Server active management technology (AMT) assisted secure boot

US 8,984,265 B2
Filed: 03/30/2007
Issued: 03/17/2015
Est. Priority Date: 03/30/2007
Status: Active Grant

First Claim

Patent Images

1. A system for secure boot on a platform, comprising:

a host processor coupled with a firmware memory store to store firmware to boot the host processor; and

a second processor on the platform, the second processor communicatively coupled to a secure area of a memory store, the secure area of the memory store being inaccessible to the firmware and other host processor applications, the second processor to retrieve and validate a signature key from the secure area to control image loading during boot the second processor has network access for an out-of-band connection, even when the host processor has not yet booted, and the second processor to validate the key when the host processor is not even booted using the out-of-band connection by accessing an active directory listing valid keys on a remote server to determine if the signature key is valid or revoked.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some embodiments, the invention involves a system and method relating to secure booting of a platform. In at least one embodiment, the present invention is intended to securely boot a platform using one or more signature keys stored in a secure location on the platform, where access to the signature is by a microcontroller on the platform and the host processor has no direct access to alter the signature key. Other embodiments are described and claimed.

Citations

12 Claims

1. A system for secure boot on a platform, comprising:
- a host processor coupled with a firmware memory store to store firmware to boot the host processor; and
  
  a second processor on the platform, the second processor communicatively coupled to a secure area of a memory store, the secure area of the memory store being inaccessible to the firmware and other host processor applications, the second processor to retrieve and validate a signature key from the secure area to control image loading during boot the second processor has network access for an out-of-band connection, even when the host processor has not yet booted, and the second processor to validate the key when the host processor is not even booted using the out-of-band connection by accessing an active directory listing valid keys on a remote server to determine if the signature key is valid or revoked.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The system as recited in claim 1, wherein the secure area of memory store resides on the firmware memory store.
  - 3. The system as recited in claim 2, wherein the firmware memory store is flash memory partitioned by a chipset on the platform, the partitioning to make the secure memory area inaccessible to the firmware.
  - 4. The system as recited in claim 1, wherein the firmware is configured to retrieve a signature key from the firmware memory store if the signature key is not available in the secure memory area.
  - 5. The system as recited in claim 1, wherein the firmware will not load or launch the software image if the signature key associated with the software image fails validation.
  - 6. The system as recited in claim 5, wherein validation failure is a result of at least one of an expired certificate, missing certificate or a revoked certificate.
  - 7. The system as recited in claim 1, wherein a signature key comprises at least one of a platform key, protected variable key, or a public key.
  - 8. The system as recited in claim 7, including a hierarchy of signature keys where a higher level key protects a lower level key.
  - 9. The system as recited in claim 8, wherein the platform key is a higher level than a protected variable key which is a higher level than a public key, wherein a public key is associated with each software image to be loaded during boot.
  - 10. The system as recited in claim 1, wherein a certificate validation or online certificate revocation list is retrieved from at least one of a local area network, remote network, location on the public Internet, a location on an intranet, or a machine accessible bulletin board.
  - 11. The system as recited in claim 1, wherein the second processor comprises one of an active management technology microcontroller, a manageability engine controller, or a baseboard management controller.
  - 12. The system of claim 1, wherein the second processor has out-of-band communication capabilities and is configured to validate the signature key and to access at least one of a certificate validation or online certificate revocation list from a remote location via out-of-band communication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Vaid, Kushagra, Zimmer, Vincent J., Shekhar, Mrigank
Primary Examiner(s)
Khoshnoodi, Nadia

Application Number

US11/731,526
Publication Number

US 20080244257A1
Time in Patent Office

2,909 Days
Field of Search

None
US Class Current

713/2
CPC Class Codes

G06F 21/575 Secure boot

H04L 9/0827 involving distinctive inter...

Server active management technology (AMT) assisted secure boot

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Server active management technology (AMT) assisted secure boot

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links