Electrical computers and digital processing systems: support – Data processing protection using cryptography – Upgrade/install encryption
Reexamination Certificate
1998-12-31
2003-03-25
Hayes, Gail (Department: 2131)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
Upgrade/install encryption
C713S189000, C380S279000
Reexamination Certificate
active
06539480
ABSTRACT:
TECHNICAL FIELD
This invention relates generally to the field of secure computing environments and, more particularly, to a method and apparatus for securely transferring trust from a current trusted authority to a new trusted authority in a computing system.
BACKGROUND INFORMATION
There are many challenges to creating a highly secure computing environment such as preventing eavesdroppers from accessing private communications, preventing vandals from tampering with information while in transit from sender to receiver, authenticating users logging into a network, verifying a network server is indeed the server it professes to be and safeguarding confidential documents from unauthorized individuals.
One of the more difficult challenges is preventing unauthorized individuals from changing the basic configuration of a computer such as changing the software that is used to start the computer. In order to prevent changes to such software, known as the boot image, conventional systems rely on passwords and other security measures to prevent unauthorized physical access. These measures, however, do not protect network computers that load the startup software over a network. For example, these measures do not protect network computers from downloading startup software that has been damaged or tampered with. In addition, these measures require activation by an administrator and, therefore, do not prevent unauthorized alterations to the computer during transit from the manufacturer to the customer. Thus, manufacturers are unable to “guarantee” that the delivered computer has not been tampered with.
For the reasons stated above, and for other reasons stated below which will become apparent to those skilled in the art upon reading and understanding the present specification, there is a need in the art for a security module that protects a computer against unauthorized changes to configuration data. There is also a need for a security module that prevents any such changes immediately after manufacturing. There is also a need for such a mechanism that securely transfers authority from the manufacturer to the customer.
SUMMARY OF THE INVENTION
As explained in detail below, the present invention provides a security module for verifying whether a request to reconfigure a computing system was indeed issued by a trusted authority. As such, the present invention facilitates the secure transfer of trust from one trusted authority to another, such as from a manufacturer to a customer.
According to one aspect, the invention is a computing system having a persistent store for holding information indicative of a current trusted authority. A security module executing on the computing system determines whether to grant a request to modify configuration data within the computing system as a function of the information within the persistent store. In another embodiment the invention is a method for manufacturing a computer system having such a security module.
According to another aspect, the invention is a method for securely transferring trust in a computer system from a first trusted authority to a second trusted authority. Information indicative of a first trusted authority is stored in a persistent store of a computer. When a request to overwrite the information with information indicative of a second trusted authority is received, the invention determines whether the first trusted authority issued the request. The information within the persistent store is overwritten with the information indicative of the second trusted authority when the first trusted authority issued the request.
According to yet another aspect, the invention is a method for configuring a computing system. A request to reconfigure the computing system is validated as a function of trusted authority information maintained by the persistent store within the computer. The computing system is configured with the new data when the request is validated. These and other features and advantages of the invention will become apparent from the following description of the preferred embodiments of the invention.
REFERENCES:
patent: 5717759 (1998-02-01), Micali
patent: 5844986 (1998-12-01), Davis
patent: 6058478 (2000-05-01), Davis
Schneier, Bruce. Applied Cryptography: Protocols, Algorithms, and Source Code in C. Oct. 1995. p. 38.
Hayes Gail
Intel Corporation
Schwegman Lundberg Woessner & Kluth P.A.
Song Ho S.
LandOfFree
Secure transfer of trust in a computing system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure transfer of trust in a computing system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure transfer of trust in a computing system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3023443