Method and system for updating a root of trust measurement function in a personal computer
First Claim
Patent Images
1. A method for updating a root of trust measurement (RTM) function in a personal computer, the RTM function being located in a boot block of the personal computer, the method comprising the steps of:
- a) initializing a request to update the RTM function, wherein step a) further comprises;
a1) detecting the request to update the RTM function; and
a2) storing a new RTM function within a file on a local storage media;
b) unlocking the boot block based on an authentication process; and
c) updating the RTM function.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for updating a root of trust measurement (RTM) function in a personal computer is disclosed. The RTM function is located in a boot block of the personal computer. The method and system comprise initializing a request to update the RTM function and unlocking the boot block based on an authentication process. The method and system further includes updating the RTM function. Through the use of the method and system in accordance with the present invention, the RTM function in a personal computer is updated in a manner that ensures that the update is authentic.
58 Citations
34 Claims
-
1. A method for updating a root of trust measurement (RTM) function in a personal computer, the RTM function being located in a boot block of the personal computer, the method comprising the steps of:
-
a) initializing a request to update the RTM function, wherein step a) further comprises;
a1) detecting the request to update the RTM function; and
a2) storing a new RTM function within a file on a local storage media;
b) unlocking the boot block based on an authentication process; and
c) updating the RTM function. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
a3) passing the request to the boot block;
a4) updating a POST sequence; and
a5) rebooting the computer.
-
-
4. The method of claim 3 wherein step a3) further comprises:
a3i) passing the request and a pointer to the file via a secure communications buffer within the computer.
-
5. The method of claim 1 wherein step b) further comprises:
-
b1) allowing the boot block to detect the request;
b2) authenticating a digital signature of a POST sequence related to the request; and
b3) allowing the boot block to remain unlocked.
-
-
6. The method of claim 4 wherein step b) further comprises:
-
b1) allowing the boot block to detect the request;
b2) authenticating a digital signature of the POST sequence used in step a5); and
b3) allowing the boot block to remain unlocked.
-
-
7. The method of claim 1 wherein step c) further comprises:
-
c1) detecting the request to update the RTM function;
c2) authenticating the request to update the RTM function; and
c3) verifying a digital signature of a new RTM function.
-
-
8. The method of claim 7 wherein step c) further comprises:
-
c4) replacing the RTM function with the new RTM function; and
c5) rebooting the computer utilizing the new RTM function.
-
-
9. The method of claim 6 wherein step c) further comprises:
-
c1) detecting the request to update the RTM function;
c2) authenticating the request to update the RTM function; and
c3) verifying a digital signature of a new RTM function.
-
-
10. The method of claim 9 wherein step c) further comprises:
-
c4) replacing the RTM function with the new RTM function; and
c5) rebooting the computer utilizing the new RTM function.
-
-
11. The method of claim 10 wherein the personal computer is a Trusted Computing Platform Alliance (TCPA) compliant personal computer.
-
12. A system for updating a root of trust measurement (RTM) function in a personal computer, the RTM function being located in a boot block of the personal computer, comprising:
-
means for initializing a request to update the RTM function, wherein the means for initializing a request further comprises;
means for detecting the request to update the RTM function; and
means for storing a new RTM function within a file on a local storage media;
means for unlocking the boot block based on an authentication process; and
means for updating the RTM function. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
means for passing the request to the boot block;
means for updating a POST sequence; and
means for rebooting the computer.
-
-
15. The system of claim 14 the means for passing the request to the boot block further comprises:
means for passing the request and a pointer to the file via a secure communications buffer within the computer.
-
16. The system of claim 12 wherein the means for initializing a request further comprises:
-
means for allowing the boot block to detect the request;
means for authenticating a digital signature of a POST sequence related to the request; and
means for allowing the boot block to remain unlocked.
-
-
17. The system of claim 15 wherein the means for initializing a request further comprises:
-
means for allowing the boot block to detect the request;
means for authenticating a digital signature of the POST sequence.
-
-
18. The system of claim 12 wherein the means for updating the RTM function further comprises:
-
means for detecting the request to update the RTM function;
means for authenticating the request to update the RTM function; and
means for checking a digital signature of a new RTM function.
-
-
19. The system of claim 18 wherein the means for updating the RTM function further comprises:
-
means for replacing the RTM function with the new RTM function; and
means for rebooting the computer utilizing the new RTM function.
-
-
20. The system of claim 17 wherein the means for updating the RTM function further comprises:
-
means for detecting the request to update the RTM function;
means for authenticating the request to update the RTM function; and
means for checking a digital signature of a new RTM function.
-
-
21. The system of claim 20 wherein the means for updating the RTM function further comprises:
-
means for replacing the RTM function with the new RTM function; and
means for rebooting the computer utilizing the new RTM function.
-
-
22. The system of claim 21 wherein the personal computer is a Trusted Computing Platform Alliance (TCPA) compliant personal computer.
-
23. A computer readable medium containing program instructions for updating a root of trust measurement (RTM) function in a personal computer, the RTM function being located in a boot block of the personal computer, the program instructions for:
-
a) initializing a request to update the RTM function;
b) allowing the boot block to remain unlocked based on an authentication process; and
c) updating the RTM function. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
a1) detecting the request to update the RTM function; and
a2) storing a new RTM function within a file on a local storage media.
-
-
25. The computer readable medium of claim 24 wherein the local storage media comprises a diskette or a hardfile.
-
26. The computer readable medium of claim 25 wherein step a) further comprises:
-
a3) passing the request to the boot block;
a4) updating a POST sequence; and
a5) rebooting the computer.
-
-
27. The computer readable medium of claim 26 wherein step a3) further comprises:
a3i) passing the request and a pointer to the file via a secure communications buffer within the computer.
-
28. The computer readable medium of claim 23 wherein step b) further comprises:
-
b1) allowing the boot block to detect the request;
b2) authenticating a digital signature of a POST sequence related to the request; and
b3) allowing the boot block to remain unlocked.
-
-
29. The computer readable medium of claim 28 wherein step b) further comprises:
-
b1) allowing the boot block to detect the request;
b2) authenticating a digital signature of the POST sequence used in step a5); and
b3) allowing the boot block to remain unlocked.
-
-
30. The computer readable medium of claim 23 wherein step c) further comprises:
-
c1) detecting the request to update the RTM function;
c2) authenticating the request to update the RTM function; and
c3) verifying a digital signature of a new RTM function.
-
-
31. The computer readable medium of claim 30 wherein step c) further comprises:
-
c4) replacing the RTM function with the new RTM function; and
c5) rebooting the computer utilizing the new RTM function.
-
-
32. The computer readable medium of claim 29 wherein step c) further comprises:
-
c1) detecting the request to update the RTM function;
c2) authenticating the request to update the RTM function; and
c3) verifying a digital signature of a new RTM function.
-
-
33. The computer readable medium of claim 32 wherein step c) further comprises:
-
c4) replacing the RTM function with the new RTM function; and
c5) rebooting the computer utilizing the new RTM function.
-
-
34. The computer readable medium of claim 33 wherein the personal computer is a Trusted Computing Platform Alliance (TCPA) compliant personal computer.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeLenovo PC International Limited (Lenovo Group Ltd.)
-
Original AssigneeInternational Business Machines Corporation
-
InventorsGettelfinger, Chad Lee, Springfield, Randall Scott, Goodman, Steven Dale, Challener, David Carroll, Ward, James Peter, Ovies, Hernando
-
Primary Examiner(s)Assouad, Patrick
-
Application NumberUS10/063,608Publication NumberTime in Patent Office844 DaysField of Search702/186, 713/187, 713/191, 713/193, 713/194, 713/100, 713/1US Class Current702/186CPC Class CodesG06F 21/575 Secure bootG06F 21/6218 to a system of files or obj...
