Electrical computers and digital processing systems: support – Data processing protection using cryptography – By stored data protection
Reexamination Certificate
1998-09-18
2001-12-04
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
By stored data protection
C713S156000, C713S158000, C380S044000, C380S277000
Reexamination Certificate
active
06327660
ABSTRACT:
BACKGROUND
1. Field
The present invention relates to the field of data security. More particularly, this invention relates to a system and method for securing a communication channel during a pre-boot operational state.
2. General Background
Computers have become an important product for both commercial and personal use, in part due to their versatility. Over the last few years, computers are being used as a vehicle to transfer information over private networks as well as publicly accessible networks such as, for example, the Internet. In many situations, it may be desirable to “secure” communications between computers.
Currently, after booting the operating system (OS), a computer exists in a “post-boot” operational state. In its post-boot operational state, the computer is able to establish one or more secure communication channels with another computer. A communication channel is considered to be “secure” when (i) the modification of data transmitted through the communication channel can be detected, and (ii) the source of the transmitted data can be authenticated, and/or the confidentiality of the transmitted data is protected. Cryptographic techniques such as digital certificates, digital signatures, and the encryption/decryption of data are used to secure a communication channel.
While these cryptographic techniques can protect the integrity and authenticity of data being communicated in its post-boot operational state, it appears that these have not been successful attempts to secure communications in a “pre-boot” operational state (e.g., before booting of the OS) due to the complexity of the secure communication protocols and the constraints in the flash memory in the pre-boot operational state. Providing a secure communication channel during the pre-boot operational state, when there is limited support from the OS or system resources, will become increasingly important in those situations where data effecting the functionality of the computer (e.g., the OS image, diagnostic software, etc.) is downloaded or when the results of certain computations in the pre-boot operational state are communicated to a management system.
SUMMARY OF THE INVENTION
In brief, one embodiment of the present invention relates to a method comprising the act of providing a communication link between a first electronic system and a second electronic system. Prior to booting of an operating system of the first electronic system, the communication link is secured to protect the integrity of data transferred over the communication link.
REFERENCES:
patent: 4278837 (1981-07-01), Best
patent: 5022077 (1991-06-01), Bewlkowski et al.
patent: 5144659 (1992-09-01), Jones
patent: 5289540 (1994-02-01), Jones
patent: 5359659 (1994-10-01), Rosenthal
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5444850 (1995-08-01), Chang
patent: 5448045 (1995-09-01), Clark
patent: 5450489 (1995-09-01), Ostrover et al.
patent: 5465299 (1995-11-01), Matsumoto et al.
patent: 5479509 (1995-12-01), Ugon
patent: 5500897 (1996-03-01), Hartman, Jr.
patent: 5666411 (1997-09-01), McCarty
patent: 5699428 (1997-12-01), McDonnal et al.
patent: 5835594 (1998-11-01), Albrecht et al.
Blakely , Sokoloff, Taylor & Zafman LLP
Intel Corporation
Peeso Thomas R.
LandOfFree
Method for securing communications in a pre-boot environment does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for securing communications in a pre-boot environment, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for securing communications in a pre-boot environment will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2602611