System and method for programming an isolated computing environment
First Claim
1. An isolated computing environment module configured for use in a computer and for maintaining security of data hosted by the isolated computing environment module, the isolated computing environment module comprising:
- an initial manufactured security state of the data hosted by the isolated computing environment module, wherein the data is stored in volatile memory;
a core service module configured to control access to the data hosted by the computer;
an interface module configured to receive a message and provide information provided by the message to the core service module, the message comprising at least one of an update code or configuration information;
a cryptographic service module, coupled to the core service module, and configured to access a first key and to verify a digital signature of the message using the first key before allowing access to the data; and
an update service module configured to update the core service module responsive to the information provided by the message after verification of the digital signature of the message using the first key, and configured to use a second key configured for use in a production of a programmed security state of the data and a later verification by the cryptographic service module, wherein the programmed security state of the data includes kernel data other than the data of the initial manufactured security state.
5 Assignments
0 Petitions
Accused Products
Abstract
A computer is provided with an isolated computing environment. The isolated computing environment is adapted to allow initial programming for use in manufacturing, distribution and sales. The isolated computing environment further allows an authenticated source or authenticated code to update the isolated computing environment with code and configuration data for use in the end-user environment. To encourage final updating, the computer may be placed in a limited-function mode until authorized code is installed and operational. A method and apparatus are disclosed for the sanctioning and secure update of the isolated computing environment.
-
Citations
20 Claims
-
1. An isolated computing environment module configured for use in a computer and for maintaining security of data hosted by the isolated computing environment module, the isolated computing environment module comprising:
-
an initial manufactured security state of the data hosted by the isolated computing environment module, wherein the data is stored in volatile memory; a core service module configured to control access to the data hosted by the computer; an interface module configured to receive a message and provide information provided by the message to the core service module, the message comprising at least one of an update code or configuration information; a cryptographic service module, coupled to the core service module, and configured to access a first key and to verify a digital signature of the message using the first key before allowing access to the data; and an update service module configured to update the core service module responsive to the information provided by the message after verification of the digital signature of the message using the first key, and configured to use a second key configured for use in a production of a programmed security state of the data and a later verification by the cryptographic service module, wherein the programmed security state of the data includes kernel data other than the data of the initial manufactured security state. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer adapted to operate using an isolated computing environment module, the computer comprising:
-
a processor; a memory coupled to the processor for storing processor-executable instructions; and an isolated computing environment module configured to respond to signals sent via an application program interface module, the isolated computing environment module comprising; a cryptographic module configured to produce a verification of a first key, and to verify a digital signature of the signal using the first key before allowing access to the data hosted by the isolated computing environment module; a processing module, coupled to the cryptographic module, and configured to control access to the data; a secured memory configured to store the data including a first data instantiated during a manufacturing phase of production of the isolated computing environment module; and an update module configured to use a second key, after the second key has passed a second verification by the cryptographic module, to update the data of the secured memory with a second data including, kernel data instantiated during a second phase of the production of the isolated computing environment module, which is other than the manufacturing phase. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method of providing security for data maintained by an isolated computing environment module in a computer, the method comprising:
-
programming provisional data into the isolated computing environment module during a manufacturing phase; controlling access to the data via a cryptographic service module; receiving a message including a first key configured for use by the cryptographic service module; verifying the first key and a digital signature by the cryptographic service module to produce a verification result indicating a grant of access to the data; providing a second key; using the second key to access the data of the provisional data; reprogramming the data of the provisional data with kernel data during a phase of production of the isolated computing environment module which is not the manufacturing phase. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification