Method and system for secure booting a computer by booting a first operating system from a secure peripheral device and launching a second operating system stored a secure area in the secure peripheral device on the first operating system
First Claim
Patent Images
1. A method for booting an operating system from a secure peripheral device on a host computer, the method comprising:
- communicatively coupling the secure peripheral device with the host computer, the secure peripheral device comprising a controller and memory maintaining a first operating system, a virtual machine player instance, an unlocker module, and in a secure area a secondary operating system image;
executing said unlocker module by said controller, said host computer being able to read said secondary operating system image only after executing the unlocker module by said controller to unlock the secure area;
booting said first operating system from the memory of the secure peripheral device; and
after executing said unlocker module and unlocking said secure area, launching said secondary operating system image on the first operating system, wherein the virtual machine player instance is launched on the first operating system to run a virtual machine image on the host computer;
wherein the first operating system is no longer running after launching the secondary operating system image; and
wherein the first operating system communicates over a network to a third-party server to request permission for the secure peripheral device to unlock the secure area of the secure peripheral device memory and run the secondary operating system image.
4 Assignments
0 Petitions
Accused Products
Abstract
An operating system is booted from a secure peripheral device on a host computer. The secure peripheral device, which includes a memory, is communicatively coupled with the with the host computer. A first operating system is booted from the memory of the secure peripheral device. A secondary operating system is launched on the first operating system.
151 Citations
38 Claims
-
1. A method for booting an operating system from a secure peripheral device on a host computer, the method comprising:
-
communicatively coupling the secure peripheral device with the host computer, the secure peripheral device comprising a controller and memory maintaining a first operating system, a virtual machine player instance, an unlocker module, and in a secure area a secondary operating system image; executing said unlocker module by said controller, said host computer being able to read said secondary operating system image only after executing the unlocker module by said controller to unlock the secure area; booting said first operating system from the memory of the secure peripheral device; and after executing said unlocker module and unlocking said secure area, launching said secondary operating system image on the first operating system, wherein the virtual machine player instance is launched on the first operating system to run a virtual machine image on the host computer; wherein the first operating system is no longer running after launching the secondary operating system image; and wherein the first operating system communicates over a network to a third-party server to request permission for the secure peripheral device to unlock the secure area of the secure peripheral device memory and run the secondary operating system image. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for booting an operating system from a secure peripheral device on a host computer, the method comprising:
-
communicatively coupling the secure peripheral device with the host computer, the secure peripheral device comprising a controller and memory maintaining a first operating system, a virtual machine player instance, an unlocker module, and in a secure area a secondary operating system image; executing said unlocker module by said controller, said host computer being able to read said secondary operating system image only after executing the unlocker module by said controller to unlock the secure area; booting said first operating system from the memory of the secure peripheral device; and after executing said unlocker module and unlocking said secure area, launching said secondary operating system image on the first operating system, wherein the virtual machine player instance is launched on the first operating system to run a virtual machine image on the host computer; wherein the first operating system is no longer running after launching the secondary operating system image; wherein booting the first operating system from the memory of the secure peripheral device comprises booting the first operating system from an area of the memory of the secure peripheral device, the area of memory emulating a CD-ROM; and wherein a CD-ROM image presented by the secure peripheral device is encrypted, except for a master boot record and a pre-boot operating system which requests a password from the user, and if the password is correct, then decrypts the first operating system and continues a boot process for said booting of said first operating system. - View Dependent Claims (19, 20)
-
-
21. A system for booting an operating system from a secure peripheral device on a host computer, the system comprising:
-
a secure peripheral device comprising a controller and memory maintaining a first operating system executable by the processor to launch a computer program, a virtual machine player instance, an unlocker module executable by the controller, and in a secure area a secondary operating system image; and a host computer configured to run the first operating system by booting said first operating system from the memory of the secure peripheral device, the host computer communicatively coupled with the secure peripheral device, said host computer being able to read said secondary operating system image only after executing said unlocker module by said controller to unlock the secure area; and the secondary operating system image executable by the host computer by launching said secondary operating system image on the first operating system after executing said unlocker module and unlocking said secure area, wherein the virtual machine player instance is launched on the first operating system to run a virtual machine image on the host computer; wherein the first operating system is no longer running after launching the secondary operating system image; and wherein the first operating system communicates over a network to a third-party server to request permission for the secure peripheral device to unlock the secure area of the secure peripheral device memory and run the secondary operating system image. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A non-transitory computer readable storage medium having program code embodied thereon, the program code executable by a processor to perform a method for booting an operating system from a secure peripheral device on a host computer, the method comprising:
-
communicatively coupling the secure peripheral device with the host computer, the secure peripheral device comprising a controller and memory maintaining a first operating system, a virtual machine player instance, and an unlocker module, and in a secure area a secondary operating system image; executing said unlocker module by said controller, said host computer being able to read said secondary operating system image only after executing the unlocker module by said controller to unlock the secure area; booting said first operating system from the memory of the secure peripheral device; after executing said unlocker module and unlocking said secure area, launching said secondary operating system image on the first operating system, wherein said virtual machine player instance is launched on the first operating system to run a virtual machine image on the host computer; and running, via said virtual machine player instance the virtual machine image on the host computer, said virtual machine image comprising the secondary operating system image; wherein the first operating system is no longer running after launching the secondary operating system image; and wherein the first operating system communicates over a network to a third-party server to request permission for the secure peripheral device to unlock the secure area of the secure peripheral device memory and run the secondary operating system image. - View Dependent Claims (36, 37, 38)
-
Specification