Data processing: measuring – calibrating – or testing – Measurement system – Performance or efficiency evaluation
Reexamination Certificate
2002-05-03
2004-08-24
Assouad, Patrick (Department: 2857)
Data processing: measuring, calibrating, or testing
Measurement system
Performance or efficiency evaluation
C713S187000, C713S191000, C713S193000
Reexamination Certificate
active
06782349
ABSTRACT:
FIELD OF INVENTION
The present invention relates generally to the field of computer security and particularly a method and system for securely updating a root of trust measurement.
BACKGROUND OF THE INVENTION
Personal computer systems in general have attained widespread use for providing computer power to many segments of today's modern society. Personal computer systems can usually be defined as a desktop, floor standing, or portable microcomputer that comprises a system unit having a single system processor and associated volatile and non-volatile memory.
FIG. 1
is an example of a conventional personal computer system
10
. The personal computer system
10
typically includes an associated display monitor
11
, a keyboard
12
, one or more diskette drives
13
and an associated printer
14
.
With the phenomenal growth and use of personal computers in the world in recent years, more and more data or information is being collected and retained or stored in such systems. Oftentimes data is sensitive in nature. As more users recognize the sensitive nature of data and its value, the more it becomes desirable to protect against such misuse. In light of this, the level, or “amount”, of security upon which a great deal of the information depended, needed to be increased. At the same time, security parameters for PC's needed to be easy to deploy, use and manage.
One of these parameters relates to the Root of Trust Measurement (RTM) function. The RTM function describes the code function that makes the first measurement of the BIOS code. Typically, it is the first module that is executed by the Basic-Input-Output System (BIOS). This is also what is referred to as the boot block. Originally, many computer security guidelines stipulated that the RTM function could not be changed under any circumstances due to the sensitive nature of the function. However, because the boot block performs other functions, such as recovery of the system in the case of a BIOS corruption issue, the RTM function may need to be updated. Recognizing this, the RTM function is now allowed to be updated, but only in a manner that ensures that the update is authentic.
Accordingly, what is needed is a method and system for securely updating the root of trust measurement function. The method and system should be simple, cost effective and capable of being easily adapted to current technology. The present invention addresses such a need.
SUMMARY OF INVENTION
A method and system for updating a root of trust measurement (RTM) function in a personal computer is disclosed. The RTM function is located in a boot block of the personal computer. The method and system comprise initializing a request to update the RTM function and unlocking the boot block based on an authentication process. The method and system further includes updating the RTM function.
Through the use of the method and system in accordance with the present invention, the RTM function in a personal computer is updated in a manner that ensures that the update is authentic.
REFERENCES:
patent: 5231666 (1993-07-01), Matyas
patent: 5432939 (1995-07-01), Blackledge, Jr. et al.
patent: 5544322 (1996-08-01), Cheng et al.
patent: 5701492 (1997-12-01), Wadsworth et al.
patent: 5844986 (1998-12-01), Davis
patent: 5903732 (1999-05-01), Reed et al.
patent: 5925123 (1999-07-01), Tremblay et al.
patent: 5956715 (1999-09-01), Glasser et al.
patent: 5964873 (1999-10-01), Choi
patent: 6018806 (2000-01-01), Cortopassi et al.
patent: 6061684 (2000-05-01), Glasser et al.
patent: 6148387 (2000-11-01), Galasso et al.
patent: 6185678 (2001-02-01), Arbaugh et al.
patent: 6266809 (2001-07-01), Craig et al.
patent: 6292569 (2001-09-01), Shear et al.
patent: 6308173 (2001-10-01), Glasser et al.
patent: 6560706 (2003-05-01), Carbajal et al.
patent: 6625730 (2003-09-01), Angelo et al.
patent: 2002/0004905 (2002-01-01), Davis et al.
patent: 2002/0174353 (2002-11-01), Lee
patent: 2003/0028766 (2003-02-01), Gass et al.
patent: 2003/0037246 (2003-02-01), Goodman et al.
patent: 2003/0056107 (2003-03-01), Cammack et al.
patent: 2003/0074548 (2003-04-01), Cromer et al.
patent: 2003/0084278 (2003-05-01), Cromer et al.
patent: 2003/0084307 (2003-05-01), Schwartz
patent: 2003/0084342 (2003-05-01), Girard
patent: 2003/0097581 (2003-05-01), Zimmer
patent: 2003/0135727 (2003-07-01), Challener et al.
patent: 2003/0140238 (2003-07-01), Turkboylari
patent: 2003/0182561 (2003-09-01), Challener et al.
patent: 2003/0188179 (2003-10-01), Challener et al.
patent: 2003/0196085 (2003-10-01), Lampson et al.
patent: 2003/0196110 (2003-10-01), Lampson et al.
patent: 5216639 (1993-08-01), None
patent: WO019317 (2000-04-01), None
“TCQ PC Specific Implementation Specification” from Internet web site: www.trustedcomputing.org dated Sep. 9, 2001.*
R. Bealkowski, D. S. Cronk and M. R. Turner, “Recovery Method for Damaged Firmware,”IBM Technical Disclosure Bulletin, p. 551, vol. 38, No. 07, Jul. 1995,.
C. R. Kir and S. T. Ross, “Fully Reprogrammable Fault-Tolerant Flash Memory System,”IBM Technical Disclosure Bulletin, pp. 83-86, vol. 38, No. 08, Aug. 1995.
HC Lin, SJ Palte, M Esfandiary, S Dunham, “%INC% Data Processing System and Method Supporting Reliable Updates to Boot Code”,IBM Dosier RPS9-1999-0061.
Challener David Carroll
Gettelfinger Chad Lee
Goodman Steven Dale
Ovies Hernando
Springfield Randall Scott
Assouad Patrick
Sawyer Law Group LLP
LandOfFree
Method and system for updating a root of trust measurement... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for updating a root of trust measurement..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for updating a root of trust measurement... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3334460