ATE453162T1 - Verwendung eines hash beim starten eines sicheren betriebssystems - Google Patents

Verwendung eines hash beim starten eines sicheren betriebssystems

Info

Publication number
ATE453162T1
ATE453162T1 AT03012544T AT03012544T ATE453162T1 AT E453162 T1 ATE453162 T1 AT E453162T1 AT 03012544 T AT03012544 T AT 03012544T AT 03012544 T AT03012544 T AT 03012544T AT E453162 T1 ATE453162 T1 AT E453162T1
Authority
AT
Austria
Prior art keywords
code
preloader
hash
rom
expected
Prior art date
Application number
AT03012544T
Other languages
German (de)
English (en)
Inventor
Dinarte Morais
Jon Lange
Dan Simon
Ling Tony Chen
Josh D Benaloh
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Application granted granted Critical
Publication of ATE453162T1 publication Critical patent/ATE453162T1/de

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/22Microcontrol or microprogram arrangements
    • G06F9/24Loading of the microprogram
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
  • Orthopedics, Nursing, And Contraception (AREA)
  • Diaphragms And Bellows (AREA)
  • Footwear And Its Accessory, Manufacturing Method And Apparatuses (AREA)
  • Exchange Systems With Centralized Control (AREA)
  • Hardware Redundancy (AREA)
  • Emergency Protection Circuit Devices (AREA)
AT03012544T 2002-06-07 2003-06-02 Verwendung eines hash beim starten eines sicheren betriebssystems ATE453162T1 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/165,519 US6907522B2 (en) 2002-06-07 2002-06-07 Use of hashing in a secure boot loader

Publications (1)

Publication Number Publication Date
ATE453162T1 true ATE453162T1 (de) 2010-01-15

Family

ID=29549377

Family Applications (1)

Application Number Title Priority Date Filing Date
AT03012544T ATE453162T1 (de) 2002-06-07 2003-06-02 Verwendung eines hash beim starten eines sicheren betriebssystems

Country Status (9)

Country Link
US (2) US6907522B2 (enExample)
EP (1) EP1369764B1 (enExample)
JP (1) JP4052978B2 (enExample)
KR (1) KR100965717B1 (enExample)
CN (1) CN100492277C (enExample)
AT (1) ATE453162T1 (enExample)
AU (1) AU2003204376B2 (enExample)
DE (1) DE60330627D1 (enExample)
TW (1) TWI292556B (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110262840A (zh) * 2019-06-17 2019-09-20 Oppo广东移动通信有限公司 设备启动监控方法及相关产品

Families Citing this family (92)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6675152B1 (en) * 2000-09-13 2004-01-06 Igt Transaction signature
US20020147918A1 (en) * 2001-04-05 2002-10-10 Osthoff Harro R. System and method for securing information in memory
US8708828B2 (en) 2001-09-28 2014-04-29 Igt Pluggable modular gaming modifiers and configuration templates for gaming environments
US7931533B2 (en) 2001-09-28 2011-04-26 Igt Game development architecture that decouples the game logic from the graphics logics
US6902481B2 (en) 2001-09-28 2005-06-07 Igt Decoupling of the graphical presentation of a game from the presentation logic
EP1338939A1 (en) * 2002-02-22 2003-08-27 Hewlett-Packard Company State validation device for a computer
US8140824B2 (en) * 2002-11-21 2012-03-20 International Business Machines Corporation Secure code authentication
US7194626B2 (en) * 2002-11-21 2007-03-20 International Business Machines Corporation Hardware-based secure code authentication
FR2849226B1 (fr) * 2002-12-20 2005-12-02 Oberthur Card Syst Sa Procede et dispositif de securisation de l'execution d'un programme informatique.
US8784195B1 (en) 2003-03-05 2014-07-22 Bally Gaming, Inc. Authentication system for gaming machines
EP1465038B1 (en) * 2003-04-03 2013-03-27 STMicroelectronics (Research & Development) Limited Memory security device for flexible software environment
US7171563B2 (en) * 2003-05-15 2007-01-30 International Business Machines Corporation Method and system for ensuring security of code in a system on a chip
US7725740B2 (en) * 2003-05-23 2010-05-25 Nagravision S.A. Generating a root key for decryption of a transmission key allowing secure communications
US7475254B2 (en) * 2003-06-19 2009-01-06 International Business Machines Corporation Method for authenticating software using protected master key
US7434231B2 (en) * 2003-06-27 2008-10-07 Intel Corporation Methods and apparatus to protect a protocol interface
FR2867929B1 (fr) * 2004-03-19 2007-03-02 Gemplus Card Int Procede d'authentification dynamique de programmes par un objet portable electronique
JP4544901B2 (ja) * 2004-04-19 2010-09-15 株式会社日立製作所 記憶制御システム及びブート制御システム
US20050262337A1 (en) * 2004-05-24 2005-11-24 Siemens Vdo Automotive Corporation Method and device for determining flash software compatibility with hardware
JP4447977B2 (ja) 2004-06-30 2010-04-07 富士通マイクロエレクトロニクス株式会社 セキュアプロセッサ、およびセキュアプロセッサ用プログラム。
US7694121B2 (en) * 2004-06-30 2010-04-06 Microsoft Corporation System and method for protected operating system boot using state validation
US7937593B2 (en) * 2004-08-06 2011-05-03 Broadcom Corporation Storage device content authentication
DE102004047191A1 (de) * 2004-09-29 2006-04-06 Robert Bosch Gmbh Manipulationsgeschütztes Mikroprozessorsystem und Betriebsverfahren dafür
WO2006054128A1 (en) 2004-11-22 2006-05-26 Nokia Corporation Method and device for verifying the integrity of platform software of an electronic device
KR100654446B1 (ko) * 2004-12-09 2006-12-06 삼성전자주식회사 보안 부팅 장치 및 방법
US7725703B2 (en) * 2005-01-07 2010-05-25 Microsoft Corporation Systems and methods for securely booting a computer with a trusted processing module
US8181020B2 (en) * 2005-02-02 2012-05-15 Insyde Software Corp. System and method for securely storing firmware
US7722468B2 (en) * 2005-03-09 2010-05-25 Igt Magnetoresistive memory units as read only memory devices in gaming machines
US7736234B2 (en) * 2005-03-09 2010-06-15 Igt MRAM as critical event storage for powered down gaming machines
US20060205513A1 (en) * 2005-03-09 2006-09-14 Igt MRAM as nonvolatile safe storage for power hit and ESD tolerance in gaming machines
US20060236122A1 (en) * 2005-04-15 2006-10-19 Microsoft Corporation Secure boot
US7536540B2 (en) 2005-09-14 2009-05-19 Sandisk Corporation Method of hardware driver integrity check of memory card controller firmware
WO2007033322A2 (en) * 2005-09-14 2007-03-22 Sandisk Corporation Hardware driver integrity check of memory card controller firmware
KR100675186B1 (ko) 2005-09-29 2007-01-30 엘지전자 주식회사 사용자식별모듈의 사용자식별정보 해시 기능을 가지는이동통신 단말기 및 그 부팅 방법
US7917762B2 (en) * 2005-09-30 2011-03-29 Phoenix Technologies Ltd. Secure execution environment by preventing execution of unauthorized boot loaders
US20070101156A1 (en) * 2005-10-31 2007-05-03 Manuel Novoa Methods and systems for associating an embedded security chip with a computer
BRPI0618897A2 (pt) 2005-11-29 2011-09-13 Thomson Licensing método e aparelho para proteger conteúdo digital
WO2007135672A2 (en) * 2006-05-24 2007-11-29 Safend Ltd. Method and system for defending security application in a user's computer
EP1868127A1 (en) * 2006-06-15 2007-12-19 Thomson Telecom Belgium Device comprising a public and a private area and a method for securely initializing the device
US8117429B2 (en) 2006-11-01 2012-02-14 Nokia Corporation System and method for a distributed and flexible configuration of a TCG TPM-based local verifier
US8239688B2 (en) 2007-01-07 2012-08-07 Apple Inc. Securely recovering a computing device
US8291480B2 (en) 2007-01-07 2012-10-16 Apple Inc. Trusting an unverified code image in a computing device
US8254568B2 (en) * 2007-01-07 2012-08-28 Apple Inc. Secure booting a computing device
US20080178257A1 (en) * 2007-01-20 2008-07-24 Takuya Mishina Method for integrity metrics management
US7617493B2 (en) * 2007-01-23 2009-11-10 International Business Machines Corporation Defining memory indifferent trace handles
KR101209252B1 (ko) * 2007-02-02 2012-12-06 삼성전자주식회사 전자기기의 부팅 방법 및 부팅 인증 방법
JP4903818B2 (ja) * 2007-02-09 2012-03-28 株式会社エヌ・ティ・ティ・ドコモ 端末装置及びソフトウエア検査方法
US20080222428A1 (en) * 2007-03-07 2008-09-11 Andrew Dellow Method for Securing Authenticity of Data in a Digital Processing System
KR101427646B1 (ko) * 2007-05-14 2014-09-23 삼성전자주식회사 펌웨어의 무결성 검사 방법 및 장치
US8433927B2 (en) * 2007-05-29 2013-04-30 International Business Machines Corporation Cryptographically-enabled privileged mode execution
US8332635B2 (en) * 2007-05-29 2012-12-11 International Business Machines Corporation Updateable secure kernel extensions
US8422674B2 (en) * 2007-05-29 2013-04-16 International Business Machines Corporation Application-specific secret generation
WO2009013825A1 (ja) * 2007-07-25 2009-01-29 Panasonic Corporation 情報処理装置、及び改竄検証方法
US8068614B2 (en) * 2007-09-28 2011-11-29 Intel Corporation Methods and apparatus for batch bound authentication
US8332636B2 (en) * 2007-10-02 2012-12-11 International Business Machines Corporation Secure policy differentiation by secure kernel design
US8166304B2 (en) * 2007-10-02 2012-04-24 International Business Machines Corporation Support for multiple security policies on a unified authentication architecture
US20090172420A1 (en) * 2007-12-31 2009-07-02 Kabushiki Kaisha Toshiba Tamper resistant method and apparatus for a storage device
KR101502032B1 (ko) * 2008-03-06 2015-03-12 삼성전자주식회사 보안 기능을 갖는 프로세서 장치
US20090247293A1 (en) * 2008-03-26 2009-10-01 Aristocrat Technologies Australia Pty Limited Gaming machine
US8150039B2 (en) 2008-04-15 2012-04-03 Apple Inc. Single security model in booting a computing device
CN101299849B (zh) * 2008-04-25 2010-05-12 中兴通讯股份有限公司 一种WiMAX终端及其启动方法
DE102008021567B4 (de) * 2008-04-30 2018-03-22 Globalfoundries Inc. Computersystem mit sicherem Hochlaufmechanismus auf der Grundlage einer Verschlüsselung mit symmetrischem Schlüssel
US9122864B2 (en) * 2008-08-05 2015-09-01 International Business Machines Corporation Method and apparatus for transitive program verification
US20100064125A1 (en) * 2008-09-11 2010-03-11 Mediatek Inc. Programmable device and booting method
US9653004B2 (en) * 2008-10-16 2017-05-16 Cypress Semiconductor Corporation Systems and methods for downloading code and data into a secure non-volatile memory
US8832454B2 (en) * 2008-12-30 2014-09-09 Intel Corporation Apparatus and method for runtime integrity verification
US8806220B2 (en) 2009-01-07 2014-08-12 Microsoft Corporation Device side host integrity validation
DE102010005726A1 (de) * 2010-01-26 2011-07-28 Giesecke & Devrient GmbH, 81677 Verfahren zum Zuordnen eines tragbaren Datenträgers, insbesondere einer Chipkarte, zu einem Terminal
KR20120092222A (ko) 2011-02-11 2012-08-21 삼성전자주식회사 보안 부팅 방법 및 보안 부트 이미지 생성 방법
JP2014170255A (ja) * 2011-06-29 2014-09-18 Panasonic Corp セキュアブート方法
DE112011105687T5 (de) * 2011-09-30 2014-07-17 Hewlett-Packard Development Company, L.P. Verwendung eines Option-ROM-Speichers
TW201346764A (zh) * 2012-05-11 2013-11-16 Ibase Technology Inc 開機保全軟體方法
GB2512376A (en) * 2013-03-28 2014-10-01 Ibm Secure execution of software modules on a computer
US9671945B2 (en) * 2013-12-17 2017-06-06 American Megatrends, Inc. Techniques of launching virtual machine from thin client
US20150286823A1 (en) * 2014-04-07 2015-10-08 Qualcomm Incorporated System and method for boot sequence modification using chip-restricted instructions residing on an external memory device
GB2525409B (en) * 2014-04-24 2016-11-02 Ibm Enabling an external operating system to access encrypted data units of a data storage system
US9195831B1 (en) 2014-05-02 2015-11-24 Google Inc. Verified boot
US10387652B2 (en) * 2015-04-17 2019-08-20 Hewlett Packard Enterprise Development Lp Firmware map data
US20160314288A1 (en) * 2015-04-22 2016-10-27 Qualcomm Incorporated Method and apparatus for write restricted storage
US10176094B2 (en) * 2015-06-30 2019-01-08 Renesas Electronics America Inc. Common MCU self-identification information
WO2017023273A1 (en) * 2015-07-31 2017-02-09 Hewlett-Packard Development Company, L.P. Imaging supplies
WO2017066194A1 (en) 2015-10-11 2017-04-20 Renesas Electronics America Inc. Data driven embedded application building and configuration
US9916452B2 (en) 2016-05-18 2018-03-13 Microsoft Technology Licensing, Llc Self-contained cryptographic boot policy validation
US10365961B2 (en) * 2016-09-09 2019-07-30 Dell Products L.P. Information handling system pre-boot fault management
KR102538096B1 (ko) * 2016-09-13 2023-05-31 삼성전자주식회사 어플리케이션을 검증하는 디바이스 및 방법
CN106778283B (zh) 2016-11-21 2020-04-07 惠州Tcl移动通信有限公司 一种系统分区关键数据的保护方法及系统
US10417429B2 (en) 2017-06-02 2019-09-17 Apple Inc. Method and apparatus for boot variable protection
US11263326B2 (en) 2017-06-02 2022-03-01 Apple Inc. Method and apparatus for secure system boot
CN112055846A (zh) * 2018-07-31 2020-12-08 惠普发展公司,有限责任合伙企业 执行指令
DE112018007934B4 (de) * 2018-10-12 2024-03-07 Mitsubishi Electric Corporation Softwareprüfvorrichtung, softwareprüfverfahren und softwareprüfprogramm
US11960608B2 (en) * 2021-04-29 2024-04-16 Infineon Technologies Ag Fast secure booting method and system
TWI870690B (zh) * 2022-08-29 2025-01-21 新唐科技股份有限公司 加速安全開機程序的方法和使用該方法的電子裝置
KR20240034586A (ko) 2022-09-07 2024-03-14 삼성전자주식회사 보안 부팅 시스템 및 그것의 동작 방법

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4654480A (en) * 1985-11-26 1987-03-31 Weiss Jeffrey A Method and apparatus for synchronizing encrypting and decrypting systems
US5448045A (en) * 1992-02-26 1995-09-05 Clark; Paul C. System for protecting computers via intelligent tokens or smart cards
CA2225805C (en) * 1995-06-29 2002-11-12 Allan E. Alcorn Electronic casino gaming system with improved play capacity, authentication and security
US5643086A (en) * 1995-06-29 1997-07-01 Silicon Gaming, Inc. Electronic casino gaming apparatus with improved play capacity, authentication and security
JP3293760B2 (ja) 1997-05-27 2002-06-17 株式会社エヌイーシー情報システムズ 改ざん検知機能付きコンピュータシステム
US5919257A (en) * 1997-08-08 1999-07-06 Novell, Inc. Networked workstation intrusion detection system
US6704871B1 (en) * 1997-09-16 2004-03-09 Safenet, Inc. Cryptographic co-processor
US6185678B1 (en) * 1997-10-02 2001-02-06 Trustees Of The University Of Pennsylvania Secure and reliable bootstrap architecture
US6378072B1 (en) * 1998-02-03 2002-04-23 Compaq Computer Corporation Cryptographic system
US6401208B2 (en) * 1998-07-17 2002-06-04 Intel Corporation Method for BIOS authentication prior to BIOS execution
US6081890A (en) * 1998-11-30 2000-06-27 Intel Corporation Method of communication between firmware written for different instruction set architectures
US6263431B1 (en) * 1998-12-31 2001-07-17 Intle Corporation Operating system bootstrap security mechanism
EP1161716B1 (en) * 1999-02-15 2013-11-27 Hewlett-Packard Development Company, L.P. Trusted computing platform
US6625730B1 (en) * 2000-03-31 2003-09-23 Hewlett-Packard Development Company, L.P. System for validating a bios program and memory coupled therewith by using a boot block program having a validation routine
US20040064457A1 (en) * 2002-09-27 2004-04-01 Zimmer Vincent J. Mechanism for providing both a secure and attested boot

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110262840A (zh) * 2019-06-17 2019-09-20 Oppo广东移动通信有限公司 设备启动监控方法及相关产品

Also Published As

Publication number Publication date
TWI292556B (en) 2008-01-11
KR100965717B1 (ko) 2010-06-24
AU2003204376A1 (en) 2004-01-08
TW200401228A (en) 2004-01-16
US6907522B2 (en) 2005-06-14
DE60330627D1 (de) 2010-02-04
AU2003204376B2 (en) 2009-11-26
CN1469238A (zh) 2004-01-21
JP2004013905A (ja) 2004-01-15
US20050138270A1 (en) 2005-06-23
EP1369764B1 (en) 2009-12-23
HK1058561A1 (en) 2004-05-21
US20030229777A1 (en) 2003-12-11
CN100492277C (zh) 2009-05-27
US7676840B2 (en) 2010-03-09
EP1369764A2 (en) 2003-12-10
KR20030095301A (ko) 2003-12-18
JP4052978B2 (ja) 2008-02-27
EP1369764A3 (en) 2005-05-18

Similar Documents

Publication Publication Date Title
ATE453162T1 (de) Verwendung eines hash beim starten eines sicheren betriebssystems
AU2006235153B2 (en) Systems and methods for verifying trust of executable files
US8037292B2 (en) Method for accelerating BIOS running
US11017091B2 (en) Firmware map data
WO2008085449A3 (en) Secure booting a computing device
ATE522875T1 (de) Identifizierung von textpassagen
TW200514408A (en) System and method for authenticating software using protected master key
WO2007095465A3 (en) Method and apparatus for securely booting from an external storage device
TW200638200A (en) System and method for reducing memory requirements of firmware and providing secure updates and storage areas for firmware
TW200515241A (en) Data management apparatus, data management method and computer program
RU2005140018A (ru) Системы и способы проверки целостности исполняемого файла с использованием частичных хеш-кодов образа
WO2005091757A3 (en) Autonomous memory checker for runtime security assurance and method therfore
BRPI0501783A (pt) Sistema e processo para inicialização de sistema operacional protegido usando validação de estado
RU2009141594A (ru) Доверительная среда для обнаружения вредоносных программ
WO2004088483A3 (en) System for and method of detecting malware in macros and executable scripts
FI20011278A0 (fi) Menetelmä elektroniikkalaitteen varmistamiseksi, varmistusjärjestelmä ja elektroniikkalaite
DE69901424D1 (de) Rechnerdatei-integritätsprüfung
WO2009014779A3 (en) System for malware normalization and detection
BRPI0504860A (pt) arquitetura extesìvel para vìdeos auxiliares
ATE306099T1 (de) Verfahren zur feststellung böswilligen rechnerkodes
ATE434807T1 (de) Vorrichtung und verfahren zur beschleunigung eines sonderzweckprozessors
RU2004106185A (ru) Компактная идентификация аппаратных средств для привязки пакета программного обеспечения к компьютерной системе, имеющей допуск на изменения аппаратных средств
BR0112029A (pt) ligação por meio de informação não válida
WO2006065565A3 (en) Embedded optical signatures in documents
EP1056013A3 (en) Trusted verification of computer program modules

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties