Ownership tag on power-up screen
First Claim
1. In a computer system containing a processor for executing instructions, a method comprising the steps ofinitializing the processor;
- reading an ownership tag to be displayed for identifying an owner or person authorized custody or allocation of the computer system;
displaying the ownership tag on a display during execution of the step of initializing the processor;
storing the ownership tag in a non-volatile memory in the computer system;
receiving a command from a user to allow access to the nonvolatile storage device;
determining whether the user has administrator authorization;
when the user does not have administrator authorization, allowing the user to access a first region of the nonvolatile storage area, the first region having a first level of security and containing user-determined information, the information in the first region being user alterable and administrator-alterable; and
when the user has administrator authorization, allowing the user to access a second region having a higher level of security containing administrator-determined information, the information in the second region being only administrator-alterable, the ownership tag being in the second region.
3 Assignments
0 Petitions
Accused Products
Abstract
An “ownership tag” in a special area of memory of a computer system identifies an owner of the computer system by displaying the ownership tag during initialization of the computer system. The ownership tag may be presented during the installation and execution of the Basic Input Output System (BIOS) preferably during Power on Self Test (POST) process. An administrator may access the ownership tag by interrupting the process by pressing the an appropriate key, which transitions the computer to an administrator set up mode. An administrator able to enter the administrator password may then alter the contents of the protected memory, changing the ownership tag. The ownership tag is preferably stored in a region of memory not accessible to a typical user, but accessible to an administrator aware of the administrator password. The ownership tag is stored in a flash memory, which is very difficult to remove from the system board, or to modify without administrator-level security access. This makes it superior to conventional storage mechanisms such as RTC RPM, hard disk, etc. since these are easily modifiable and/or easily removable.
-
Citations
3 Claims
-
1. In a computer system containing a processor for executing instructions, a method comprising the steps of
initializing the processor; -
reading an ownership tag to be displayed for identifying an owner or person authorized custody or allocation of the computer system;
displaying the ownership tag on a display during execution of the step of initializing the processor;
storing the ownership tag in a non-volatile memory in the computer system;
receiving a command from a user to allow access to the nonvolatile storage device;
determining whether the user has administrator authorization;
when the user does not have administrator authorization, allowing the user to access a first region of the nonvolatile storage area, the first region having a first level of security and containing user-determined information, the information in the first region being user alterable and administrator-alterable; and
when the user has administrator authorization, allowing the user to access a second region having a higher level of security containing administrator-determined information, the information in the second region being only administrator-alterable, the ownership tag being in the second region. - View Dependent Claims (2)
reading the ownership tag and an administrator-determined password; - and
when the user has administrator authorization, allowing the user to access the administrator-determined password.
-
-
3. In a computer system containing a processor for executing instructions, a method comprising the steps of
initializing the processor; -
reading an ownership tag to be displayed for identifying an owner or person authorized custody or allocation of the computer system;
displaying the ownership tag on a display during execution of the step of initializing the processor;
storing the ownership tag in a non-volatile memory in the computer system;
receiving a command from a user to allow access to the nonvolatile storage device;
determining whether the user has administrator authorization;
when the user does not have administrator authorization, allowing the user to access a first region of the nonvolatile storage area, the first region having a first level of security and containing user-determined information, the information in the first region being user alterable and administrator-alterable;
when the user has administrator authorization, allowing the user to access a second region having a higher level of security containing administrator-determined information, the information in the second region being only administrator-alterable, the ownership tag being in the second region;
reading the ownership tag and an administrator-determined password; and
when the user has administrator authorization, allowing the user to access the administrator-determined password;
receiving a first predetermined state-transition command from user having administrator authorization;
after receiving the first predetermined state-transition command, receiving an administrator password from the user having administrator authorization;
after receiving the administrator password from the user having administrator authorization, transitioning a highly secure region of the nonvolatile storage device, the region containing administrator-determined information including the ownership tag, from a protected state to an unprotected state;
after transitioning the highly secure region, allowing alteration of contents of the region, including allowing alteration of the password and of the ownership tag;
after allowing alteration of contents of the region, receiving a second predetermined command from the user having administrator authorization; and
after receiving the second predetermined command when the region is in the unprotected state, transitioning the region from the unprotected state to the protected state.
-
Specification