Electrical computers and digital processing systems: support – Digital data processing system initialization or configuration – Loading initialization program
Reexamination Certificate
1998-12-31
2001-07-17
Heckler, Thomas M. (Department: 2182)
Electrical computers and digital processing systems: support
Digital data processing system initialization or configuration
Loading initialization program
C713S152000
Reexamination Certificate
active
06263431
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to the field of operating systems; more particularly, the present invention relates to a method and apparatus for operating system bootstrap security.
2. Description of Related Art
Computers systems are used for numerous purposes. Some of these purposes include the storage and retrieval of confidential information. Others, such as internet commerce, involve monetary transactions. Some mission critical applications must be consistently and accurately operating on a continuous basis.
Computer systems often include hardware and software security mechanisms to prevent unauthorized access to programs and information. For example, passwords may be used to limit access. However, computer systems are often susceptible to malicious programs that circumvent the security mechanisms to perform malicious acts such as corrupting programs and information or allowing unauthorized access to confidential information. In the past, these viruses typically gained initial access to a computer system via a corrupted program stored on a diskette. Now, the viruses are often embedded in programs or data downloaded through the internet.
As more business is transacted by computers connected to the internet, the potential losses due to an insecure computer system become larger. Thus, it is desirable to provide a more secure computer system.
One type of virus that gains access to computer systems is a boot virus. Typically, a boot virus will modify or replace certain startup modules (boot components), such as the master boot record, to gain control as the system firmware attempts to invoke an operating system. What is needed is a method and apparatus to prevent unauthorized modification or replacement of startup modules.
The startup modules may also be corrupted due to computer system malfunctions. Such corruption may cause the operating system to boot up incorrectly. This may cause programs and information to be corrupted or may leave the computer system in an insecure state. What is needed is a method and apparatus to prevent the booting of an operating system using corrupted startup modules.
SUMMARY OF THE INVENTION
A method and apparatus for booting an operating system having at least one boot component comprising the steps of accessing an ordered list identifying the at least one boot component; accessing each of the at least one boot component using the ordered list; computing a first hash value from the at least one boot component; accessing a second hash value, the second hash value being secure; comparing the first hash value to the second hash value; and booting the operating system if the first hash value matches the second hash value.
REFERENCES:
patent: 5638446 (1997-06-01), Rubin
patent: 5903651 (1999-05-01), Kocher
patent: 5919257 (1999-07-01), Trostle
Lovelace John V.
Nevis Bryon S.
Heckler Thomas M.
Intle Corporation
Seeley Mark
LandOfFree
Operating system bootstrap security mechanism does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Operating system bootstrap security mechanism, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Operating system bootstrap security mechanism will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2564954