×

Systems and methods for controlling access to data on a computer with a secure boot process

  • US 7,565,553 B2
  • Filed: 01/14/2005
  • Issued: 07/21/2009
  • Est. Priority Date: 01/14/2005
  • Status: Active Grant
First Claim
Patent Images

1. A computer comprising a mechanism for disabling access to at least one secret for booting an operating system that provides access to encrypted data stored on a computer readable medium, comprising:

  • means for securely booting the computer, comprising;

    a Hardware Security Module (HSM);

    a component that performs a trusted measurement of at least one boot component and submits a trusted measurement value to the HSM;

    wherein said HSM compares said trusted measurement value to an HSM sealed value to authenticate said at least one boot component, and wherein said HSM unseals at least one secret when said at least one boot component is authentic;

    means for decrypting a subsequent boot component using said at least one secret;

    means for disabling said at least one secret comprising means for resetting said HSM sealed value to disable said at least one secret.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×