Methods and systems for secure remote wake, boot, and login to a computer from a mobile device
First Claim
1. A method, comprising:
- receiving, at a computer, a wake-up message from a remote mobile device via a short message service (SMS);
authenticating, at the computer, the wake-up message so as to authenticate a source of the wake-up message;
providing, at the computer, a BIOS boot policy that specifies different security protocols, including different types of authentication and encryption, for handling access attempts from different sources;
querying the BIOS boot policy for an appropriate security policy among the different security protocols for handling the remote mobile device, based on the authenticated source of the wake-up message;
receiving, from the BIOS boot policy the appropriate security policy, including the types of authentication and decryption, to be applied to the source of the wake-up message;
requesting, via the SMS, a BIOS boot password from the remote mobile device;
decrypting and authenticating the BIOS boot password that is received, via the SMS, from the remote mobile device, wherein the BIOS executes when the authentication of the received BIOS boot password succeeds;
requesting, via the SMS, a login password from the remote mobile device; and
decrypting the login password that is received, via the SMS, from the remote mobile device.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems to allow an authorized user to remotely awaken, boot, and login to a computer in a secure manner. The user and computer may communicate using a short message service. (SMS). The user may communicate with the computer using a mobile device, such as a smart phone. The user may initially provide a wake-up message to the computer, which may then respond by asking for one or more boot passwords. In an embodiment, these boot passwords may be basic input/output system (BIOS) passwords that are required for the loading and operations of the computer'"'"'s BIOS. The user may then provide these one or more passwords to the computer. The computer may further request an operating system (OS) login password. The user may then provide this password to the computer. In an embodiment, all passwords may be provided to the computer in encrypted form. Moreover, authentication measures may be used to provide assurance that the user is legitimate.
-
Citations
24 Claims
-
1. A method, comprising:
-
receiving, at a computer, a wake-up message from a remote mobile device via a short message service (SMS); authenticating, at the computer, the wake-up message so as to authenticate a source of the wake-up message; providing, at the computer, a BIOS boot policy that specifies different security protocols, including different types of authentication and encryption, for handling access attempts from different sources; querying the BIOS boot policy for an appropriate security policy among the different security protocols for handling the remote mobile device, based on the authenticated source of the wake-up message; receiving, from the BIOS boot policy the appropriate security policy, including the types of authentication and decryption, to be applied to the source of the wake-up message; requesting, via the SMS, a BIOS boot password from the remote mobile device; decrypting and authenticating the BIOS boot password that is received, via the SMS, from the remote mobile device, wherein the BIOS executes when the authentication of the received BIOS boot password succeeds; requesting, via the SMS, a login password from the remote mobile device; and decrypting the login password that is received, via the SMS, from the remote mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
a. a management engine (ME) incorporated in a computer, said ME comprising; a memory that stores a remote BIOS boot policy that specifies different security protocols, including different types of authentication and encryption, for handling access attempts from different sources; and a remote client authentication module configured to receive a wake-up message from a remote mobile device via a short message service (SMS) and to authenticate the wake-up message, so as to authenticate a source thereof; wherein the ME is configured to request one or more encrypted BIOS boot passwords from the remote mobile device based on the source of the authenticated wake-up message, to receive said one or more boot passwords, to decrypt and authenticate said one or more boot passwords, and to permit booting of an operating system (OS) when authentication of the one or more boot passwords succeeds, and wherein the ME is further configured to request an encrypted login password from the remote mobile device, to receive and decrypt said login password, and to allow access to the OS by a user associated with the remote mobile device; and b. a basic input/output system (BIOS) configured to determine the source of the authenticated wake-up message and to query the remote BIOS boot policy for an appropriate security policy among the different security protocols for handling the remote mobile device, based on the authenticated source of the wake-up message, and receive from the BIOS boot policy the appropriate security policy, including the types of authentication and decryption, to be applied to the source of the wake-up message. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable medium encoded with a computer program, including instructions to cause a processor to:
-
receive, at a computer, a wake-up message from a remote mobile device via a short message service (SMS), the computer having stored therein a BIOS boot policy that specifies different security protocols, including different types of authentication and encryption, for handling access attempts from different sources; authenticate, at the computer, the wake-up message so as to authenticate a source of the wake-up message; query the BIOS boot policy for an appropriate security policy among the different security protocols for handling the remote mobile device, based on the authenticated source of the wake-up message; receive, from the BIOS boot policy the appropriate security policy, including the types of authentication and decryption, to be applied to the source of the wake-up message; request, via the SMS, a BIOS boot password from the remote mobile device; decrypt and authenticate the BIOS boot password that is received, via the SMS, from the remote mobile device, wherein the BIOS executes only when the authentication of the received BIOS boot password succeeds; request, via the SMS, a login password from the remote mobile device; and decrypt the login password that is received, via the SMS, from the remote mobile device. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification