Electrical computers and digital processing systems: support – Data processing protection using cryptography – By stored data protection
Reexamination Certificate
1998-07-17
2002-06-04
Decady, Albert (Department: 2767)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
By stored data protection
C713S189000, C713S188000, C713S187000, C713S191000
Reexamination Certificate
active
06401208
ABSTRACT:
BACKGROUND
1. Field
The present invention relates to the field of data security. More particularly, this invention relates to a system and method for authenticating software code before execution by the host processor.
2. General Background
Over the last few years, computers have become products highly valued by consumers. The reason is that computers are highly versatile and enjoy a wide range of applications. Of major concern, however, is that computers, especially mobile computers such as laptops or hand-helds, are vulnerable to theft due to their commercial value and their exposure to insecure environments such as cars, hotel rooms and airport lobbies.
Currently, there exist a number of security mechanisms that are marginally effective. However, these mechanisms are still vulnerable to component or device replacement since no protected environment for execution of code and for manipulation of data is provided. For example, one type of conventional security mechanism involves the use of password software, which is normally executed after a host processor of the computer has been powered-up and has already fetched macro-instructions from Basic Input/Output System (BIOS) code residing in a Read Only Memory (ROM) device. The ROM device is physically separate from the host processor.
More specifically, during a normal power-on reset, a host processor of a conventional computer automatically jumps to a predetermined hardwired address. This address is a predetermined reset vector which is mapped to a ROM device containing the BIOS code. As a result, the host processor performs instruction fetches of BIOS code which usually prompts the computer to perform the following operations: (i) initialize its electronic hardware; (ii) initialize its peripheral devices; and (iii) boot its Operating System.
Unfortunately, the password-based security mechanism and other current security mechanisms can be easily circumvented. One way would be to replace the ROM device containing BIOS code with another memory device having a new, different BIOS code.
Additionally, due to the growing usage of networking solutions such as the Internet, computers are becoming more susceptible to invasive software virus attacks. Software viruses may be obtained during transactions over the Internet such as, for example, downloading data from either a website or an electronic bulletin board. For example, the software virus may include a program, infiltrating the BIOS code and executing in the background, that sends contents of hard disk drive over the Internet. Likewise, some of the software viruses are intended to damage the BIOS code which renders the computer inoperable.
These above-described scenarios further demonstrate the necessity in providing a protected environment for execution of code and for manipulation of data within a computer.
SUMMARY OF THE INVENTION
The present invention relates to processor in communication with a cryptographic device. The cryptographic device authenticates software code, loaded into the cryptographic device during a boot procedure, before permitting the host processor to execute the software code.
REFERENCES:
patent: 5022077 (1991-06-01), Bealkowski et al.
patent: 5276853 (1994-01-01), Yamaguchi et al.
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5444850 (1995-08-01), Chang
patent: 5473692 (1995-12-01), Davis
patent: 5539828 (1996-07-01), Davis
patent: 5568552 (1996-10-01), Davis
patent: 5796840 (1998-08-01), Davis
patent: 5805712 (1998-09-01), Davis
patent: 5828753 (1998-10-01), Davis
patent: 5835594 (1998-11-01), Albrecht et al.
patent: 5844986 (1998-12-01), Davis
patent: 5919257 (1999-07-01), Trostle
patent: 6009524 (1999-12-01), Olarig et al.
patent: 6061794 (2000-05-01), Angelo et al.
patent: WO 98/15082 (1998-04-01), None
Lynch, “CSC 277—Operating Systems,” Jul. 2000, http://www.qvctc.commnet.edu/classes/csc277/bios.hml [internet].*
“Windows 2000 Professional Intel-based boot process,” http://www.gateway.com/sup..roduct/software/win2000/750433034.shtml [internet]Jul. 2000.
Davis Derek L.
Mehta Pranav
Blakely , Sokoloff, Taylor & Zafman LLP
De'cady Albert
Intel Corporation
Kabakoff Steve
LandOfFree
Method for BIOS authentication prior to BIOS execution does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for BIOS authentication prior to BIOS execution, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for BIOS authentication prior to BIOS execution will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2932886