Cryptographically signed filesystem
First Claim
1. A process, comprising steps of:
- calculating one or more hash values for each database object of a plurality of database objects in a central database resident on a server;
creating a digital signature based on both of;
the plurality of database objects and the hash values corresponding to the plurality of database objects;
storing the plurality of database objects, the hash values corresponding to the plurality of database objects, and the digital signature of both the plurality of database objects and the corresponding hash values in a bootstrap code database object;
assembling, using at least a hardware processor, a hash table file for a root filesystem database object on the server and incorporating the hash table file into the bootstrap code database object, wherein each filename and hash value for each file in the root filesystem database object is entered in the hash table file; and
transmitting the bootstrap code database object to a client device.
6 Assignments
0 Petitions
Accused Products
Abstract
A cryptographically signed filesystem provides a central database resident on a server that contains database objects. The server creates startup software to be installed in a client system'"'"'s read only memory. The startup software contains a hash value for a second stage loader. The server also creates software for a bootstrap loader object which typically contains the operating system for a client system and also the bootstrap loader'"'"'s hash value and a digital signature that is unique to the server. The startup software and objects created by the server are initially installed on a client device at the time of manufacture. The server can update a client'"'"'s bootstrap loader and root filesystem at any time through the transmission of slices.
-
Citations
21 Claims
-
1. A process, comprising steps of:
-
calculating one or more hash values for each database object of a plurality of database objects in a central database resident on a server; creating a digital signature based on both of;
the plurality of database objects and the hash values corresponding to the plurality of database objects;storing the plurality of database objects, the hash values corresponding to the plurality of database objects, and the digital signature of both the plurality of database objects and the corresponding hash values in a bootstrap code database object; assembling, using at least a hardware processor, a hash table file for a root filesystem database object on the server and incorporating the hash table file into the bootstrap code database object, wherein each filename and hash value for each file in the root filesystem database object is entered in the hash table file; and transmitting the bootstrap code database object to a client device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus, comprising:
-
a hardware server; a central database resident on the hardware server, wherein the database contains a plurality of database objects; one or more hardware processors; the one or more hardware processors configured for; calculating one or more hash values for each database object in the plurality of database objects; creating a digital signature based on both of the plurality of database objects and the hash values corresponding to the plurality of database objects; storing the plurality of database objects, the hash values corresponding to the plurality of database objects, and the digital signature of both the plurality of database objects and the corresponding hash values in a bootstrap code database object; assembling a hash table file for a root filesystem database object on the hardware server and incorporating the hash table file into the bootstrap code database object, wherein each filename and hash value for each file in the root filesystem database object is entered in the hash table file; and transmitting the bootstrap code database object to a client device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage medium, storing a program of instructions, which when executed by one or more processors, perform steps comprising:
-
calculating one or more hash values for each database object of a plurality of database objects in a central database resident on a server; creating a digital signature based on both of;
the plurality of database objects and the hash values corresponding to the plurality of database objects;storing the plurality of database objects, the hash values corresponding to the plurality of database objects, and the digital signature of both the plurality of database objects and the corresponding hash values in a bootstrap code database object; assembling a hash table file for a root filesystem database object on the server and incorporating the hash table file into the bootstrap code database object, wherein each filename and hash value for each file in the root filesystem database object is entered in the hash table file; and transmitting the bootstrap code database object to a client device. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification