INFORMATION PROCESSING APPARATUS, AND METHOD AND COMPUTER PROGRAM PRODUCT FOR VERIFICATION
First Claim
1. An information processing apparatus comprising:
- a main memory unit that retains contents stored therein only while the main memory unit is receiving electric power supply;
an auxiliary storage unit that retains contents stored therein even after the electric power supply is lost;
a control unit that performs hibernation ofgenerating operating-state data that indicates an operating state of the information processing apparatus at a time when the electric power supply is lost,storing the operating-state data in the auxiliary storage unit, and,when electric power supply is restored, reading the operating-state data from the auxiliary storage unit to restore the information processing apparatus to the operating state; and
a security chip thatincludes a configuration register,encrypts data by using a value written into the configuration register, andstores the data in the auxiliary storage unit, whereinthe control unit includes;
a first registration unit that performs, when the control unit generates the operating-state data, calculation based on the operating-state data to obtain a calculated value and writes the value to the configuration register;
a second registration unit that performs, when the control unit reads the operating-state data from the auxiliary storage unit at the hibernation, calculation based on the operating-state data to obtain a calculated value and writes the value to the configuration register; and
a verification unit that performs verification at boot-up from the hibernation by determining whether to permit decryption of the data encrypted by the security chip based on the value written into the configuration register by the second registration unit.
1 Assignment
0 Petitions
Accused Products
Abstract
An information processing apparatus includes a main memory unit storing while on-power; an auxiliary storage unit functionable even off-power; a control unit performing hibernation of generating operating-state data indicating a state when the power is lost, storing the data in the auxiliary storage unit, and, when restored, reading the data from the auxiliary storage unit; and a security chip that including a configuration register, encrypts data, and storing the data in the auxiliary storage unit. The control unit includes: a first registration unit performing, when the data is generated, calculation based thereon to obtain a calculated value; a second registration unit performing, when the data is read from the auxiliary storage unit at the hibernation, calculation based on the data to obtain a calculated value to write it into the configuration register; and a verification unit performing verification at boot-up from the hibernation based on the value written.
-
Citations
6 Claims
-
1. An information processing apparatus comprising:
-
a main memory unit that retains contents stored therein only while the main memory unit is receiving electric power supply; an auxiliary storage unit that retains contents stored therein even after the electric power supply is lost; a control unit that performs hibernation of generating operating-state data that indicates an operating state of the information processing apparatus at a time when the electric power supply is lost, storing the operating-state data in the auxiliary storage unit, and, when electric power supply is restored, reading the operating-state data from the auxiliary storage unit to restore the information processing apparatus to the operating state; and a security chip that includes a configuration register, encrypts data by using a value written into the configuration register, and stores the data in the auxiliary storage unit, wherein the control unit includes; a first registration unit that performs, when the control unit generates the operating-state data, calculation based on the operating-state data to obtain a calculated value and writes the value to the configuration register; a second registration unit that performs, when the control unit reads the operating-state data from the auxiliary storage unit at the hibernation, calculation based on the operating-state data to obtain a calculated value and writes the value to the configuration register; and a verification unit that performs verification at boot-up from the hibernation by determining whether to permit decryption of the data encrypted by the security chip based on the value written into the configuration register by the second registration unit. - View Dependent Claims (2, 3, 4)
-
-
5. A verification method that is performed in an information processing apparatus that includes
a main memory unit that retains contents stored therein only while the main memory unit is receiving electric power supply; -
an auxiliary storage unit that retains contents stored therein even after the electric power supply is lost; a control unit that performs hibernation of generating operating-state data that indicates an operating state of the information processing apparatus at a time when the electric power supply is lost, storing the operating-state data in the auxiliary storage unit, and when electric power supply is restored, reading the operating-state data from the auxiliary storage unit to restore the information processing apparatus into the operating state; and a security chip that includes a configuration register, encrypts data by using a value written into the configuration register, and stores the data in the auxiliary storage unit, the verification method comprising; first registering, when the control unit generates the operating-state data, a calculated value based on the operating-state data to write the calculated value into the configuration register; second registering, when the control unit reads the operating-state data from the auxiliary storage unit at the hibernation, a calculated value based on the operating-state data to write the calculated value into the configuration register; and verifying, which is performed by the control unit, a boot-up from the hibernation by determining whether to permit decryption of the data encrypted by the security chip based on the value written into the configuration register at the second registering.
-
-
6. A computer program product comprising a computer-usable medium having computer-readable program codes embodied in the medium for processing information in an information processing apparatus that includes
a main memory unit that retains contents stored therein only while the main memory unit is receiving electric power supply; -
an auxiliary storage unit that retains contents stored therein even after the electric power supply is lost; a control unit that performs hibernation of generating operating-state data that indicates an operating state of the information processing apparatus at a time when the electric power supply is lost, storing the operating-state data in the auxiliary storage unit, and when electric power supply is restored, reading the operating-state data from the auxiliary storage unit to restore the information processing apparatus into the operating state; and a security chip that includes a configuration register, encrypts data by using a value written into the configuration register, and stores the data in the auxiliary storage unit, the program codes when executed causing a computer to execute; first registering, when the control unit generates the operating-state data, a calculated value based on the operating-state data to write the calculated value into the configuration register; second registering, when the control unit reads the operating-state data from the auxiliary storage unit at the hibernation, a calculated value based on the operating-state data to write the calculated value into the configuration register; and verifying, which is performed by the control unit, a boot-up from the hibernation by determining whether to permit decryption of the data encrypted by the security chip based on the value written into the configuration register at the second registering.
-
Specification