CN1231787A - 安全bios - Google Patents
安全bios Download PDFInfo
- Publication number
- CN1231787A CN1231787A CN97198335A CN97198335A CN1231787A CN 1231787 A CN1231787 A CN 1231787A CN 97198335 A CN97198335 A CN 97198335A CN 97198335 A CN97198335 A CN 97198335A CN 1231787 A CN1231787 A CN 1231787A
- Authority
- CN
- China
- Prior art keywords
- code
- executable code
- memory element
- bios
- system described
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
- G06F2211/008—Public Key, Asymmetric Key, Asymmetric Encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/1097—Boot, Start, Initialise, Power
Abstract
一种子系统,防止对嵌于可修改的非易失性存储器器件如闪速存储器中的BIOS程序代码进行非授权的修改。包含存储器装置(42)的加密协处理器(34)根据公共的/私人的密钥协议对BIOS升级执行授权和生效。通过验证嵌于BIOS升降中的数字签名来执行授权。
Description
发明背景
1.发明领域
本发明涉及计算机固件安全领域,尤其在普通计算系统,如个人计算机(“PCs”)的一般计算系统中的基本输入和输出系统(“BIOS”)领域。
2.相关技术说明
计算机系统中最关键的元件之一是自举(boot-up)固件,如基本输入和输出系统(“BIOS”)。特别地存储于某种形式的非易失性存储器中的BIOS是机器代码,通常为一种操作系统(“OS”)的一部分,它允许中央处理单元(“CPU”)执行这些任务,如初始化,诊断,从海量存储器加载操作系统内核,及常规的输入/输出(“I/O”)功能。
一旦通电,CPU将通过获取驻存在BIOS中的指令代码而“自举”。由于其内部特性,BIOS有二个互相冲突的要求:(1)它应被很好地保护,这是因为如果它被修改或被破坏,整个系统将无法工作,(2)它应很容易地修改,从而允许现场升级,以进行性能提高或清除软件故障。
一般来说,BIOS应用于可擦除可编程只读存储器(“EPROM”)。EPROM有一个优点:不能在电路中进行修改。要修改EPROM的内容,该器件必须先从插座中拔出并暴露于紫外线中一个较长的时间进行擦除。在该方面,应用于EPROM的BIOS可以抵抗病毒侵扰和其他的电子破坏。然而,EPROM器件不支持“现场升级”,这是因为这些器件不能在电路中进行编程,在电路中编程是现场升级的必要的特性。现场升级允许用户对现场的BIOS升级,以避免价值昂贵的延时和部件更换。由于现场升级的重要性,现在实际上所有的BIOS固件是使用闪速存储器来完成的。然而,由于可进行现场修改,BIOS闪速存储器易受病毒侵扰,该侵扰可能在敏感的应用程序如财政事务处理中引起毁坏的结果。
在没有安全保护的情况下,应用于BIOS闪速存储器的传统的计算机结构容易受多种侵入的侵扰,如病毒侵扰。在一种典型的病毒侵扰中,该病毒代码执行一个代码序列来修改该BIOS闪速存储器。在BIOS闪速存储器中的代码,没有保护,当该系统下一次自举时,或当某种情况或事件发生时,就被毁坏,其破坏的结果可能立即变成有效。该被感染的代码可能还传播到该BIOS代码或该操作系统内核的其他区域。因为当计算机系统通电时,该BIOS是该第一程序代码,先于任何系统或网络病毒扫描软件执行,基于BIOS的病毒的检查和根除是非常困难的。该基于BIOS的病毒可以“隐藏在磁道中”而逃避扫描软件,从而有效地隐藏。
因此,本发明的主要目的,是防止计算机病毒。对BIOS的破坏,这是通过在该BIOS闪速存储器的内容被修改以前强加一个授权和确认过程来实现的。
应用在本发明中的方法是建立在BIOS授权这个概念之上,即利用授权特性如加密协处理器将BIOS闪速存储器结合到现存的硬件之中。由于加密协处理器既存储该BIOS又执行BIOS更新的授权,侵扰者就没有办法破坏该BIOS内容。
发明概述
本发明描述了一种安全更新可执行代码的系统。该系统包含一种存储代码更新的第一存储器元件,一种存储需要更新的可执行代码的第二存储器元件,一种识别第一存储器元件和代码更新的识别代码,及一种安全处理器。该安全处理器耦合到第二存储器元件,利用器件识别来授权和确认第一存储器元件和代码更新。
附图的简要说明
通过下面的详细描述,本发明的特点和优点将变得显而易见。
图1是本发明的一个图解。其中BIOS闪速存储器驻存在加密协处理器内部,加密协处理器可以与PCI总线连结。
图2是一个操作流程图,这些操作发生在本发明中通过主处理器对BIOS程序进行正常读访问期间。
图3是一个操作流程图,这些操作发生在本发明中BIOS程序的现场升级期间。
优选实施例的说明
本发明提供了一种过程来授权和确认代码更新,如使用加密技术的BIOS升级。在下面的描述中,某些术语用于讨论某种加密特点。“密钥”是一种编码和/或译码参数,利用传统的加密算法如Rivest,Shamir和Adlem(“RSA”),Data Encryption Standard(“DES”)中说明的DataEncryption Algorithms(“DEA”)等等。“证明”定义为与某个实体相关的由其他的实体如一个制造商或一个广泛公开的可信的权威机构(例如,银行,政府实体,贸易协会等。)掌握的私人的密钥进行加密的任何数字信息(特别地是一个公共的密钥)。一个“数字签名”类似于一个证明,但一般只用于授权数据。这里,词“安全”表示对一个侵入者来说,不可能成功地穿过系统屏障。安全处理器是一种电子器件,它能执行安全功能,从而给该系统提供安全保护。
该授权和确认是由安全处理器来执行,安全处理器包含BIOS固件。这样一种安全处理器的实例是加密协处理器。该加密处理器使用秘密的信息如嵌于BIOS升级的数字签名来授权和确认BIOS固件。
参考图1,图示了一个应用于本发明的计算机系统的实施例。该计算机系统10包括芯片组31,它作为一个接口,以支持主处理器30之间的连接;系统存储器32,和耦合到系统总线33的器件。系统存储器32可以包括,但不局限于传统的存储器如不同类型的随机访问存储器(“RAM”),例如,DIAM,VRAM,SRAM,等。以及映射存储器I/O器件。系统总线33可以按照任何类型的总线结构包括外围部件互连(“PCI”),通用串行总线(“USB,”)等等进行应用。
可以耦合到系统总线33的一种器件包括加密协处理器34。加密协处理器34包含总线接口40,处理单元41和局部非易失性存储器42。总线接口40用于建立一种与系统总线33的电连接。处理单元41用作加密协处理器34的主控制器。处理单元41与它自己的局部非易失性存储器42连接。自举程序43储存于非易失性存储器42中。非主要的元件未示出,以避免使本发明发生混淆。可使用在该加密协处理器34中的非主要的元件实例包括RAM,一种随机数字发生器,和不同的加密算法加速器。而且,尽管在图1中显示主处理器30与加密协处理器34是分开的,但加密协处理器34可以是主处理器30的部件,在该情形下,主处理器30直接访问BIOS程序而不通过系统总线33。
图2中,图示了与系统的“自举”过程相关联的一些步骤。首先,在步骤50中,该主处理器发出一个关于BIOS程序的地址读请求。该加密协处理器响应对有关BIOS指令的请求(步骤60)。最后,该主处理器处理步骤70中的数据。为了继续处理BIOS指令,该顺序重复进行。
在典型的现场BIOS升级中,该软件制造商(BIOS销售商)会送给用户一张包含新的BIOS代码和执行升级操作代码的磁盘,对BI0S销售商来说,建立一个公报交换机系统,或一个数据高速公路接口如因特网,以允许用户通过电子远程卸载该BIOS升级是可能的。BIOS升级主要包括对BIOS闪速存储器的擦除和写入。
在图3中,图示了与修改BIOS程序相关的步骤。在步骤110中,主处理器发出一个“替换BIOS”命令给加密协处理器。该命令一般由某些类型的BIOS管理实用软件产生,这些BIOS管理实用软件在主处理器本身或者远程系统上运行。该命令的目的是为新的BIOS程序准备加密协处理器(步骤120)。在步骤130中,加密协处理器或者被动地从主处理器接收新的BIOS程序代码或主动地从特定的来源(例如。系统存储器)中恢复新的BIOS程序代码。步骤140中,新的BIOS程序在内部或以一种保护方式储存,以保证将来的授权操作在这特定的“新的BIOS程序”中执行。在步骤150中,加密协处理器按照内部储存的BIOS程序的版本执行适当的授权操作。有很多方法如授权可以执行,包括利用秘密信息,这些信息仅为BIOS提供者和配置的加密协处理器所知。这是考虑到公共的/私人的密钥加密术可能用作授权过程的一部分,特别地,使用该众所周知的数字签名和证明技术以使该新的BIOS程序的整体性和有效性生效。不管使用什么授权技术,其显著特点是:它是在加密协处理器内按新的BIOS程序的局部版本执行。一旦执行了授权操作,在步骤160中,加密协处理器可以确定关于该新的BIOS程序的有效性。例如,该“新的BIOS程序”提供的数字签名可能是有效的,但是该修订数据可能是不适当的(例如。比当前安装的BIOS更早)。如果该新的BIOS已确定是无效的,它就被加密协处理器删除并且再也不能使用(步骤170)。如果该新的BIOS是有效的,该新的BIOS程序进行操作并删除先有的BIOS程序(步骤180)。注意在这一点上,重新自举(reboot)该计算机系统是正常的,以确保系统范围内的一致性。
为了支持基于数字签名的BIOS授权方法,嵌于销售BIOS软件升级中的数字签名应当由一个工业协会,或一个类似的组织或程序批准或同意。该工业协会的参加者是想能现场升级他们的BIOS代码的BIOS销售商。该工业协会的功能之一是发行数字证明给它的BIOS销售商成员,实际上是签发一个数字证明给每个使用BIOS升级软件的销售商。该协会在BIOS的授权过程中提供它的用于加密协处理器的公共密码。该加密协处理器应预装有BIOS销售商的工业协会的公共的密码,以便它能证明嵌于该BIOS升级代码的任何数字签名。另一方面,加密协处理器可以预装入其他的公共的密码,它可以用于授权一个证明链从而获取该工业协会公共的密码。必要时,BIOS升级代码可以是加密的(例如保护该代码不被颠倒管理)。由于该工业协会发表的数字签名或证明一般代表一个有信誉的或可靠的BIOS销售商权威性,一个侵犯者不能直接或间接地用病毒侵扰来破坏该BIOS代码(除非是他或她自己以某种方式取得秘密的私人的用于产生签名或证明的密码)。
在另一实施例中(未图示),加密协处理器是主处理器的一部分。主处理器包含加密协处理器和BIOS程序。当作它自己的安全处理器的主处理器执行与以上描述的BIOS升级中授权和有效,该主处理器预装入BIOS销售商工业协会的公共密码,以便能校验嵌于BIOS升级代码中的任何数字签名。
在另一实施例中(未图示),BIOS程序位于插入系统的扩展槽中的印刷电路板(“PCB”)或卡中。加密协处理器可以位于同一PCB或卡或另一个PCB或卡上,甚至在主处理器内。不管它位于系统的什么地方,只要加密协处理器能访问该BIOS程序,它可以完成以上描述的授权和有效操作。
尽管本发明参考图示的实施例进行了描述,但这种描述不是解释为一种限制。图示的实施例以及本发明的其他实施例的各种修改,对于本领域的人来说是显而易见的,则认为落入本发明的精神和范围之内。
Claims (23)
1.一种安全地更新可执行代码的系统,包括:
存储代码更新的第一存储器装置,
存储所述的可执行代码的第二存储器装置,以及
授权和确认所述的第一存储器装置和所述的基于器件识别的代码更新的第一处理装置,所述的第一处理装置耦合到所述的第二存储器装置。
2.权利要求1中所述的系统,其中的可执行代码是一种基本输入和输出系统。
3.权利要求1中所述的系统,其中的第一存储器装置是海量存储器器件和能在计算机网络中通过电子方法传送的文件之一。
4.权利要求1中所述的系统,其中的第二存储器装置是一种可修改的非易失性存储器器件。
5.权利要求1中所述的系统,其中的第一处理装置包括一种加密处理器。
6.权利要求1中所述的系统,其中的器件识别由包括一数字签名的第一处理装置接收。
7.权利要求1中所述的系统,其中所述的可执行代码被加密以生成加密的代码。
8.权利要求1中所述的系统,还包括:
为执行所述的可执行代码而与所述的第一处理装置通讯的第二处理装置。
9.权利要求7中所述的系统,其中所述的加密代码被解密以生成解密代码。
10.一种安全的更新可执行代码的系统,包括
一种包含代码更新的第一存储器元件;
一种包含所述的可执行代码的第二存储器元件;
一种耦合到所述的第二存储器元件的安全处理器,所述的安全处理器授权和确认所述的第一存储器元件和所述的基于器件识别的代码更新。
11.权利要求10中所述的系统,其中的可执行代码是一个基本输入和输出系统。
12.权利要求10中所述的系统,其中的第一存储器元件是海量存储器器件和能在计算机网络中通过电子方法传送的文件之一。
13.权利要求10中所述的系统,其中的第二存储器元件是一种可修改非易失性存储器器件。
14.权利要求10中所述的系统,其中的安全处理器是一种加密处理器。
15.权利要求10中所述的系统,其中的所述的器件识别由所述的包括数字签名的所述安全处理器接收。
16.权利要求10中所述的系统,其中的所述的可执行代码被加密以生成一种加密的代码。
17.权利要求10中所述的系统。还包括:
一为执行所述的可执行代码而与所述的安全处理器通信的主处理器。
18.权利要求16中所述的系统,其中所述的加密的代码被解密以生成解密代码。
19.一种安全地更新可执行代码的方法,该方法包含以下步骤:
提供第一存储器元件以存储代码更新;
提供第二存储器元件以存储所述的可执行代码;
配置所述的第一存储器元件以使其包含一个器件识别;
提供安全处理器以访问所述的第二存储器元件;
通过所述的安全处理器授权所述的基于器件识别的第一存储器元件;以及
如果所述的第一存储器元件已授权,则通过所述的代码更新来更新所述的可执行代码。
20.权利要求19中所述的方法,在所述的更新步骤前,该方法还包含一个步骤:确认所述的在第一存储器元件中的代码更新。
21.权利要求19中所述的方法,其中的可执行代码是一种基本输入和输出系统。
22.权利要求19中所述的方法,其中的所述的第二存储器元件提供的可执行代码是一种加密格式。
23.权利要求19中所述的方法,还包括:
提供为执行所述的可执行代码而与所述的安全处理器通信的主处理器。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/724,176 | 1996-09-30 | ||
US08/724,176 US5844986A (en) | 1996-09-30 | 1996-09-30 | Secure BIOS |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1231787A true CN1231787A (zh) | 1999-10-13 |
CN1154282C CN1154282C (zh) | 2004-06-16 |
Family
ID=24909346
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB971983356A Expired - Lifetime CN1154282C (zh) | 1996-09-30 | 1997-07-30 | 安全bios |
Country Status (9)
Country | Link |
---|---|
US (1) | US5844986A (zh) |
EP (1) | EP0932953B1 (zh) |
KR (1) | KR100299954B1 (zh) |
CN (1) | CN1154282C (zh) |
AU (1) | AU4146197A (zh) |
BR (1) | BR9711567A (zh) |
HK (1) | HK1021676A1 (zh) |
TW (1) | TW348240B (zh) |
WO (1) | WO1998015082A1 (zh) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1322384C (zh) * | 2000-09-29 | 2007-06-20 | 英特尔公司 | 检验电子设备中储存信息完整性的系统和方法 |
US7346931B2 (en) | 2002-08-02 | 2008-03-18 | Robert Bosch Gmbh | Accepting a set of data in a computer unit |
CN1680920B (zh) * | 2004-04-07 | 2011-06-15 | 纬创资通股份有限公司 | 远端更新数据处理系统中基本输入输出系统的方法及其装置 |
CN101639877B (zh) * | 2008-07-30 | 2011-06-22 | 和硕联合科技股份有限公司 | 电子装置及其更新基本输入输出系统方法 |
CN103679004A (zh) * | 2012-09-19 | 2014-03-26 | Nxp股份有限公司 | 用于安全地更新计算设备中的固件的方法及系统 |
CN103810443A (zh) * | 2013-11-13 | 2014-05-21 | 威盛电子股份有限公司 | 保护基本输入输出系统的设备与方法 |
CN104679685A (zh) * | 2013-11-29 | 2015-06-03 | 英业达科技有限公司 | 基板管理控制器存取方法 |
CN104932107A (zh) * | 2011-03-22 | 2015-09-23 | 精工爱普生株式会社 | 图像中继光学系统 |
CN105378663A (zh) * | 2013-07-31 | 2016-03-02 | 惠普发展公司,有限责任合伙企业 | 更新引导代码 |
CN108256355A (zh) * | 2018-02-28 | 2018-07-06 | 郑州云海信息技术有限公司 | 一种带外刷新bios时验证bios完整性的方法及装置 |
CN108292345A (zh) * | 2016-01-27 | 2018-07-17 | 惠普发展公司,有限责任合伙企业 | 操作验证 |
Families Citing this family (338)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5453601A (en) | 1991-11-15 | 1995-09-26 | Citibank, N.A. | Electronic-monetary system |
US7037426B2 (en) * | 2000-05-04 | 2006-05-02 | Zenon Environmental Inc. | Immersed membrane apparatus |
US5835594A (en) | 1996-02-09 | 1998-11-10 | Intel Corporation | Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage |
US5917913A (en) * | 1996-12-04 | 1999-06-29 | Wang; Ynjiun Paul | Portable electronic authorization devices and methods therefor |
US8225089B2 (en) | 1996-12-04 | 2012-07-17 | Otomaku Properties Ltd., L.L.C. | Electronic transaction systems utilizing a PEAD and a private key |
GB9626241D0 (en) * | 1996-12-18 | 1997-02-05 | Ncr Int Inc | Secure data processing method and system |
CA2276051C (en) * | 1996-12-24 | 2005-10-18 | X-Ray Technologies Pty. Ltd. | Phase retrieval in phase contrast imaging |
US6212635B1 (en) * | 1997-07-18 | 2001-04-03 | David C. Reardon | Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place |
US6009524A (en) * | 1997-08-29 | 1999-12-28 | Compact Computer Corp | Method for the secure remote flashing of a BIOS memory |
US6151678A (en) * | 1997-09-09 | 2000-11-21 | Intel Corporation | Anti-theft mechanism for mobile computers |
US6148387A (en) * | 1997-10-09 | 2000-11-14 | Phoenix Technologies, Ltd. | System and method for securely utilizing basic input and output system (BIOS) services |
US6560706B1 (en) * | 1998-01-26 | 2003-05-06 | Intel Corporation | Interface for ensuring system boot image integrity and authenticity |
US6378072B1 (en) | 1998-02-03 | 2002-04-23 | Compaq Computer Corporation | Cryptographic system |
US6141756A (en) * | 1998-04-27 | 2000-10-31 | Motorola, Inc. | Apparatus and method of reading a program into a processor |
US6757829B1 (en) * | 1998-05-29 | 2004-06-29 | Texas Instruments Incorporated | Program debugging system for secure computing device having secure and non-secure modes |
US6401208B2 (en) * | 1998-07-17 | 2002-06-04 | Intel Corporation | Method for BIOS authentication prior to BIOS execution |
US6735696B1 (en) * | 1998-08-14 | 2004-05-11 | Intel Corporation | Digital content protection using a secure booting method and apparatus |
US6463535B1 (en) * | 1998-10-05 | 2002-10-08 | Intel Corporation | System and method for verifying the integrity and authorization of software before execution in a local platform |
US20050060549A1 (en) * | 1998-10-26 | 2005-03-17 | Microsoft Corporation | Controlling access to content based on certificates and access predicates |
US7174457B1 (en) * | 1999-03-10 | 2007-02-06 | Microsoft Corporation | System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party |
US7194092B1 (en) | 1998-10-26 | 2007-03-20 | Microsoft Corporation | Key-based secure storage |
US6138239A (en) * | 1998-11-13 | 2000-10-24 | N★Able Technologies, Inc. | Method and system for authenticating and utilizing secure resources in a computer system |
US6539480B1 (en) * | 1998-12-31 | 2003-03-25 | Intel Corporation | Secure transfer of trust in a computing system |
US6408387B1 (en) * | 1999-01-22 | 2002-06-18 | Intel Corporation | Preventing unauthorized updates to a non-volatile memory |
WO2000048061A1 (en) * | 1999-02-15 | 2000-08-17 | Hewlett-Packard Company | Protection of the configuration of modules in computing apparatus |
JP4812168B2 (ja) * | 1999-02-15 | 2011-11-09 | ヒューレット・パッカード・カンパニー | 信用コンピューティング・プラットフォーム |
EP1030237A1 (en) * | 1999-02-15 | 2000-08-23 | Hewlett-Packard Company | Trusted hardware device in a computer |
EP1161715B1 (en) | 1999-02-15 | 2010-08-18 | Hewlett-Packard Company (a Delaware Corporation) | Communications between modules of a computing apparatus |
US6546489B1 (en) | 1999-03-04 | 2003-04-08 | Western Digital Ventures, Inc. | Disk drive which provides a secure boot of a host computer system from a protected area of a disk |
US6795837B1 (en) | 1999-03-31 | 2004-09-21 | Intel Corporation | Programmable random bit source |
US6643374B1 (en) | 1999-03-31 | 2003-11-04 | Intel Corporation | Duty cycle corrector for a random number generator |
US6571335B1 (en) | 1999-04-01 | 2003-05-27 | Intel Corporation | System and method for authentication of off-chip processor firmware code |
US6587947B1 (en) * | 1999-04-01 | 2003-07-01 | Intel Corporation | System and method for verification of off-chip processor code |
US6389537B1 (en) | 1999-04-23 | 2002-05-14 | Intel Corporation | Platform and method for assuring integrity of trusted agent communications |
US6757827B1 (en) | 1999-04-26 | 2004-06-29 | Unisys Corporation | Autonomously secured image data |
FI991134A (fi) | 1999-05-18 | 2000-11-19 | Sonera Oyj | Ohjelmiston testaus |
US6618810B1 (en) | 1999-05-27 | 2003-09-09 | Dell Usa, L.P. | Bios based method to disable and re-enable computers |
EP1055990A1 (en) | 1999-05-28 | 2000-11-29 | Hewlett-Packard Company | Event logging in a computing platform |
EP1056010A1 (en) * | 1999-05-28 | 2000-11-29 | Hewlett-Packard Company | Data integrity monitoring in trusted computing entity |
AU5730200A (en) * | 1999-06-08 | 2000-12-28 | General Instrument Corporation | Cryptographic processing system |
US6647494B1 (en) * | 1999-06-14 | 2003-11-11 | Intel Corporation | System and method for checking authorization of remote configuration operations |
US6633981B1 (en) | 1999-06-18 | 2003-10-14 | Intel Corporation | Electronic system and method for controlling access through user authentication |
EP1063589A1 (en) * | 1999-06-25 | 2000-12-27 | TELEFONAKTIEBOLAGET L M ERICSSON (publ) | Device for processing data and corresponding method |
CN1091903C (zh) * | 1999-06-28 | 2002-10-02 | 李增胜 | 防止cih等病毒破坏计算机主板bios的方法 |
US6981155B1 (en) | 1999-07-14 | 2005-12-27 | Symantec Corporation | System and method for computer security |
AU6218800A (en) | 1999-07-14 | 2001-01-30 | Recourse Technologies, Inc. | System and method for quickly authenticating messages using sequence numbers |
US7117532B1 (en) | 1999-07-14 | 2006-10-03 | Symantec Corporation | System and method for generating fictitious content for a computer |
US6715074B1 (en) * | 1999-07-27 | 2004-03-30 | Hewlett-Packard Development Company, L.P. | Virus resistant and hardware independent method of flashing system bios |
US7065657B1 (en) | 1999-08-30 | 2006-06-20 | Symantec Corporation | Extensible intrusion detection system |
US6647400B1 (en) | 1999-08-30 | 2003-11-11 | Symantec Corporation | System and method for analyzing filesystems to detect intrusions |
US7203962B1 (en) | 1999-08-30 | 2007-04-10 | Symantec Corporation | System and method for using timestamps to detect attacks |
US7085936B1 (en) | 1999-08-30 | 2006-08-01 | Symantec Corporation | System and method for using login correlations to detect intrusions |
US6996843B1 (en) | 1999-08-30 | 2006-02-07 | Symantec Corporation | System and method for detecting computer intrusions |
US6826697B1 (en) | 1999-08-30 | 2004-11-30 | Symantec Corporation | System and method for detecting buffer overflow attacks |
EP1085396A1 (en) * | 1999-09-17 | 2001-03-21 | Hewlett-Packard Company | Operation of trusted state in computing platform |
US6718407B2 (en) * | 1999-09-30 | 2004-04-06 | Intel Corporation | Multiplexer selecting one of input/output data from a low pin count interface and a program information to update a firmware device from a communication interface |
KR100505103B1 (ko) * | 1999-10-11 | 2005-07-29 | 삼성전자주식회사 | 범용 직렬 버스용 메모리 스틱 |
US6754908B1 (en) | 1999-11-12 | 2004-06-22 | General Instrument Corporation | Intrusion detection for object security |
US20010013121A1 (en) * | 1999-11-12 | 2001-08-09 | Kimball Bridget D. | Authorization conditioned object message download |
TW452733B (en) * | 1999-11-26 | 2001-09-01 | Inventec Corp | Method for preventing BIOS from viruses infection |
US6769059B1 (en) * | 1999-12-17 | 2004-07-27 | Intel Corporation | System for updating computer's existing video BIOS without updating the whole computer's system BIOS |
US7213152B1 (en) * | 2000-02-14 | 2007-05-01 | Intel Corporation | Modular bios update mechanism |
US6757832B1 (en) * | 2000-02-15 | 2004-06-29 | Silverbrook Research Pty Ltd | Unauthorized modification of values in flash memory |
CN100495420C (zh) * | 2000-02-21 | 2009-06-03 | 特科2000国际有限公司 | 便携式数据存储装置 |
DE10008973B4 (de) * | 2000-02-25 | 2004-10-07 | Bayerische Motoren Werke Ag | Autorisierungsverfahren mit Zertifikat |
DE10008974B4 (de) * | 2000-02-25 | 2005-12-29 | Bayerische Motoren Werke Ag | Signaturverfahren |
US6990579B1 (en) | 2000-03-31 | 2006-01-24 | Intel Corporation | Platform and method for remote attestation of a platform |
US6678825B1 (en) | 2000-03-31 | 2004-01-13 | Intel Corporation | Controlling access to multiple isolated memories in an isolated execution environment |
US6792438B1 (en) * | 2000-03-31 | 2004-09-14 | Intel Corporation | Secure hardware random number generator |
US7089595B1 (en) | 2000-03-31 | 2006-08-08 | Intel Corporation | Device and method for disabling an override hardware pin assertion |
US6934817B2 (en) | 2000-03-31 | 2005-08-23 | Intel Corporation | Controlling access to multiple memory zones in an isolated execution environment |
US7194634B2 (en) * | 2000-03-31 | 2007-03-20 | Intel Corporation | Attestation key memory device and bus |
US6507904B1 (en) | 2000-03-31 | 2003-01-14 | Intel Corporation | Executing isolated mode instructions in a secure system running in privilege rings |
US7089418B1 (en) | 2000-03-31 | 2006-08-08 | Intel Corporation | Managing accesses in a processor for isolated execution |
US6625730B1 (en) * | 2000-03-31 | 2003-09-23 | Hewlett-Packard Development Company, L.P. | System for validating a bios program and memory coupled therewith by using a boot block program having a validation routine |
US6996710B1 (en) | 2000-03-31 | 2006-02-07 | Intel Corporation | Platform and method for issuing and certifying a hardware-protected attestation key |
US7073071B1 (en) | 2000-03-31 | 2006-07-04 | Intel Corporation | Platform and method for generating and utilizing a protected audit log |
US6760441B1 (en) | 2000-03-31 | 2004-07-06 | Intel Corporation | Generating a key hieararchy for use in an isolated execution environment |
US6633963B1 (en) | 2000-03-31 | 2003-10-14 | Intel Corporation | Controlling access to multiple memory zones in an isolated execution environment |
US7073064B1 (en) * | 2000-03-31 | 2006-07-04 | Hewlett-Packard Development Company, L.P. | Method and apparatus to provide enhanced computer protection |
US6687721B1 (en) | 2000-03-31 | 2004-02-03 | Intel Corporation | Random number generator with entropy accumulation |
US7356817B1 (en) | 2000-03-31 | 2008-04-08 | Intel Corporation | Real-time scheduling of virtual machines |
US7082615B1 (en) | 2000-03-31 | 2006-07-25 | Intel Corporation | Protecting software environment in isolated execution |
US6957332B1 (en) | 2000-03-31 | 2005-10-18 | Intel Corporation | Managing a secure platform using a hierarchical executive architecture in isolated execution mode |
US6769058B1 (en) | 2000-03-31 | 2004-07-27 | Intel Corporation | Resetting a processor in an isolated execution environment |
US6795905B1 (en) | 2000-03-31 | 2004-09-21 | Intel Corporation | Controlling accesses to isolated memory using a memory controller for isolated execution |
US7013484B1 (en) | 2000-03-31 | 2006-03-14 | Intel Corporation | Managing a secure environment using a chipset in isolated execution mode |
US7013481B1 (en) * | 2000-03-31 | 2006-03-14 | Intel Corporation | Attestation key memory device and bus |
US6754815B1 (en) | 2000-03-31 | 2004-06-22 | Intel Corporation | Method and system for scrubbing an isolated area of memory after reset of a processor operating in isolated execution mode if a cleanup flag is set |
US6820105B2 (en) * | 2000-05-11 | 2004-11-16 | Cyberguard Corporation | Accelerated montgomery exponentiation using plural multipliers |
US20020002706A1 (en) * | 2000-05-26 | 2002-01-03 | Sprunk Eric J. | Authentication and authorization epochs |
US6976162B1 (en) | 2000-06-28 | 2005-12-13 | Intel Corporation | Platform and method for establishing provable identities while maintaining privacy |
US6976163B1 (en) * | 2000-07-12 | 2005-12-13 | International Business Machines Corporation | Methods, systems and computer program products for rule based firmware updates utilizing certificate extensions and certificates for use therein |
US7069452B1 (en) * | 2000-07-12 | 2006-06-27 | International Business Machines Corporation | Methods, systems and computer program products for secure firmware updates |
GB0020488D0 (en) * | 2000-08-18 | 2000-10-11 | Hewlett Packard Co | Trusted status rollback |
GB0020441D0 (en) * | 2000-08-18 | 2000-10-04 | Hewlett Packard Co | Performance of a service on a computing platform |
GB0020370D0 (en) * | 2000-08-18 | 2000-10-04 | Hewlett Packard Co | Trusted device |
US7032114B1 (en) | 2000-08-30 | 2006-04-18 | Symantec Corporation | System and method for using signatures to detect computer intrusions |
ATE553426T1 (de) | 2000-09-21 | 2012-04-15 | Research In Motion Ltd | System und verfahren zum unterschreiben eines software-kodes |
ES2180391B1 (es) * | 2000-09-25 | 2003-12-16 | Telesincro S A | Circuito integrado. |
US7793111B1 (en) | 2000-09-28 | 2010-09-07 | Intel Corporation | Mechanism to handle events in a machine with isolated execution |
US7389427B1 (en) | 2000-09-28 | 2008-06-17 | Intel Corporation | Mechanism to secure computer output from software attack using isolated execution |
US7484081B1 (en) * | 2000-10-10 | 2009-01-27 | Altera Corporation | Method and apparatus for protecting designs in SRAM-based programmable logic devices |
US6889340B1 (en) * | 2000-10-13 | 2005-05-03 | Phoenix Technologies Ltd. | Use of extra firmware flash ROM space as a diagnostic drive |
US8087014B1 (en) | 2000-10-26 | 2011-12-27 | Qualcomm Incorporated | Method and apparatus for configuration management for a computing device |
US7797729B2 (en) * | 2000-10-26 | 2010-09-14 | O2Micro International Ltd. | Pre-boot authentication system |
GB2376763B (en) | 2001-06-19 | 2004-12-15 | Hewlett Packard Co | Demonstrating integrity of a compartment of a compartmented operating system |
SE519869C2 (sv) * | 2000-12-01 | 2003-04-15 | Saab Ab | Datoranordning och förfarande för exekvering av programvaror av olika kritikalitet |
US20020112175A1 (en) * | 2000-12-13 | 2002-08-15 | Makofka Douglas S. | Conditional access for functional units |
US20020083344A1 (en) * | 2000-12-21 | 2002-06-27 | Vairavan Kannan P. | Integrated intelligent inter/intra networking device |
US6988196B2 (en) * | 2000-12-22 | 2006-01-17 | Lenovo (Singapore) Pte Ltd | Computer system and method for generating a digital certificate |
US7215781B2 (en) | 2000-12-22 | 2007-05-08 | Intel Corporation | Creation and distribution of a secret value between two devices |
US20020083318A1 (en) * | 2000-12-26 | 2002-06-27 | Larose Gordon Edward | Method and system for software integrity control using secure hardware assist |
US7818808B1 (en) | 2000-12-27 | 2010-10-19 | Intel Corporation | Processor mode for limiting the operation of guest software running on a virtual machine supported by a virtual machine monitor |
US6907600B2 (en) | 2000-12-27 | 2005-06-14 | Intel Corporation | Virtual translation lookaside buffer |
US6948065B2 (en) | 2000-12-27 | 2005-09-20 | Intel Corporation | Platform and method for securely transmitting an authorization secret |
US7035963B2 (en) | 2000-12-27 | 2006-04-25 | Intel Corporation | Method for resolving address space conflicts between a virtual machine monitor and a guest operating system |
US7225441B2 (en) * | 2000-12-27 | 2007-05-29 | Intel Corporation | Mechanism for providing power management through virtualization |
US6976172B2 (en) * | 2000-12-28 | 2005-12-13 | Intel Corporation | System and method for protected messaging |
US7350083B2 (en) * | 2000-12-29 | 2008-03-25 | Intel Corporation | Integrated circuit chip having firmware and hardware security primitive device(s) |
US6839846B2 (en) * | 2001-01-03 | 2005-01-04 | Intel Corporation | Embedding digital signatures into digital payloads |
US7028184B2 (en) * | 2001-01-17 | 2006-04-11 | International Business Machines Corporation | Technique for digitally notarizing a collection of data streams |
US6990444B2 (en) | 2001-01-17 | 2006-01-24 | International Business Machines Corporation | Methods, systems, and computer program products for securely transforming an audio stream to encoded text |
GB2372345A (en) * | 2001-02-17 | 2002-08-21 | Hewlett Packard Co | Secure email handling using a compartmented operating system |
GB2372595A (en) | 2001-02-23 | 2002-08-28 | Hewlett Packard Co | Method of and apparatus for ascertaining the status of a data processing environment. |
GB2372593B (en) * | 2001-02-23 | 2005-05-18 | Hewlett Packard Co | Electronic communication |
GB2372591A (en) * | 2001-02-23 | 2002-08-28 | Hewlett Packard Co | Method of investigating transactions in a data processing environment |
GB2372592B (en) | 2001-02-23 | 2005-03-30 | Hewlett Packard Co | Information system |
GB2372594B (en) | 2001-02-23 | 2004-10-06 | Hewlett Packard Co | Trusted computing environment |
EP1415211A2 (en) * | 2001-03-09 | 2004-05-06 | Koninklijke Philips Electronics N.V. | System with a server for verifying new components |
US7302584B2 (en) * | 2001-03-16 | 2007-11-27 | Mcafee, Inc. | Mechanisms for banning computer programs from use |
US7016494B2 (en) * | 2001-03-26 | 2006-03-21 | Hewlett-Packard Development Company, L.P. | Multiple cryptographic key precompute and store |
US7120248B2 (en) * | 2001-03-26 | 2006-10-10 | Hewlett-Packard Development Company, L.P. | Multiple prime number generation using a parallel prime number search algorithm |
US6996721B2 (en) * | 2001-03-27 | 2006-02-07 | Micron Technology, Inc. | Flash device security method utilizing a check register |
US20020144121A1 (en) * | 2001-03-30 | 2002-10-03 | Ellison Carl M. | Checking file integrity using signature generated in isolated execution |
US6633964B2 (en) | 2001-03-30 | 2003-10-14 | Intel Corporation | Method and system using a virtual lock for boot block flash |
US7096497B2 (en) * | 2001-03-30 | 2006-08-22 | Intel Corporation | File checking using remote signing authority via a network |
US7272831B2 (en) | 2001-03-30 | 2007-09-18 | Intel Corporation | Method and apparatus for constructing host processor soft devices independent of the host processor operating system |
US20020169976A1 (en) * | 2001-05-10 | 2002-11-14 | Schelling Todd A. | Enabling optional system features |
US7216362B1 (en) * | 2001-05-10 | 2007-05-08 | Advanced Micro Devices, Inc. | Enhanced security and manageability using secure storage in a personal computer system |
DE10123170A1 (de) * | 2001-05-12 | 2002-11-14 | Bosch Gmbh Robert | Verfahren zum Betreiben eines Steuergeräts |
CN1306423C (zh) * | 2001-06-05 | 2007-03-21 | 六舜实业股份有限公司 | 一种用于防止电脑病毒的禁写装置 |
US6772307B1 (en) | 2001-06-11 | 2004-08-03 | Intel Corporation | Firmware memory having multiple protected blocks |
GB0114898D0 (en) * | 2001-06-19 | 2001-08-08 | Hewlett Packard Co | Interaction with electronic services and markets |
GB2376765B (en) | 2001-06-19 | 2004-12-29 | Hewlett Packard Co | Multiple trusted computing environments with verifiable environment identities |
GB2376761A (en) * | 2001-06-19 | 2002-12-24 | Hewlett Packard Co | An arrangement in which a process is run on a host operating system but may be switched to a guest system if it poses a security risk |
GB2376762A (en) * | 2001-06-19 | 2002-12-24 | Hewlett Packard Co | Renting a computing environment on a trusted computing platform |
GB2376764B (en) * | 2001-06-19 | 2004-12-29 | Hewlett Packard Co | Multiple trusted computing environments |
EP1399825B1 (en) | 2001-06-28 | 2006-08-02 | Trek 2000 International Ltd | Method and devices for data transfer |
WO2003003295A1 (en) * | 2001-06-28 | 2003-01-09 | Trek 2000 International Ltd. | A portable device having biometrics-based authentication capabilities |
DE10131578A1 (de) * | 2001-07-02 | 2003-01-16 | Bosch Gmbh Robert | Verfahren zum Schutz eines Mikrorechner-Systems gegen Manipulation von in einer Speicheranordnung abgelegten Daten |
US20030009676A1 (en) * | 2001-07-09 | 2003-01-09 | Cole Terry L. | Peripheral device with secure driver |
DE10137505B4 (de) * | 2001-07-16 | 2005-06-23 | Francotyp-Postalia Ag & Co. Kg | Anordnung und Verfahren zum Ändern der Funktionalität eines Sicherheitsmoduls |
EP1282023A1 (en) * | 2001-07-30 | 2003-02-05 | Hewlett-Packard Company | Trusted platform evaluation |
GB2378272A (en) * | 2001-07-31 | 2003-02-05 | Hewlett Packard Co | Method and apparatus for locking an application within a trusted environment |
US8200988B2 (en) * | 2001-08-03 | 2012-06-12 | Intel Corporation | Firmware security key upgrade algorithm |
US7191440B2 (en) | 2001-08-15 | 2007-03-13 | Intel Corporation | Tracking operating system process and thread execution and virtual machine execution in hardware or in a virtual machine monitor |
US7484105B2 (en) * | 2001-08-16 | 2009-01-27 | Lenovo (Singapore) Ptd. Ltd. | Flash update using a trusted platform module |
US6993648B2 (en) * | 2001-08-16 | 2006-01-31 | Lenovo (Singapore) Pte. Ltd. | Proving BIOS trust in a TCPA compliant system |
US20030037244A1 (en) * | 2001-08-16 | 2003-02-20 | International Business Machines Corporation | System management interrupt generation upon completion of cryptographic operation |
DE10141737C1 (de) * | 2001-08-25 | 2003-04-03 | Daimler Chrysler Ag | Verfahren zur sicheren Datenübertragung innerhalb eines Verkehrsmittels |
DE10140721A1 (de) * | 2001-08-27 | 2003-03-20 | Bayerische Motoren Werke Ag | Verfahren zur Bereitstellung von Software zur Verwendung durch ein Steuergerät eines Fahrzeugs |
DE10142537A1 (de) * | 2001-08-30 | 2003-03-20 | Adp Gauselmann Gmbh | Verfahren zur Aktivierung einer in einem Gehäuse angeordneten Steuereinheit, die gegen ein Ausspähen von Daten geschützt ist |
JP4288893B2 (ja) * | 2001-09-26 | 2009-07-01 | ソニー株式会社 | 情報処理装置、プログラムロード方法、記録媒体、プログラム更新方法及び回路素子 |
US7103529B2 (en) * | 2001-09-27 | 2006-09-05 | Intel Corporation | Method for providing system integrity and legacy environment emulation |
US7024555B2 (en) * | 2001-11-01 | 2006-04-04 | Intel Corporation | Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment |
US20030097335A1 (en) * | 2001-11-21 | 2003-05-22 | International Business Machines Corporation | Secure method and system for determining charges and assuring privacy |
GB2382419B (en) | 2001-11-22 | 2005-12-14 | Hewlett Packard Co | Apparatus and method for creating a trusted environment |
US7103771B2 (en) * | 2001-12-17 | 2006-09-05 | Intel Corporation | Connecting a virtual token to a physical token |
US20030126454A1 (en) * | 2001-12-28 | 2003-07-03 | Glew Andrew F. | Authenticated code method and apparatus |
US7308576B2 (en) | 2001-12-31 | 2007-12-11 | Intel Corporation | Authenticated code module |
US20030128509A1 (en) * | 2002-01-04 | 2003-07-10 | Hewlett-Packard Company | Bios controlled cooling for computer systems |
US20030135744A1 (en) * | 2002-01-11 | 2003-07-17 | International Business Machines Corporation | Method and system for programming a non-volatile device in a data processing system |
US7480806B2 (en) | 2002-02-22 | 2009-01-20 | Intel Corporation | Multi-token seal and unseal |
US7124273B2 (en) * | 2002-02-25 | 2006-10-17 | Intel Corporation | Method and apparatus for translating guest physical addresses in a virtual machine environment |
US7631196B2 (en) | 2002-02-25 | 2009-12-08 | Intel Corporation | Method and apparatus for loading a trustable operating system |
US7069442B2 (en) | 2002-03-29 | 2006-06-27 | Intel Corporation | System and method for execution of a secured environment initialization instruction |
US7028149B2 (en) | 2002-03-29 | 2006-04-11 | Intel Corporation | System and method for resetting a platform configuration register |
US20030191943A1 (en) * | 2002-04-05 | 2003-10-09 | Poisner David I. | Methods and arrangements to register code |
US20030196096A1 (en) * | 2002-04-12 | 2003-10-16 | Sutton James A. | Microcode patch authentication |
US20030196100A1 (en) * | 2002-04-15 | 2003-10-16 | Grawrock David W. | Protection against memory attacks following reset |
US7076669B2 (en) * | 2002-04-15 | 2006-07-11 | Intel Corporation | Method and apparatus for communicating securely with a token |
US7058807B2 (en) * | 2002-04-15 | 2006-06-06 | Intel Corporation | Validation of inclusion of a platform within a data center |
US7127548B2 (en) | 2002-04-16 | 2006-10-24 | Intel Corporation | Control register access virtualization performance improvement in the virtual-machine architecture |
US7487365B2 (en) * | 2002-04-17 | 2009-02-03 | Microsoft Corporation | Saving and retrieving data based on symmetric key encryption |
US7890771B2 (en) | 2002-04-17 | 2011-02-15 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
US7130951B1 (en) * | 2002-04-18 | 2006-10-31 | Advanced Micro Devices, Inc. | Method for selectively disabling interrupts on a secure execution mode-capable processor |
US6782349B2 (en) | 2002-05-03 | 2004-08-24 | International Business Machines Corporation | Method and system for updating a root of trust measurement function in a personal computer |
DE60209115T2 (de) | 2002-05-13 | 2006-10-26 | Trek 2000 International Ltd. | System und vorrichtung zum komprimieren und dekomprimieren von in einem tragbaren datenspeichergerät gespeicherten daten |
US20030226040A1 (en) * | 2002-06-03 | 2003-12-04 | International Business Machines Corporation | Controlling access to data stored on a storage device of a trusted computing platform system |
US6820177B2 (en) | 2002-06-12 | 2004-11-16 | Intel Corporation | Protected configuration space in a protected environment |
US7142674B2 (en) | 2002-06-18 | 2006-11-28 | Intel Corporation | Method of confirming a secure key exchange |
US7392415B2 (en) * | 2002-06-26 | 2008-06-24 | Intel Corporation | Sleep protection |
US7124327B2 (en) | 2002-06-29 | 2006-10-17 | Intel Corporation | Control over faults occurring during the operation of guest software in the virtual-machine architecture |
US6996748B2 (en) | 2002-06-29 | 2006-02-07 | Intel Corporation | Handling faults associated with operation of guest software in the virtual-machine architecture |
US7296267B2 (en) | 2002-07-12 | 2007-11-13 | Intel Corporation | System and method for binding virtual machines to hardware contexts |
EP1429224A1 (en) * | 2002-12-10 | 2004-06-16 | Texas Instruments Incorporated | Firmware run-time authentication |
TW588243B (en) | 2002-07-31 | 2004-05-21 | Trek 2000 Int Ltd | System and method for authentication |
US7200758B2 (en) * | 2002-10-09 | 2007-04-03 | Intel Corporation | Encapsulation of a TCPA trusted platform module functionality within a server management coprocessor subsystem |
US7165181B2 (en) | 2002-11-27 | 2007-01-16 | Intel Corporation | System and method for establishing trust without revealing identity |
KR100929870B1 (ko) * | 2002-12-04 | 2009-12-04 | 삼성전자주식회사 | 컴퓨터 시스템의 바이오스 보안 유지방법 |
US7073042B2 (en) | 2002-12-12 | 2006-07-04 | Intel Corporation | Reclaiming existing fields in address translation data structures to extend control over memory accesses |
US7318235B2 (en) | 2002-12-16 | 2008-01-08 | Intel Corporation | Attestation using both fixed token and portable token |
US20040117318A1 (en) * | 2002-12-16 | 2004-06-17 | Grawrock David W. | Portable token controlling trusted environment launch |
US7318141B2 (en) | 2002-12-17 | 2008-01-08 | Intel Corporation | Methods and systems to control virtual machines |
US7793286B2 (en) * | 2002-12-19 | 2010-09-07 | Intel Corporation | Methods and systems to manage machine state in virtual machine operations |
US7900017B2 (en) | 2002-12-27 | 2011-03-01 | Intel Corporation | Mechanism for remapping post virtual machine memory pages |
US20040128465A1 (en) * | 2002-12-30 | 2004-07-01 | Lee Micheil J. | Configurable memory bus width |
US7409721B2 (en) * | 2003-01-21 | 2008-08-05 | Symantac Corporation | Network risk analysis |
DE10302427B4 (de) * | 2003-01-22 | 2005-04-07 | Fujitsu Siemens Computers Gmbh | Verfahren zum Betreiben eines Datenverarbeitungssystems mit einer Sicherheitseinrichtung |
US7370212B2 (en) | 2003-02-25 | 2008-05-06 | Microsoft Corporation | Issuing a publisher use license off-line in a digital rights management (DRM) system |
DE10309507A1 (de) * | 2003-03-05 | 2004-09-16 | Volkswagen Ag | Verfahren und Einrichtung zur Wartung von sicherheitsrelevanten Programmcode eines Kraftfahrzeuges |
US7337309B2 (en) * | 2003-03-24 | 2008-02-26 | Intel Corporation | Secure online BIOS update schemes |
US6834347B2 (en) * | 2003-04-29 | 2004-12-21 | International Business Machines Corporation | Target self-security for upgrades for an embedded device |
KR20060008338A (ko) * | 2003-06-24 | 2006-01-26 | 바이에리셰 모토렌 베르케 악티엔게젤샤프트 | 프로그래밍 가능한 읽기 전용 메모리의 부트 섹터에소프트웨어를 부팅 업 하는 방법 |
US7415708B2 (en) | 2003-06-26 | 2008-08-19 | Intel Corporation | Virtual machine management using processor state information |
US7240201B2 (en) * | 2003-08-01 | 2007-07-03 | Hewlett-Packard Development Company, L.P. | Method and apparatus to provide secure communication between systems |
US7177888B2 (en) | 2003-08-01 | 2007-02-13 | Intel Corporation | Programmable random bit source |
US7228432B2 (en) * | 2003-09-11 | 2007-06-05 | Angelo Michael F | Method and apparatus for providing security for a computer system |
US7287197B2 (en) * | 2003-09-15 | 2007-10-23 | Intel Corporation | Vectoring an interrupt or exception upon resuming operation of a virtual machine |
US7424709B2 (en) | 2003-09-15 | 2008-09-09 | Intel Corporation | Use of multiple virtual machine monitors to handle privileged events |
AU2004273105B2 (en) * | 2003-09-18 | 2009-06-11 | Aristocrat Technologies Australia Pty Ltd | BIOS protection device |
US7739521B2 (en) | 2003-09-18 | 2010-06-15 | Intel Corporation | Method of obscuring cryptographic computations |
US7610611B2 (en) | 2003-09-19 | 2009-10-27 | Moran Douglas R | Prioritized address decoder |
US20050080934A1 (en) * | 2003-09-30 | 2005-04-14 | Cota-Robles Erik C. | Invalidating translation lookaside buffer entries in a virtual machine (VM) system |
US7237051B2 (en) | 2003-09-30 | 2007-06-26 | Intel Corporation | Mechanism to control hardware interrupt acknowledgement in a virtual machine system |
US7177967B2 (en) | 2003-09-30 | 2007-02-13 | Intel Corporation | Chipset support for managing hardware interrupts in a virtual machine system |
US7366305B2 (en) | 2003-09-30 | 2008-04-29 | Intel Corporation | Platform and method for establishing trust without revealing identity |
US7487345B2 (en) * | 2003-10-10 | 2009-02-03 | Dell Products L.P. | Method of comparing build capability flags of replacement BIOS with boot capability flags of current BIOS to determine compatibility between BIOS revisions and installed hardware during flash update |
US7751584B2 (en) * | 2003-11-14 | 2010-07-06 | Intel Corporation | Method to provide transparent information in binary drivers via steganographic techniques |
US7636844B2 (en) | 2003-11-17 | 2009-12-22 | Intel Corporation | Method and system to provide a trusted channel within a computer system for a SIM device |
US8156343B2 (en) | 2003-11-26 | 2012-04-10 | Intel Corporation | Accessing private data about the state of a data processing machine from storage that is publicly accessible |
US20050128520A1 (en) * | 2003-12-16 | 2005-06-16 | Jeff Glickman | Digital signature protection for software |
US20050138409A1 (en) * | 2003-12-22 | 2005-06-23 | Tayib Sheriff | Securing an electronic device |
US8037314B2 (en) | 2003-12-22 | 2011-10-11 | Intel Corporation | Replacing blinded authentication authority |
US7930503B2 (en) * | 2004-01-26 | 2011-04-19 | Hewlett-Packard Development Company, L.P. | Method and apparatus for operating multiple security modules |
US7382880B2 (en) * | 2004-01-26 | 2008-06-03 | Hewlett-Packard Development Company, L.P. | Method and apparatus for initializing multiple security modules |
US7802085B2 (en) | 2004-02-18 | 2010-09-21 | Intel Corporation | Apparatus and method for distributing private keys to an entity with minimal secret, unique information |
US8468337B2 (en) * | 2004-03-02 | 2013-06-18 | International Business Machines Corporation | Secure data transfer over a network |
US7564976B2 (en) * | 2004-03-02 | 2009-07-21 | International Business Machines Corporation | System and method for performing security operations on network data |
US7356735B2 (en) | 2004-03-30 | 2008-04-08 | Intel Corporation | Providing support for single stepping a virtual machine in a virtual machine environment |
US7620949B2 (en) | 2004-03-31 | 2009-11-17 | Intel Corporation | Method and apparatus for facilitating recognition of an open event window during operation of guest software in a virtual machine environment |
TWI256014B (en) * | 2004-04-06 | 2006-06-01 | Wistron Corp | Method and apparatus for remote flashing of a bios memory in a data processing system |
US7940932B2 (en) * | 2004-04-08 | 2011-05-10 | Texas Instruments Incorporated | Methods, apparatus, and systems for securing SIM (subscriber identity module) personalization and other data on a first processor and secure communication of the SIM data to a second processor |
US20060242406A1 (en) | 2005-04-22 | 2006-10-26 | Microsoft Corporation | Protected computing environment |
WO2005106620A1 (ja) | 2004-04-30 | 2005-11-10 | Fujitsu Limited | 情報管理装置および情報管理方法 |
US7558966B2 (en) * | 2004-06-09 | 2009-07-07 | Intel Corporation | Notifying remote administrator of platform integrity determination |
US7594124B2 (en) * | 2004-06-09 | 2009-09-22 | Intel Corporation | Cross validation of data using multiple subsystems |
US7490070B2 (en) | 2004-06-10 | 2009-02-10 | Intel Corporation | Apparatus and method for proving the denial of a direct proof signature |
US8006100B2 (en) * | 2004-06-10 | 2011-08-23 | Oracle America, Inc. | Enhancing trusted platform module performance |
US7305592B2 (en) | 2004-06-30 | 2007-12-04 | Intel Corporation | Support for nested fault in a virtual machine environment |
US20060020810A1 (en) * | 2004-07-24 | 2006-01-26 | International Business Machines Corporation | System and method for software load authentication |
US8612772B1 (en) | 2004-09-10 | 2013-12-17 | Altera Corporation | Security core using soft key |
US8566616B1 (en) | 2004-09-10 | 2013-10-22 | Altera Corporation | Method and apparatus for protecting designs in SRAM-based programmable logic devices and the like |
US7711942B2 (en) * | 2004-09-23 | 2010-05-04 | Hewlett-Packard Development Company, L.P. | Computer security system and method |
US7376870B2 (en) * | 2004-09-30 | 2008-05-20 | Intel Corporation | Self-monitoring and updating of firmware over a network |
US7840962B2 (en) | 2004-09-30 | 2010-11-23 | Intel Corporation | System and method for controlling switching between VMM and VM using enabling value of VMM timer indicator and VMM timer value having a specified time |
US8347078B2 (en) | 2004-10-18 | 2013-01-01 | Microsoft Corporation | Device certificate individualization |
US8146078B2 (en) | 2004-10-29 | 2012-03-27 | Intel Corporation | Timer offsetting mechanism in a virtual machine environment |
US8176564B2 (en) | 2004-11-15 | 2012-05-08 | Microsoft Corporation | Special PC mode entered upon detection of undesired state |
US8336085B2 (en) | 2004-11-15 | 2012-12-18 | Microsoft Corporation | Tuning product policy using observed evidence of customer behavior |
US8464348B2 (en) * | 2004-11-15 | 2013-06-11 | Microsoft Corporation | Isolated computing environment anchored into CPU and motherboard |
US20060107054A1 (en) * | 2004-11-16 | 2006-05-18 | Young David W | Method, apparatus and system to authenticate chipset patches with cryptographic signatures |
US8924728B2 (en) | 2004-11-30 | 2014-12-30 | Intel Corporation | Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information |
US7305544B2 (en) * | 2004-12-10 | 2007-12-04 | Intel Corporation | Interleaved boot block to support multiple processor architectures and method of use |
US8745364B2 (en) * | 2004-12-13 | 2014-06-03 | Intel Corporation | Method and apparatus for enabling non-volatile content filtering |
US20060143600A1 (en) * | 2004-12-29 | 2006-06-29 | Andrew Cottrell | Secure firmware update |
US8533777B2 (en) | 2004-12-29 | 2013-09-10 | Intel Corporation | Mechanism to determine trust of out-of-band management agents |
US7502946B2 (en) * | 2005-01-20 | 2009-03-10 | Panasonic Corporation | Using hardware to secure areas of long term storage in CE devices |
US7395405B2 (en) | 2005-01-28 | 2008-07-01 | Intel Corporation | Method and apparatus for supporting address translation in a virtual machine environment |
US7882561B2 (en) | 2005-01-31 | 2011-02-01 | Microsoft Corporation | System and method of caching decisions on when to scan for malware |
JP4732508B2 (ja) | 2005-03-22 | 2011-07-27 | ヒューレット−パッカード デベロップメント カンパニー エル.ピー. | トラステッドデータのための方法、デバイス、およびデータ構造体 |
US8438645B2 (en) | 2005-04-27 | 2013-05-07 | Microsoft Corporation | Secure clock with grace periods |
US8725646B2 (en) | 2005-04-15 | 2014-05-13 | Microsoft Corporation | Output protection levels |
US9436804B2 (en) | 2005-04-22 | 2016-09-06 | Microsoft Technology Licensing, Llc | Establishing a unique session key using a hardware functionality scan |
US9363481B2 (en) | 2005-04-22 | 2016-06-07 | Microsoft Technology Licensing, Llc | Protected media pipeline |
US20060265758A1 (en) | 2005-05-20 | 2006-11-23 | Microsoft Corporation | Extensible media rights |
US8353046B2 (en) | 2005-06-08 | 2013-01-08 | Microsoft Corporation | System and method for delivery of a modular operating system |
US7809957B2 (en) | 2005-09-29 | 2010-10-05 | Intel Corporation | Trusted platform module for generating sealed data |
US8014530B2 (en) | 2006-03-22 | 2011-09-06 | Intel Corporation | Method and apparatus for authenticated, recoverable key distribution with no database secrets |
US7721284B2 (en) * | 2006-04-27 | 2010-05-18 | Microsoft Corporation | Deployment of multiple embedded operating system components |
US20070277038A1 (en) * | 2006-05-25 | 2007-11-29 | General Dynamics C4 Systems, Inc. | Method for authentication of software within a product |
US7660977B2 (en) * | 2006-06-08 | 2010-02-09 | Intel Corporation | System and method to control microcode updates after booting an operating system in a computing platform |
US7827397B2 (en) * | 2006-07-13 | 2010-11-02 | Aristocrat Technologies Australia Pty, Ltd. | Gaming machine having a secure boot chain and method of use |
US7668945B2 (en) * | 2006-08-18 | 2010-02-23 | Intel Corporation | Network booting using a platform management coprocessor |
US20080184026A1 (en) * | 2007-01-29 | 2008-07-31 | Hall Martin H | Metered Personal Computer Lifecycle |
US7802069B2 (en) * | 2007-03-07 | 2010-09-21 | Harris Corporation | Method and apparatus for protecting flash memory |
US8099274B2 (en) * | 2007-03-30 | 2012-01-17 | International Business Machines Corporation | Facilitating input/output processing of one or more guest processing systems |
US8539238B2 (en) * | 2007-05-09 | 2013-09-17 | Intel Corporation | Authenticated nonvolatile memory signing operations |
US8132253B2 (en) * | 2008-04-21 | 2012-03-06 | Dell Products L.P. | Memory security override protection for manufacturability of information handling systems |
US20090327741A1 (en) * | 2008-06-30 | 2009-12-31 | Zimmer Vincent J | System and method to secure boot uefi firmware and uefi-aware operating systems on a mobile internet device (mid) |
US7853780B2 (en) * | 2008-07-31 | 2010-12-14 | Oracle America, Inc. | Core initialization code validation |
US10459711B2 (en) * | 2008-08-12 | 2019-10-29 | Adobe Inc. | Updating applications using migration signatures |
US8103909B2 (en) * | 2008-09-15 | 2012-01-24 | Juniper Networks, Inc. | Automatic hardware-based recovery of a compromised computer |
ES2773042T3 (es) | 2009-05-04 | 2020-07-09 | Nokia Solutions & Networks Oy | Mecanismo para actualizar software |
KR101064234B1 (ko) | 2009-05-22 | 2011-09-14 | 이영락 | S/w 보안을 위한 보안키 생성방법 및 이를 적용한 단말장치 |
US8464249B1 (en) | 2009-09-17 | 2013-06-11 | Adobe Systems Incorporated | Software installation package with digital signatures |
CN102065156B (zh) * | 2009-11-11 | 2013-08-07 | 中兴通讯股份有限公司 | 一种用于断开手持终端下载通道的装置及方法 |
WO2011068392A2 (en) * | 2009-12-04 | 2011-06-09 | Lg Electronics Inc. | Digital broadcast receiver and booting method of digital broadcast receiver |
US8875285B2 (en) * | 2010-03-24 | 2014-10-28 | Microsoft Corporation | Executable code validation in a web browser |
US8566613B2 (en) | 2010-06-11 | 2013-10-22 | Intel Corporation | Multi-owner deployment of firmware images |
TWI525469B (zh) | 2010-07-29 | 2016-03-11 | 安斯沃斯遊戲科技有限公司 | 資料保護系統與方法 |
JP5696564B2 (ja) * | 2011-03-30 | 2015-04-08 | 富士通株式会社 | 情報処理装置および認証回避方法 |
JP5809362B2 (ja) * | 2011-08-30 | 2015-11-10 | ヒューレット−パッカード デベロップメント カンパニー エル.ピー.Hewlett‐Packard Development Company, L.P. | 仮想トラステッドランタイムbiosとの通信 |
US8904162B2 (en) * | 2012-08-01 | 2014-12-02 | Intel Corporation | Methods and apparatus for performing secure BIOS upgrade |
US9292463B2 (en) * | 2012-09-26 | 2016-03-22 | Intel Corporation | Communication of device presence between boot routine and operating system |
US9053317B2 (en) | 2013-02-28 | 2015-06-09 | Winbond Electronics Corporation | Nonvolatile memory device having authentication, and methods of operation and manufacture thereof |
CN104981814B (zh) * | 2013-03-15 | 2018-08-14 | 英特尔公司 | 安全协处理器引导性能 |
US9613214B2 (en) * | 2013-07-09 | 2017-04-04 | Micron Technology, Inc. | Self-measuring nonvolatile memory devices with remediation capabilities and associated systems and methods |
EP2854066B1 (en) * | 2013-08-21 | 2018-02-28 | Nxp B.V. | System and method for firmware integrity verification using multiple keys and OTP memory |
US9367689B2 (en) | 2013-11-13 | 2016-06-14 | Via Technologies, Inc. | Apparatus and method for securing BIOS in a trusted computing system |
US10055588B2 (en) | 2013-11-13 | 2018-08-21 | Via Technologies, Inc. | Event-based apparatus and method for securing BIOS in a trusted computing system during execution |
US9767288B2 (en) | 2013-11-13 | 2017-09-19 | Via Technologies, Inc. | JTAG-based secure BIOS mechanism in a trusted computing system |
US10095868B2 (en) | 2013-11-13 | 2018-10-09 | Via Technologies, Inc. | Event-based apparatus and method for securing bios in a trusted computing system during execution |
US9547767B2 (en) | 2013-11-13 | 2017-01-17 | Via Technologies, Inc. | Event-based apparatus and method for securing bios in a trusted computing system during execution |
US9779243B2 (en) | 2013-11-13 | 2017-10-03 | Via Technologies, Inc. | Fuse-enabled secure BIOS mechanism in a trusted computing system |
US9183394B2 (en) | 2013-11-13 | 2015-11-10 | Via Technologies, Inc. | Secure BIOS tamper protection mechanism |
US9779242B2 (en) | 2013-11-13 | 2017-10-03 | Via Technologies, Inc. | Programmable secure bios mechanism in a trusted computing system |
US9798880B2 (en) | 2013-11-13 | 2017-10-24 | Via Technologies, Inc. | Fuse-enabled secure bios mechanism with override feature |
US10049217B2 (en) | 2013-11-13 | 2018-08-14 | Via Technologies, Inc. | Event-based apparatus and method for securing bios in a trusted computing system during execution |
US9129113B2 (en) | 2013-11-13 | 2015-09-08 | Via Technologies, Inc. | Partition-based apparatus and method for securing bios in a trusted computing system during execution |
US9507942B2 (en) | 2013-11-13 | 2016-11-29 | Via Technologies, Inc. | Secure BIOS mechanism in a trusted computing system |
US9563773B2 (en) * | 2014-02-26 | 2017-02-07 | Dell Products L.P. | Systems and methods for securing BIOS variables |
AU2015201089B2 (en) | 2014-03-06 | 2020-02-27 | Ainsworth Game Technology Limited | Computer implemented frameworks and methodologies for enabling software authentication at an electronic gaming machine |
US9672361B2 (en) * | 2014-04-30 | 2017-06-06 | Ncr Corporation | Self-service terminal (SST) secure boot |
CN106663154B (zh) | 2014-07-22 | 2020-05-08 | 惠普发展公司,有限责任合伙企业 | 授权bios策略改变用于存储 |
US9674162B1 (en) | 2015-03-13 | 2017-06-06 | Amazon Technologies, Inc. | Updating encrypted cryptographic key pair |
US9893885B1 (en) | 2015-03-13 | 2018-02-13 | Amazon Technologies, Inc. | Updating cryptographic key pair |
EP3073405B1 (en) * | 2015-03-23 | 2019-02-06 | ABB Schweiz AG | Method and device providing secure vendor service access |
US10003467B1 (en) | 2015-03-30 | 2018-06-19 | Amazon Technologies, Inc. | Controlling digital certificate use |
US9479340B1 (en) | 2015-03-30 | 2016-10-25 | Amazon Technologies, Inc. | Controlling use of encryption keys |
US10367803B2 (en) * | 2015-04-12 | 2019-07-30 | Gropper Adrian | Managed open source medical devices |
JP6578814B2 (ja) * | 2015-08-20 | 2019-09-25 | 株式会社ソシオネクスト | プロセッサ及びプロセッサシステム |
US20190052602A1 (en) * | 2017-08-14 | 2019-02-14 | Onapsis, lnc. | Generating rules to detect security vulnerabilities based on vulnerability primitives with entry point finder |
WO2019240759A1 (en) * | 2018-06-11 | 2019-12-19 | Hewlett-Packard Development Company, L.P. | Overriding sub-system identifiers with protected variable values |
EP3759591B1 (en) | 2018-08-03 | 2023-09-27 | Hewlett-Packard Development Company, L.P. | Bios personalities |
US11657138B2 (en) | 2019-02-28 | 2023-05-23 | Hewlett-Packard Development Company, L.P. | Signed change requests to remotely configure settings |
US10936300B1 (en) * | 2019-06-06 | 2021-03-02 | Amazon Technologies, Inc. | Live system updates |
Family Cites Families (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5144659A (en) * | 1989-04-19 | 1992-09-01 | Richard P. Jones | Computer file protection system |
US5022077A (en) * | 1989-08-25 | 1991-06-04 | International Business Machines Corp. | Apparatus and method for preventing unauthorized access to BIOS in a personal computer system |
US5421006A (en) * | 1992-05-07 | 1995-05-30 | Compaq Computer Corp. | Method and apparatus for assessing integrity of computer system software |
US5359659A (en) * | 1992-06-19 | 1994-10-25 | Doren Rosenthal | Method for securing software against corruption by computer viruses |
US5465299A (en) * | 1992-12-03 | 1995-11-07 | Hitachi, Ltd. | Electronic document processing system and method of forming digital signature |
FR2703800B1 (fr) * | 1993-04-06 | 1995-05-24 | Bull Cp8 | Procédé de signature d'un fichier informatique, et dispositif pour la mise en Óoeuvre. |
US5522076A (en) * | 1993-05-13 | 1996-05-28 | Kabushiki Kaisha Toshiba | Computer system having BIOS (basic input/output system)-ROM (Read Only Memory) writing function |
US5444850A (en) * | 1993-08-04 | 1995-08-22 | Trend Micro Devices Incorporated | Method and apparatus for controlling network and workstation access prior to workstation boot |
US5386469A (en) * | 1993-08-05 | 1995-01-31 | Zilog, Inc. | Firmware encryption for microprocessor/microcomputer |
US5450489A (en) * | 1993-10-29 | 1995-09-12 | Time Warner Entertainment Co., L.P. | System and method for authenticating software carriers |
US5377264A (en) * | 1993-12-09 | 1994-12-27 | Pitney Bowes Inc. | Memory access protection circuit with encryption key |
US5584023A (en) * | 1993-12-27 | 1996-12-10 | Hsu; Mike S. C. | Computer system including a transparent and secure file transform mechanism |
US5666411A (en) * | 1994-01-13 | 1997-09-09 | Mccarty; Johnnie C. | System for computer software protection |
US5473692A (en) * | 1994-09-07 | 1995-12-05 | Intel Corporation | Roving software license for a hardware agent |
DE69534757T2 (de) * | 1994-09-15 | 2006-08-31 | International Business Machines Corp. | System und Verfahren zur sicheren Speicherung und Verteilung von Daten unter Verwendung digitaler Unterschriften |
US5644636A (en) * | 1994-12-30 | 1997-07-01 | Xtec, Incorporated | Method and apparatus for securing data stored in semiconductor memory cells |
FR2728980B1 (fr) * | 1994-12-30 | 1997-01-31 | Thomson Csf | Dispositif de securisation de systemes d'information organises autour de microprocesseurs |
-
1996
- 1996-09-30 US US08/724,176 patent/US5844986A/en not_active Expired - Lifetime
-
1997
- 1997-07-30 WO PCT/US1997/013520 patent/WO1998015082A1/en active IP Right Grant
- 1997-07-30 AU AU41461/97A patent/AU4146197A/en not_active Abandoned
- 1997-07-30 BR BR9711567A patent/BR9711567A/pt not_active Application Discontinuation
- 1997-07-30 EP EP97939354A patent/EP0932953B1/en not_active Expired - Lifetime
- 1997-07-30 CN CNB971983356A patent/CN1154282C/zh not_active Expired - Lifetime
- 1997-08-20 TW TW086111914A patent/TW348240B/zh not_active IP Right Cessation
-
1999
- 1999-03-29 KR KR1019997002697A patent/KR100299954B1/ko not_active IP Right Cessation
-
2000
- 2000-02-03 HK HK00100678A patent/HK1021676A1/xx not_active IP Right Cessation
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1322384C (zh) * | 2000-09-29 | 2007-06-20 | 英特尔公司 | 检验电子设备中储存信息完整性的系统和方法 |
US7346931B2 (en) | 2002-08-02 | 2008-03-18 | Robert Bosch Gmbh | Accepting a set of data in a computer unit |
CN1680920B (zh) * | 2004-04-07 | 2011-06-15 | 纬创资通股份有限公司 | 远端更新数据处理系统中基本输入输出系统的方法及其装置 |
CN101639877B (zh) * | 2008-07-30 | 2011-06-22 | 和硕联合科技股份有限公司 | 电子装置及其更新基本输入输出系统方法 |
CN104932107A (zh) * | 2011-03-22 | 2015-09-23 | 精工爱普生株式会社 | 图像中继光学系统 |
CN103679004A (zh) * | 2012-09-19 | 2014-03-26 | Nxp股份有限公司 | 用于安全地更新计算设备中的固件的方法及系统 |
CN105378663A (zh) * | 2013-07-31 | 2016-03-02 | 惠普发展公司,有限责任合伙企业 | 更新引导代码 |
CN105378663B (zh) * | 2013-07-31 | 2019-01-15 | 惠普发展公司,有限责任合伙企业 | 用于更新引导代码的系统和方法 |
CN103810443B (zh) * | 2013-11-13 | 2017-03-01 | 威盛电子股份有限公司 | 保护基本输入输出系统的设备与方法 |
CN103810443A (zh) * | 2013-11-13 | 2014-05-21 | 威盛电子股份有限公司 | 保护基本输入输出系统的设备与方法 |
CN104679685A (zh) * | 2013-11-29 | 2015-06-03 | 英业达科技有限公司 | 基板管理控制器存取方法 |
CN104679685B (zh) * | 2013-11-29 | 2017-10-31 | 英业达科技有限公司 | 基板管理控制器存取方法 |
CN108292345A (zh) * | 2016-01-27 | 2018-07-17 | 惠普发展公司,有限责任合伙企业 | 操作验证 |
CN108256355A (zh) * | 2018-02-28 | 2018-07-06 | 郑州云海信息技术有限公司 | 一种带外刷新bios时验证bios完整性的方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
EP0932953B1 (en) | 2004-10-13 |
EP0932953A1 (en) | 1999-08-04 |
HK1021676A1 (en) | 2000-06-23 |
KR20000048724A (ko) | 2000-07-25 |
BR9711567A (pt) | 1999-08-24 |
KR100299954B1 (ko) | 2001-09-29 |
WO1998015082A1 (en) | 1998-04-09 |
EP0932953A4 (en) | 2001-01-31 |
CN1154282C (zh) | 2004-06-16 |
US5844986A (en) | 1998-12-01 |
AU4146197A (en) | 1998-04-24 |
TW348240B (en) | 1998-12-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1154282C (zh) | 安全bios | |
CN1182678C (zh) | 安全引导 | |
US6223284B1 (en) | Method and apparatus for remote ROM flashing and security management for a computer system | |
US20020099950A1 (en) | Method of maintaining integrity of an instruction or data set | |
US7774619B2 (en) | Secure code execution using external memory | |
KR100648533B1 (ko) | 시스템 바이오스를 플래쉬하는 바이러스 감염방지 및 하드웨어 독립 방법 | |
US6411941B1 (en) | Method of restricting software operation within a license limitation | |
Tygar et al. | Dyad: A system for using physically secure coprocessors | |
JP4288209B2 (ja) | システム・オン・チップのためのセキュリティ・アーキテクチャ | |
US20040255119A1 (en) | Memory device and passcode generator | |
CN101295338A (zh) | 利用管理程序控制对租赁计算机的访问的系统和方法 | |
JPH10313309A (ja) | 国際暗号法フレームワークでアプリケーションが一定のサービスクラスを合法的に実行することを認証する装置 | |
WO1998009209B1 (en) | Systems and methods for secure transaction management and electronic rights protection | |
KR20000022308A (ko) | 플래시 메모리를 보호하는 방법 및 장치 | |
JP2008090864A (ja) | セキュアリモートアクセスシステム | |
JP7113115B2 (ja) | シリコンデバイスファームウェア上のロールバック攻撃を防止するセキュリティシステム、および、方法 | |
EP1495393A2 (en) | Protection against memory attacks following reset | |
NO335189B1 (no) | Sikkert databehandlingssystem | |
CN107832589B (zh) | 软件版权保护方法及其系统 | |
US20030208696A1 (en) | Method for secure storage and verification of the administrator, power-on password and configuration information | |
CN101785239B (zh) | 基于密钥的隐藏分区系统 | |
CN111160879A (zh) | 一种硬件钱包及其安全性提升方法和装置 | |
NL9101594A (nl) | Computer-systeem met beveiliging. | |
CN1243312C (zh) | 嵌入式安全模块 | |
CN111695164B (zh) | 电子设备及其控制方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CX01 | Expiry of patent term | ||
CX01 | Expiry of patent term |
Granted publication date: 20040616 |