Protection of the configuration of modules in computing apparatus
First Claim
Patent Images
1. A method of protecting from modification computer apparatus comprising a plurality of functional modules, wherein the computer apparatus contains or is in communication with a trusted device adapted to respond to a user in a trusted manner, the method comprising:
- storing a module configuration of the computer apparatus providing an identification of each functional module in the computer apparatus, wherein the module configuration is stored on a smart card;
the trusted device performing a cryptographic identification process for modules with a cryptographic identity to identify said modules and thereby determine an actual module configuration;
the trusted device comparing the actual module configuration against the stored module configuration, wherein the trusted device is adapted to communicate securely with the stored module configuration; and
the trusted device inhibiting function of the computer apparatus while the actual module configuration does not satisfactorily match the stored module configuration.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of protecting from modification computer apparatus comprising a plurality of functional modules by monitoring the configuration of functional modules within the computer apparatus. The method comprises: storing a module configuration of the computer apparatus; and checking the actual module configuration against the stored module configuration, and inhibiting function of the computer apparatus if the actual module configuration does not satisfactorily match the stored module configuration. Advantageously, the module configuration is stored on a security token, such as a smart card.
74 Citations
16 Claims
-
1. A method of protecting from modification computer apparatus comprising a plurality of functional modules, wherein the computer apparatus contains or is in communication with a trusted device adapted to respond to a user in a trusted manner, the method comprising:
-
storing a module configuration of the computer apparatus providing an identification of each functional module in the computer apparatus, wherein the module configuration is stored on a smart card; the trusted device performing a cryptographic identification process for modules with a cryptographic identity to identify said modules and thereby determine an actual module configuration; the trusted device comparing the actual module configuration against the stored module configuration, wherein the trusted device is adapted to communicate securely with the stored module configuration; and the trusted device inhibiting function of the computer apparatus while the actual module configuration does not satisfactorily match the stored module configuration. - View Dependent Claims (2, 3, 4, 5, 6)
-
- 7. Computer apparatus adapted for protection against modification, the computer apparatus comprising a plurality of functional modules, one of said modules being a trusted device adapted to respond to a user in a trusted manner, the computer apparatus having a module configuration providing an identification of each functional module in the computer apparatus, wherein the trusted device is adapted to compare a module configuration of the computer apparatus against a stored module configuration by performing a cryptographic identification process for modules with a cryptographic identity to determine an actual module configuration and to compare the actual module configuration against the stored module configuration, wherein function of the computer apparatus is inhibited while the actual module configuration does not satisfactorily match the stored module configuration, wherein the stored module configuration is stored on a smart card.
-
10. A method of protecting from modification computer apparatus comprising a plurality of functional modules by monitoring the configuration of functional modules within the computer apparatus, the method comprising:
-
storing a module configuration of the computer apparatus on a smart card, the module configuration being an identification of each functional module in the computer apparatus as validly formed, on a security token removably attachable to the computer apparatus; and checking an actual module configuration against the stored module configuration, wherein the computer apparatus contains or is in communication with a trusted device adapted to respond to a user in a trusted manner and the trusted device inhibits function of the computer apparatus if the actual module configuration does not satisfactorily match the stored module configuration; wherein the trusted device is adapted to communicate securely with the smart card. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeHewlett-Packard Development Company, L.P. (HP Inc.)
-
Original AssigneeHewlett-Packard Development Company, L.P. (HP Inc.)
-
InventorsChen, Liqun, Chan, David
-
Primary Examiner(s)NGUYEN, MINH DIEU T
-
Application NumberUS09/913,454Time in Patent Office3,150 DaysField of Search713 1- 2, 713/100, 713/200, 713/155, 713/187, 380/155, 726/26US Class Current713/187CPC Class CodesG06F 11/2289 by configuration testG06F 21/34 involving the use of extern...G06F 21/554 involving event detection a...G06F 21/57 Certifying or maintaining t...G06F 21/606 by securing the transmissio...G06F 21/645 using a third partyG06F 2207/7219 Countermeasures against sid...G06F 2211/008 Public Key, Asymmetric Key,...G06F 2211/009 TrustG06F 2221/2101 Auditing as a secondary aspectG06F 2221/2103 Challenge-responseG06F 2221/2153 Using hardware token as a s...
