new version number when encrypting the software level update.
9. The method of claim 1, further in combination with a method of initializing secure operation loading encrypted initialization code of an integrated system, said method comprising:
- generating at least one key for the integrated system;
  
  loading initialization code into the integrated system, the loading including using the at least one key to encrypt the initialization code via the data access control function of the integrated system.
10. The method of claim 9, wherein the generating comprises generating within the integrated system the at least one key.
11. The method of claim 9, further comprising loading additional code into the integrated system using the encrypted initialization code.
12. The method of claim 11, wherein the loading of additional code includes utilizing the encrypted initialization code to implement random key generation within the integrated system for use in encrypting the additional code by the data access control function.
13. The method of claim 9, wherein the loading further includes encrypting the initialization code using the at least one key and a memory address for whitening.

14. A system for facilitating secure operation of an integrated system having multiple levels of software, said method comprising:
- means for beginning system initialization by decrypting stored encrypted initialization code, said decrypting occurring in hardware at a data access control function of the integrated system;
  
  means for authenticating a next level of software of the multiple levels of software before passing control of the integrated system to the next level of software; and
  
  means for limiting ability of the next level of software to modify an operational characteristic of the integrated system, said limiting being implemented in hardware at the data access control function of the integrated system.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The system of claim 14, wherein the means for limiting comprises means for limiting ability of the next level of software to modify at least one of a key set(s), an access table(s), an access level(s) and an access parameter(s) maintained by the data access control function.
  - 16. The system of claim 15, wherein said means for limiting comprises at least one of hiding the key set(s) or locking access to the access table(s), the access level(s) or the access parameter(s) maintained by the data access control function.
  - 17. The system of claim 14, further comprising means for authenticating said initialization code to be employed in initializing secure operation of the integrated system, said authentication of the initialization code being performed in hardware by said data access control function of the integrated system.
  - 18. The system of claim 14, in combination with a system for updating a level of software, said system for updating the level of software comprising:
19. The system of claim 18, wherein the updated level of software comprises an initialization code update, and wherein the system further includes:
- means for authenticating and decrypting the initialization code update;
  
  means for encrypting the decrypted initialization code update with a master key set maintained by the data access control function and a new version number; and
  
  means for updating an initialization re-direction address maintained by the data access control function to a new, updated initialization location address.
20. The system of claim 18, wherein if the current level of software is unable to authenticate the software level update, then the software level update is held at the integrated system until an appropriate level of software is running and able to authenticate the software level update.
21. The system of claim 18, wherein the means for proceeding to accept the software level update into the integrated system comprises means for encrypting for storage the software level update, the means for encrypting comprising means for employing a new version number when encrypting the software level update.
22. The system of claim 14, further in combination with a system for loading encrypted initialization code of an integrated system, said system comprising:
- means for generating at least one key for the integrated system;
  
  means for loading initialization code into the integrated system, the means for loading including means for using the at least one key to encrypt the initialization code via the data access control function of the integrated system.
23. The system of claim 22, wherein the means for generating comprises means for generating within the integrated system the at least one key.
24. The system of claim 22, further comprising means for loading additional code into the integrated system using the encrypted initialization code.
25. The system of claim 22, wherein the means for loading of additional code includes means for utilizing the encrypted initialization code to implement random key generation within the integrated system for use in encrypting the additional code by the data access control function.
26. The system of claim 22, wherein the means for loading further includes means for encrypting the initialization code using the at least one key and a memory address for whitening.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Daedalus Blue LLC
Original Assignee
International Business Machines Corporation
Inventors
Hall, William E., Rosu, Marcel C., Foster, Eric M.
Primary Examiner(s)
Barron, Gilberto
Assistant Examiner(s)
Nobahar, Abdulhakim

Application Number

US10/125,803
Publication Number

US 20030200454A1
Time in Patent Office

712 Days
Field of Search

713/189, 713/201, 713/2, 713/152, 713/182, 713/187, 713/190, 713/200
US Class Current

726/27
CPC Class Codes

G06F 21/575   Secure boot

G06F 21/6218   to a system of files or obj...

G06F 2221/2149   Restricted operating enviro...

H04L 9/0891   Revocation or update of sec...

H04L 9/0894   Escrow, recovery or storing...

Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

87 Citations

26 Claims

Specification

Use Cases

Quick Links

Others

Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

87 Citations

26 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others