Information security – Prevention of unauthorized use of data including prevention... – Access control
Reexamination Certificate
2003-09-04
2008-12-16
Nalven, Andrew L (Department: 2134)
Information security
Prevention of unauthorized use of data including prevention...
Access control
C726S021000, C713S187000
Reexamination Certificate
active
07467417
ABSTRACT:
Techniques are described for generating and actively verifying a boot code associated with a peripheral device of a computer system to prevent potential security threats the boot code may introduce into the computer system. The techniques for generating boot code entail generating the boot code from a high-level programming language using a verification application program interface (API). The API aids in generating a certificate, which is associated with the boot ode in that the certificate describes operation of the boot code. After generating the boot code and associated certificate, the two are loaded onto a memory module of the peripheral device. Once the peripheral device ie connected to the computer system, the computer system may retrieve the boot code and certificate. The computer system utilizes techniques to actively verify the boot code by performing a security check on the boot code in accordance with the associated certificate. Finally, the computer system executes the boot code based on a result of the security check.
REFERENCES:
patent: 6185678 (2001-02-01), Arbaugh et al.
patent: 6263378 (2001-07-01), Rudoff et al.
patent: 6263431 (2001-07-01), Lovelace et al.
patent: 6463535 (2002-10-01), Drews
patent: 6757824 (2004-06-01), England
patent: 2004/0177258 (2004-09-01), Ong
R. Stata et al., “A Type System for Java Bytecode Subroutines,” Proceedings 25thSymposium Principles of Programming Languages, 149-160, ACM SIGPLAN/SIGACT, Jan. 1998.
Drew Dean et al., “Java Security: From HotJava to Netscape and Beyond,” Proceedings Symposium Security and Privacy, IEEE, May 1996.
William A. Arbaugh et al., “A Secure and Reliable Bootstrap Architecture,” Proceedings 1997 IEEE Symposium on Security and Privacy, pp. 65-71, May 1997.
“IEEE Standard for Boot (Initialization Configuration) Firmware: Core Requirements and Practices,” IEEE Standard, 266 pgs, 1994.
N. Glew et al., “Type-Safe Linking and Modular Assembly Language,” Proceedings 26thSymposium Principles of Programming Languages, pp. 250-261. ACM SIGPLAN-SIGACT, Jan. 1999.
Robert Harper et al., “A Framework for Defining Logics,” Journal of the Association for Computing Machinery, 40(1):143-184, Jan. 1993.
Dexter Kozen. “Efficient Code Certification,” Technical Report 98-1661, Computer Science Department, Cornell University, pp. 1-17, Jan. 1998.
G. Morrisett et al., “TALx86: A Realistic Typed Assembly Language,” Proceedings Workshop on Compiler Support for System Software, pp. 25-28. ACM SIGPLAN, May 1999.
G. Morrisett et al., “Stack-Based Typed Assembly Language,” In Xavier Leroy and Atsushi Ohori, editors, Proceedings Workshop on Types in Compilation, vol. 1473 of Lecture Notes in Computer Science, Springer-Verlag, 23 pgs., Mar. 1998.
G. Morrisett et al., “The TIL/ML Compiler: Performance and Safety Through Types,” 1996 Workshop on Compiler Support for Systems Software, 7 pgs., 1996.
G Morrisett et al., “From System F to Typed Assembly Language,” 25thACM SIGPLAN/SIGSIGACT Symposium on Principles of Programming Languages, pp. 85-97, San Diego California, USA, Jan. 1998.
George C. Necula, “Proof-Carrying Code,” Proceedings 24thSymposium Principles of Programming Languages, ACM SIGPLAN/SIGACT, pp. 106-119, Jan. 1997.
George C. Necula, Compiling With Proofs, PhD Thesis, Carnegie Mellon University, 260 pgs., Sep. 1998.
George C. Necula et al., “Safe Kernel Extensions Without Run-Time Checking,” Proceedings 2ndSymposium Operating System Design and Implementation, ACM, Oct. 1996.
George C. Necula et al., “The Design and Implementation of a Certifying Compiler,” Proceedings Conference Programming Language Design and Implementation, pp. 333-344, ACM SIGPLAN, ACM SIGPLAN notices, 0362-1340; v. 33, No. 5, 1998.
George C. Necula et al., “Safe, Untrusted Agents Using Proof-Carrying Code,” Giovanni Vigna, editor, Special Issue on Mobile Agent Security, vol. 1419 of Lecture Notes in Computer Science, pp. 61-91, Springer-Verlag, Jun. 1998.
Robert O'Callahan, “A Simple, Comprehensive Type System for Java Bytecode Subroutines,” Proceedings 26thSymposium Principles of Programming Languages, pp. 70-78. ACM SIGPLAN/SIGACT, Jan. 1999.
Fred B. Schneider, editor, “Trust In Cyberspace,” Committee on Information systems Trustworthiness, Computer Science and Telecommunications Board, National Research Council, National Academy Press, 254 pgs., 1998, www.antioffline.com/trust.in.cspace.html, printed Oct. 2004.
D. Tarditi et al., “TIL: A Type-Directed Optimizing Compiler for ML,” Conference Programming Language Design and Implementation, ACM SIGPLAN, pp. 181-192, 1996.
R. Wahbe et al., “Efficient Software-Based Fault Isolation,” Proceedings 14thSymposium Operating System Principles, vol. 27, No. 5, pp. 203-216, ACM, Dec. 1993.
D. Kozen, “Language-Based Security,” Cornell University, Ithaca, NY.
F. Adelstein et al., “Malicious Code Detection for Open Firmware,” 18thAnnual Computer Security Application Conference, San Diego, CA, Dec. 2002.
Kozen Dexter
Merritt Thomas J
Stillerman Matthew A
Architecture Technology Corporation
Nalven Andrew L
Shumaker & Sieffert P.A.
LandOfFree
Active verification of boot firmware does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Active verification of boot firmware, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Active verification of boot firmware will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4036384