CN101218588B - 具有可认证的固件的附件设备及布置和认证该固件的方法 - Google Patents

具有可认证的固件的附件设备及布置和认证该固件的方法 Download PDF

Info

Publication number
CN101218588B
CN101218588B CN2006800245939A CN200680024593A CN101218588B CN 101218588 B CN101218588 B CN 101218588B CN 2006800245939 A CN2006800245939 A CN 2006800245939A CN 200680024593 A CN200680024593 A CN 200680024593A CN 101218588 B CN101218588 B CN 101218588B
Authority
CN
China
Prior art keywords
memory
program code
value
firmware program
accessory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2006800245939A
Other languages
English (en)
Chinese (zh)
Other versions
CN101218588A (zh
Inventor
A·韦德卡
B·尼尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Maliki Innovation Co ltd
Original Assignee
Certicom Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Certicom Corp filed Critical Certicom Corp
Publication of CN101218588A publication Critical patent/CN101218588A/zh
Application granted granted Critical
Publication of CN101218588B publication Critical patent/CN101218588B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
CN2006800245939A 2005-05-05 2006-05-05 具有可认证的固件的附件设备及布置和认证该固件的方法 Active CN101218588B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US67781605P 2005-05-05 2005-05-05
US60/677,816 2005-05-05
PCT/CA2006/000711 WO2006116871A2 (en) 2005-05-05 2006-05-05 Retrofitting authentication onto firmware

Publications (2)

Publication Number Publication Date
CN101218588A CN101218588A (zh) 2008-07-09
CN101218588B true CN101218588B (zh) 2010-05-19

Family

ID=37308333

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2006800245939A Active CN101218588B (zh) 2005-05-05 2006-05-05 具有可认证的固件的附件设备及布置和认证该固件的方法

Country Status (6)

Country Link
US (1) US8566791B2 (enExample)
EP (1) EP1877947A4 (enExample)
JP (1) JP4898790B2 (enExample)
CN (1) CN101218588B (enExample)
CA (1) CA2606981C (enExample)
WO (1) WO2006116871A2 (enExample)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4897701B2 (ja) * 2004-12-22 2012-03-14 サーティコム コーポレーション 部分リボケーション・リスト
US8467528B2 (en) * 2006-08-31 2013-06-18 Advanced Micro Devices, Inc. Multimedia content protection
JP2008171041A (ja) * 2007-01-05 2008-07-24 Ricoh Co Ltd 画像形成装置、画像形成装置の起動方法、制御装置及び拡張ユニットの起動方法
US7841010B2 (en) 2007-01-08 2010-11-23 Apple Inc. Software or other information integrity verification using variable block length and selection
CA2618544C (en) * 2007-01-16 2015-07-21 Bally Gaming, Inc. Rom bios based trusted encrypted operating system
US8171275B2 (en) 2007-01-16 2012-05-01 Bally Gaming, Inc. ROM BIOS based trusted encrypted operating system
US20100174920A1 (en) * 2009-01-06 2010-07-08 Jonathan Peter Buckingham Data processing apparatus
US20110268265A1 (en) * 2010-04-30 2011-11-03 Lathrop Alexander M Disk media security system and method
US8918907B2 (en) * 2011-04-13 2014-12-23 Phoenix Technologies Ltd. Approaches for firmware to trust an application
KR101689204B1 (ko) * 2011-09-07 2016-12-23 인텔 코포레이션 디바이스의 펌웨어 무결성 검증
CN104838387B (zh) * 2012-10-11 2018-03-02 爱迪德技术有限公司 芯片验证
EP2808818B1 (en) * 2013-05-29 2016-07-13 Nxp B.V. Processing system
CN104376276B (zh) * 2013-08-16 2017-12-29 昆达电脑科技(昆山)有限公司 嵌入式Linux设备映像文件验证方法
JP6181493B2 (ja) 2013-09-20 2017-08-16 国立大学法人名古屋大学 書換検出システム、書換検出装置及び情報処理装置
JP6342281B2 (ja) * 2014-09-26 2018-06-13 国立大学法人名古屋大学 書換検出システム及び情報処理装置
US10657262B1 (en) * 2014-09-28 2020-05-19 Red Balloon Security, Inc. Method and apparatus for securing embedded device firmware
US10044654B2 (en) * 2014-10-30 2018-08-07 Oracle International Corporation Operating a match cooperative without handling personally identifiable information
JP6338540B2 (ja) * 2015-03-02 2018-06-06 日本電信電話株式会社 認証システム、認証結果利用サーバ及び認証方法
US10616197B2 (en) 2016-04-18 2020-04-07 Atmel Corporation Message authentication with secure code verification
US10114941B2 (en) 2016-08-24 2018-10-30 Altera Corporation Systems and methods for authenticating firmware stored on an integrated circuit
US10268823B2 (en) * 2016-10-27 2019-04-23 Wind River Systems, Inc. Device, system, and method for securing executable operations
CN107451468A (zh) * 2017-07-14 2017-12-08 杭州谷逸网络科技有限公司 一种控制设备的在线安全检测实现方法
US11036863B2 (en) 2017-08-01 2021-06-15 Dell Products, L.P. Validating an image using an embedded hash in an information handling system
US11720674B2 (en) 2021-01-28 2023-08-08 Northrop Grumman Systems Corporation Systems and methods for malware detection
CN113360177A (zh) * 2021-06-07 2021-09-07 中电科思仪科技股份有限公司 一种用于矢量网络分析仪固件程序在线升级的装置及方法
EP4468186A4 (en) * 2022-02-22 2025-10-01 Ntt Inc AUTHENTICATION SYSTEM, GENERATION DEVICE, GENERATION METHOD AND GENERATION PROGRAM

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4849927A (en) * 1987-06-12 1989-07-18 Ncr Corporation Method of controlling the operation of security modules
WO2000018162A1 (en) * 1998-09-18 2000-03-30 Qualcomm Incorporated Method and apparatus for authenticating embedded software in a remote unit over a communications channel
CN1454338A (zh) * 2000-07-25 2003-11-05 麦克罗维西恩公司 确认动态可连接可执行镜像的可靠性的系统和方法

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6138236A (en) * 1996-07-01 2000-10-24 Sun Microsystems, Inc. Method and apparatus for firmware authentication
US6026293A (en) * 1996-09-05 2000-02-15 Ericsson Inc. System for preventing electronic memory tampering
GB9626241D0 (en) 1996-12-18 1997-02-05 Ncr Int Inc Secure data processing method and system
US5954817A (en) 1996-12-31 1999-09-21 Motorola, Inc. Apparatus and method for securing electronic information in a wireless communication device
JP3793629B2 (ja) * 1997-10-30 2006-07-05 沖電気工業株式会社 メモリカードとメモリカード装置
US6480800B1 (en) * 1999-02-08 2002-11-12 International Business Machines Corp. Method and system for generating self-testing and random input stimuli for testing digital systems
US6571335B1 (en) * 1999-04-01 2003-05-27 Intel Corporation System and method for authentication of off-chip processor firmware code
KR100561497B1 (ko) * 2000-09-08 2006-03-17 인터내셔널 비지네스 머신즈 코포레이션 소프트웨어 보안 인증 경로
GB0116568D0 (en) * 2001-07-06 2001-08-29 Ncipher Corp Ltd Firmware validation
JP4676724B2 (ja) 2003-08-12 2011-04-27 株式会社リコー 情報処理装置、情報処理方法、情報処理プログラム、及び記録媒体
US7142891B2 (en) * 2003-10-10 2006-11-28 Texas Instruments Incorporated Device bound flashing/booting for cloning prevention
US20060101310A1 (en) * 2004-10-22 2006-05-11 Nimrod Diamant Device, system and method for verifying integrity of software programs
US7818585B2 (en) * 2004-12-22 2010-10-19 Sap Aktiengesellschaft Secure license management
US20060143600A1 (en) * 2004-12-29 2006-06-29 Andrew Cottrell Secure firmware update
JP2006191491A (ja) * 2005-01-07 2006-07-20 Canon Inc 情報処理装置及びその方法並びにプログラム及び記憶媒体
US7490352B2 (en) * 2005-04-07 2009-02-10 Microsoft Corporation Systems and methods for verifying trust of executable files

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4849927A (en) * 1987-06-12 1989-07-18 Ncr Corporation Method of controlling the operation of security modules
WO2000018162A1 (en) * 1998-09-18 2000-03-30 Qualcomm Incorporated Method and apparatus for authenticating embedded software in a remote unit over a communications channel
CN1454338A (zh) * 2000-07-25 2003-11-05 麦克罗维西恩公司 确认动态可连接可执行镜像的可靠性的系统和方法

Also Published As

Publication number Publication date
WO2006116871A3 (en) 2006-12-21
EP1877947A4 (en) 2009-11-25
CN101218588A (zh) 2008-07-09
US8566791B2 (en) 2013-10-22
JP2008541211A (ja) 2008-11-20
JP4898790B2 (ja) 2012-03-21
CA2606981C (en) 2016-09-06
CA2606981A1 (en) 2006-11-09
EP1877947A2 (en) 2008-01-16
WO2006116871A2 (en) 2006-11-09
US20070156638A1 (en) 2007-07-05

Similar Documents

Publication Publication Date Title
CN101218588B (zh) 具有可认证的固件的附件设备及布置和认证该固件的方法
US8250373B2 (en) Authenticating and verifying an authenticable and verifiable module
EP2294529B1 (en) Electronic device and method of software or firmware updating of an electronic device
CN109937419B (zh) 安全功能强化的设备的初始化方法及设备的固件更新方法
US8510570B2 (en) System and method for authenticating a gaming device
US8627086B2 (en) Secure loading and storing of data in a data processing device
CN1210637C (zh) 保护静态和动态数据免遭未授权操作的系统
US20200272745A1 (en) Security Data Processing Device
US10282549B2 (en) Modifying service operating system of baseboard management controller
KR20090109589A (ko) 프로세서 내에서의 보호된 리소스들로의 억세스에 대한 안전한 보호 방법
EP1645931A1 (en) Secure loading and storing of data in a data processing device
EP2270706B1 (en) Loading secure code into a memory
TWI760752B (zh) 應用加速驗證映像檔方法的系統
KR20170087887A (ko) 애플리케이션 무결성의 검증을 제공하는 방법 및 디바이스
US12373518B2 (en) Managing ownership of an electronic device
US20170060775A1 (en) Methods and architecture for encrypting and decrypting data
CN116710914A (zh) 边缘设备的密钥撤销
US20180331834A1 (en) Semiconductor device, boot method, and boot program
WO2006039967A1 (en) Secure loading and storing of data in a data processing device
US20250322041A1 (en) Managing ownership of an electronic device
EP4488863A1 (en) Extended storage for a trusted platform module
KR20070017455A (ko) 프로세서 내에서의 보호된 리소스들로의 억세스에 대한안전한 보호 방법
HK1115208A (en) Secure loading and storing of data in a data processing device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20191025

Address after: Voight, Ontario, Canada

Patentee after: BlackBerry Ltd.

Address before: Rika Univ.

Patentee before: CERTICOM Corp.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20240529

Address after: Ai Erlandubailin

Patentee after: Maliki Innovation Co.,Ltd.

Country or region after: Ireland

Address before: Voight, Ontario, Canada

Patentee before: BlackBerry Ltd.

Country or region before: Canada