System and method to secure boot both UEFI and legacy option ROM's with common policy engine
First Claim
Patent Images
1. A system for securely booting a platform, comprising:
- a processor coupled to a memory store and communicatively coupled to a trusted platform module component, the trusted platform module to measure each of a plurality of images to be loaded during boot of the platform and to calculate and provide hash values for each of the images to a policy engine executing on the processor, wherein at least one of the plurality of images to be loaded during boot of the platform conforms to a unified extensible firmware interface image format and wherein at least another of the plurality of images to be loaded during boot of the platform conforms to a legacy image format;
the policy engine communicatively coupled to a certificate database stored in the memory store, wherein the policy engine is configured to authenticate each of the plurality of images to be loaded during boot of the platform based, at least in part, on the hash values, and when an image is not authenticated, the policy engine to prohibit the unauthenticated image from being loaded and launched during boot.
1 Assignment
0 Petitions
Accused Products
Abstract
In some embodiments, the invention involves using a policy engine during boot, in the driver execution environment (DXE) phases to authenticate that drivers and executable images to be loaded are authenticated. Images to be authenticated include the operating system (OS) loader. The policy engine utilizes a certificate database to hold valid certificates for third party images, according to platform policy. Images that are not authenticated are not loaded at boot time. Other embodiments are described and claimed.
-
Citations
24 Claims
-
1. A system for securely booting a platform, comprising:
-
a processor coupled to a memory store and communicatively coupled to a trusted platform module component, the trusted platform module to measure each of a plurality of images to be loaded during boot of the platform and to calculate and provide hash values for each of the images to a policy engine executing on the processor, wherein at least one of the plurality of images to be loaded during boot of the platform conforms to a unified extensible firmware interface image format and wherein at least another of the plurality of images to be loaded during boot of the platform conforms to a legacy image format; the policy engine communicatively coupled to a certificate database stored in the memory store, wherein the policy engine is configured to authenticate each of the plurality of images to be loaded during boot of the platform based, at least in part, on the hash values, and when an image is not authenticated, the policy engine to prohibit the unauthenticated image from being loaded and launched during boot. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for securely booting a platform, comprising:
-
retrieving a plurality of boot images to be loaded during boot the platform, wherein at least one of the plurality of boot images to be loaded during boot of the platform conforms to a unified extensible firmware interface image format and wherein at least another of the plurality of boot images to be loaded during boot of the platform conforms to a legacy image format; calculating, by a trust platform module, at least one a hash value for the boot image to be loaded on the platform; comparing, by a policy engine, the hash value associated with the boot image with a certificate in a certificate database stored in memory coupled to the platform; when the comparison results in a valid match, allowing the boot image to be loaded on the platform during boot; and when the comparison results in a failed match, then disallowing the image to be loaded on the platform, during boot, and recording, by a trusted platform manager, said failure and platform status information associated with said failure. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer readable storage medium having instructions for securely booting a platform stored therein, the instructions when executed on a platform cause the platform to:
-
retrieve a plurality of boot images to be loaded during boot the platform, wherein at least one of the plurality of boot images to be loaded during boot of the platform conforms to a unified extensible firmware interface image format and wherein at least another of the plurality of boot images to be loaded during boot of the platform conforms to a legacy image format; calculating, by a trust platform module, at least one a hash value for the boot image to be loaded on the platform; comparing, by a policy engine, the hash value associated with the boot image with a certificate in a certificate database stored in memory coupled to the platform; when the comparison results in a valid match, allow the boot image to be loaded on the platform during boot; and when the comparison results in a failed match, then disallow the image to be loaded on the platform, during boot, and recording, by a trusted platform manager, said failure and platform status information associated with said failure. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
Specification