System and method for image authentication of a resource-sparing operating system
First Claim
1. A method of file system protection for a resource-sparing operating system image, comprising:
- loading, with a client computing device, a first image of the resource-sparing operating system (OS) that includes processor instructions into random access memory (RAM), the first image including an embedded second image of a catalog file comprising client device attributes;
creating, with the client computing device, a first hash of the first image;
extracting with the client computing device a second hash from the second image of the catalog file;
comparing with the client computing device the first hash and the second hash; and
validating with the client computing device the use of the first image to boot the computing device if the first hash and the second hash match.
3 Assignments
0 Petitions
Accused Products
Abstract
A file system protection mechanism for an operating system image for a portable computing device is provided to assist in ensuring a good user experience. A signed catalog file is embedded in a resource-sparing operating system (OS), such as a Windows CE image, for security enhancement and load verification purposes. The invention performs various checks on the image and the signature of the image to ensure that image has not been maliciously modified and that it complies with a release standard. Such a mechanism is important to protect image loads from external threats made possible by, e.g. recent incorporation of broadband wireless and wireline connectivity for portable computing devices. The signing technique includes creating a signed catalog of the image and embedding that catalog into the image as it is loaded onto the portable computing device.
28 Citations
20 Claims
-
1. A method of file system protection for a resource-sparing operating system image, comprising:
-
loading, with a client computing device, a first image of the resource-sparing operating system (OS) that includes processor instructions into random access memory (RAM), the first image including an embedded second image of a catalog file comprising client device attributes; creating, with the client computing device, a first hash of the first image; extracting with the client computing device a second hash from the second image of the catalog file; comparing with the client computing device the first hash and the second hash; and validating with the client computing device the use of the first image to boot the computing device if the first hash and the second hash match. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A portable computing device, comprising:
-
flash memory, the flash memory including a protected area and an unprotected area; a bootloader stored in the protected area of flash memory, the bootloader containing a cryptographic module; an operating system (OS) image installed in the unprotected area of flash memory; random access memory (RAM); and wherein the cryptographic module of the bootloader is operative to examine an update image to the OS image to determine if the update image should be programmed into the unprotected area of flash memory to boot the computing device, wherein a signed catalog image is an image of a signed catalog file and is embedded in the update image, wherein the signed catalog file is derived by signing a catalog file, and wherein the cryptographic module is operative to program the update image into the unprotected area of flash memory boot the computing device based on a determined relationship between information extracted from the embedded signed catalog file and one of information about the components of the computing device and information determined from the update image. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification