Protection of the configuration of modules in computing apparatus
First Claim
1. A method of protecting from modification computer apparatus comprising a plurality of functional modules, wherein the computer apparatus contains or is in communication with a trusted device adapted to respond to a user in a trusted manner, the method comprising:
- storing a module configuration of the computer apparatus providing an identification of each functional module in the computer apparatus, wherein the module configuration is stored on a smart card;
the trusted device performing a cryptographic identification process for modules with a cryptographic identity to identify said modules and thereby determine an actual module configuration;
the trusted device comparing the actual module configuration against the stored module configuration, wherein the trusted device is adapted to communicate securely with the stored module configuration; and
the trusted device inhibiting function of the computer apparatus while the actual module configuration does not satisfactorily match the stored module configuration.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of protecting from modification computer apparatus comprising a plurality of functional modules by monitoring the configuration of functional modules within the computer apparatus. The method comprises: storing a module configuration of the computer apparatus; and checking the actual module configuration against the stored module configuration, and inhibiting function of the computer apparatus if the actual module configuration does not satisfactorily match the stored module configuration. Advantageously, the module configuration is stored on a security token, such as a smart card.
74 Citations
16 Claims
-
1. A method of protecting from modification computer apparatus comprising a plurality of functional modules, wherein the computer apparatus contains or is in communication with a trusted device adapted to respond to a user in a trusted manner, the method comprising:
-
storing a module configuration of the computer apparatus providing an identification of each functional module in the computer apparatus, wherein the module configuration is stored on a smart card; the trusted device performing a cryptographic identification process for modules with a cryptographic identity to identify said modules and thereby determine an actual module configuration; the trusted device comparing the actual module configuration against the stored module configuration, wherein the trusted device is adapted to communicate securely with the stored module configuration; and the trusted device inhibiting function of the computer apparatus while the actual module configuration does not satisfactorily match the stored module configuration. - View Dependent Claims (2, 3, 4, 5, 6)
-
- 7. Computer apparatus adapted for protection against modification, the computer apparatus comprising a plurality of functional modules, one of said modules being a trusted device adapted to respond to a user in a trusted manner, the computer apparatus having a module configuration providing an identification of each functional module in the computer apparatus, wherein the trusted device is adapted to compare a module configuration of the computer apparatus against a stored module configuration by performing a cryptographic identification process for modules with a cryptographic identity to determine an actual module configuration and to compare the actual module configuration against the stored module configuration, wherein function of the computer apparatus is inhibited while the actual module configuration does not satisfactorily match the stored module configuration, wherein the stored module configuration is stored on a smart card.
-
10. A method of protecting from modification computer apparatus comprising a plurality of functional modules by monitoring the configuration of functional modules within the computer apparatus, the method comprising:
-
storing a module configuration of the computer apparatus on a smart card, the module configuration being an identification of each functional module in the computer apparatus as validly formed, on a security token removably attachable to the computer apparatus; and checking an actual module configuration against the stored module configuration, wherein the computer apparatus contains or is in communication with a trusted device adapted to respond to a user in a trusted manner and the trusted device inhibits function of the computer apparatus if the actual module configuration does not satisfactorily match the stored module configuration; wherein the trusted device is adapted to communicate securely with the smart card. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
Specification