System and method for secure O.S. boot from password-protected HDD

US 7,624,279 B2
Filed: 06/29/2005
Issued: 11/24/2009
Est. Priority Date: 06/29/2005
Status: Active Grant

First Claim

Patent Images

1. A method for booting a computer with a secure operating system (O.S.), comprising:

in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;

in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;

if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and

booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the key signal is generated by one and only one press of a single input element on the input device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

If a user forgets the power-on password of his computer, he can depress the “enter” key or “access” key once to cause the BIOS to locate the power-on password in memory and attempt to unlock the HDD using the power-on password to boot a secure O.S. The HDD password either can be the same as the power-on password or the HDD can recognize the power-on password for the limited purpose of allowing access to the secure O.S. In any case, the secure O.S. is booted for password reset.

39 Citations

View as Search Results

21 Claims

1. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the key signal is generated by one and only one press of a single input element on the input device.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein the input element is an “
    - enter”
      
      key on a computer keyboard.
  - 3. The method of claim 1, wherein the input element is an “
    - access”
      
      key on a computer keyboard.

4. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the HDD password is different from the power-on password, and the HDD recognizes the power-on password only for the purpose of granting access to the secure O.S.

5. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the HDD password is the same as the power-on password, with access to the HDD being granted upon reception of the power-on password.

6. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein if the HDD is not at least conditionally unlocked by the power-on password, at least one of;
  
  an optical disk associated with the computer, or a network associated with the computer, is accessed to obtain a boot copy of the secure O.S.

7. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the secure O.S. is located on the HDD using at least a logical block address (LBA) in a master boot record (MBR) sector.

8. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the key signal is generated upon initial use of the computer as indication of the user agreeing to register the computer.

9. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the computer is registered to the user at a vendor facility and the power-on password is set to a random value at the vendor facility, the key signal being generated by the user to reset the power-on password to a user-defined value.

10. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the power-on password is set to a random value at a vendor facility and a supervisor password associated with the BIOS is set to a registration value at the vendor facility, an attempt to reset the power-on password by generating the key signal and booting the secure O.S. failing, the method then entering a registration mode.

11. A method for booting a computer with a secure operating system (O.S.), comprising:
- in lieu of a power-on password, receiving a key signal from an input device operatively connected to the computer;
  
  in response to the key signal and without further user interaction, executing a basic input output system (BIOS) in the computer to retrieve from a memory associated with the computer the power-on password;
  
  if a hard disk drive (HDD) associated with the computer is locked with a HDD password, sending the power-on password to the HDD to attempt to at least conditionally unlock the HDD; and
  
  booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the power-on password is set to a random value at a vendor facility and a supervisor password associated with the BIOS is cleared at the vendor facility, a registration bit being set to “
  
  register”
  
  to cause booting of the secure O.S. in a registration mode in response to an initial generation of the key signal by the user.

12. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD.
- View Dependent Claims (13)
- - 13. The computer of claim 12, wherein the input element is an “
    - enter”
      
      key on a computer keyboard or an “
      
      access”
      
      key on a computer keyboard.

14. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the HDD password is different from the power-on password, and the HDD recognizes the power-on password only for the purpose of granting access to the secure O.S.

15. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the HDD password is the same as the power-on password, with access to the HDD being granted upon reception of the power-on password.

16. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein if the HDD is not at least conditionally unlocked by the power-on password, logic is executed such that at least one of;
  
  an optical disk associated with the computer, or a network associated With the computer, is accessed to obtain a boot copy of the secure O.S.

17. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein die secure O.S. is located on the HDD using at least a logical block address (LBA) in a master boot record (MBR) sector.

18. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the key signal is generated upon initial use of the computer as indication of the user agreeing to register the computer.

19. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the computer is registered to the user at a vendor facility and the power-on password is set to a random value at the vendor facility, the key signal being generated by the user to reset the power-on password to a user-defined value.

20. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the power-on password is set to a random value at a vendor facility and a supervisor password associated with the BIOS is set to a registration value at the vendor facility, an attempt to reset the power-on password by generating the key signal and booting the secure O.S. failing, the method then entering a registration mode.

21. A computer bootable with a secure operating system (O.S.), comprising:
- a key signal generating element on an input device of the computer, the key signal generating element generating a key signal when a user manipulates the key signal generating element once and only once during a basic input output system (BIOS) boot sequence;
  
  logic implemented on a computer readable medium in the computer for, in response to the key signal and without further user interaction, retrieving from a memory associated in the computer an power-on password;
  
  logic implemented on a computer readable medium in the computer for sending the power-on password to a hard disk drive (HDD); and
  
  logic for booting a secure O.S. from the HDD if the power-on password at least conditionally unlocks the HDD, wherein the power-on password is set to a random value at a vendor facility and a supervisor password associated with the BIOS is cleared at the vendor facility, a registration bit being set to “
  
  register”
  
  to cause booting of the secure O.S. in a registration mode in response to an initial generation of the key signal by the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo PC International Limited (Lenovo Group Ltd.)
Original Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Inventors
Waltermann, Rod D., Springfield, Randall Scott, Davis, Mark Charles, Challener, David Carroll
Primary Examiner(s)
CERVETTI, DAVID GARCIA

Application Number

US11/173,738
Publication Number

US 20070005951A1
Time in Patent Office

1,609 Days
Field of Search

713/183, 726/17, 726/18, 726/19
US Class Current

713/183
CPC Class Codes

G06F 21/31   User authentication

G06F 21/80   in storage media based on m...

G06F 2221/2131   Lost password, e.g. recover...

System and method for secure O.S. boot from password-protected HDD

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

39 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure O.S. boot from password-protected HDD

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links