JP4433401B2 - 情報処理システム、プログラム、及び情報処理方法 - Google Patents
情報処理システム、プログラム、及び情報処理方法 Download PDFInfo
- Publication number
- JP4433401B2 JP4433401B2 JP2004367548A JP2004367548A JP4433401B2 JP 4433401 B2 JP4433401 B2 JP 4433401B2 JP 2004367548 A JP2004367548 A JP 2004367548A JP 2004367548 A JP2004367548 A JP 2004367548A JP 4433401 B2 JP4433401 B2 JP 4433401B2
- Authority
- JP
- Japan
- Prior art keywords
- image
- virtual
- information processing
- area
- boot
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000010365 information processing Effects 0.000 title claims description 20
- 238000003672 processing method Methods 0.000 title description 3
- 230000006870 function Effects 0.000 claims description 19
- 230000015654 memory Effects 0.000 claims description 19
- 238000000034 method Methods 0.000 description 27
- 238000012795 verification Methods 0.000 description 20
- 230000008569 process Effects 0.000 description 14
- 238000012545 processing Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 6
- 238000012546 transfer Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 3
- 230000007704 transition Effects 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 239000000872 buffer Substances 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000003936 working memory Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
Description
Claims (6)
- システムイメージを格納する記録媒体に対してアクセスすることが可能な情報処理システムであって、
OSイメージを記憶するOS領域と仮想イメージを記憶する仮想領域を含むメインメモリと、
前記仮想領域に前記システムイメージをロードし、ロードされた前記システムイメージが真正であるか否かを検証し、検証済みの前記システムイメージに含まれるブートストラップコードおよびこれによって起動されるOSが前記記録媒体にアクセスするために使用するインタフェースに変更を加えて前記仮想領域にアクセスできるように仮想デバイスを形成するBIOSと、
前記ブートストラップコードが前記仮想デバイスにアクセスして前記システムイメージを前記OS領域にロードする情報処理システム。 - 前記BIOSが真正であるか否かを検証することが可能で電源オン時に最初に実行され出荷後に変更することができないブートブロックを有する請求項1に記載の情報処理システム。
- 前記記録媒体が、CD−ROM、ハードディスク、およびUSBメモリからなるグループから選択されたいずれか1つである請求項1または請求項2に記載の情報処理システム。
- システムイメージを格納するPXEサーバにアクセスすることが可能な情報処理システムであって、
OSイメージを記憶するOS領域と仮想イメージを記憶する仮想領域を含むメインメモリと、
仮想8086モードが構築されてから起動して前記システムイメージを前記仮想領域にロードするPXEブートコードと、
前記システムイメージに含まれるブートストラップコードに制御が移行する前にメモリアクセストラップ機能により実行権を獲得し、前記ロードされたシステムイメージが真正であるか否かを検証し、検証済みの前記システムイメージに含まれるブートストラップコードおよびこれによって起動されるOSが前記PXEサーバにアクセスするために使用するインタフェースに変更を加えて前記仮想領域にアクセスできるように仮想デバイスを形成するBIOSとを有し、
前記ブートストラップコードが前記仮想デバイスにアクセスして前記システムイメージを前記OS領域にロードする情報処理システム。 - 前記BIOSが真正であるか否かを検証することが可能で電源オン時に最初に実行され出荷後に変更することができないブートブロックを有する請求項4に記載の情報処理システム。
- 前記メモリアクセストラップ機能が、前記PXEブートコードがデバッグレジスタにアクセスしたときに発生するプロセッサ例外を利用する請求項4または請求項5に記載の情報処理システム。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004367548A JP4433401B2 (ja) | 2004-12-20 | 2004-12-20 | 情報処理システム、プログラム、及び情報処理方法 |
US11/312,001 US7937575B2 (en) | 2004-12-20 | 2005-12-19 | Information processing system, program product, and information processing method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004367548A JP4433401B2 (ja) | 2004-12-20 | 2004-12-20 | 情報処理システム、プログラム、及び情報処理方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2006172376A JP2006172376A (ja) | 2006-06-29 |
JP4433401B2 true JP4433401B2 (ja) | 2010-03-17 |
Family
ID=36597565
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2004367548A Active JP4433401B2 (ja) | 2004-12-20 | 2004-12-20 | 情報処理システム、プログラム、及び情報処理方法 |
Country Status (2)
Country | Link |
---|---|
US (1) | US7937575B2 (ja) |
JP (1) | JP4433401B2 (ja) |
Families Citing this family (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6993650B2 (en) * | 2001-10-31 | 2006-01-31 | International Business Machines Corporation | Authentications integrated into a boot code image |
US20070300054A1 (en) * | 2006-06-21 | 2007-12-27 | Shi-Wu Lo | Universal BSP tool for porting on embedded systems and an application thereof |
JP5054768B2 (ja) * | 2006-06-21 | 2012-10-24 | ヴィーブ−システムズ アクチエンゲゼルシャフト | 侵入検出のための方法と装置 |
EP2044546B1 (en) * | 2006-07-18 | 2012-12-26 | Certicom Corp. | System and method for authenticating a gaming device |
WO2008023220A1 (en) * | 2006-08-23 | 2008-02-28 | Chan Kam-Fu | Running operating system on dynamic virtual memory |
JP4768682B2 (ja) * | 2007-07-19 | 2011-09-07 | 株式会社日立ソリューションズ | データの二次流出防止方法及びシステム |
US20090103404A1 (en) * | 2007-10-22 | 2009-04-23 | Chai-Chang Chiu | Optic disk drive power management method for computer system |
DE102008021567B4 (de) * | 2008-04-30 | 2018-03-22 | Globalfoundries Inc. | Computersystem mit sicherem Hochlaufmechanismus auf der Grundlage einer Verschlüsselung mit symmetrischem Schlüssel |
US8543799B2 (en) | 2008-05-02 | 2013-09-24 | Microsoft Corporation | Client authentication during network boot |
RU2481616C2 (ru) * | 2008-06-16 | 2013-05-10 | Нокиа Сименс Нетуоркс Ой | Способ и устройство для загрузки программного обеспечения |
DE112008003910T5 (de) * | 2008-06-20 | 2011-06-09 | Lenovo (Singapore) Pte. Ltd. | Plattenloser Client unter Verwendung eines Hypervisors |
US8443181B2 (en) | 2008-09-30 | 2013-05-14 | Qualcomm Incorporated | Processor boot security device and methods thereof |
EP2344950A4 (en) * | 2008-10-08 | 2012-06-06 | Hewlett Packard Development Co | FIRMWARE STORAGE MEDIUM WITH ADJUSTED IMAGE |
JP5223596B2 (ja) | 2008-10-30 | 2013-06-26 | 富士通株式会社 | 仮想計算機システム及びその管理方法、管理プログラム並びに記録媒体、制御方法 |
US7877639B2 (en) * | 2008-11-06 | 2011-01-25 | Dell Products L.P. | Systems and methods to provide failover support for booting embedded hypervisor from an internal non-volatile memory card |
US8296579B2 (en) * | 2009-11-06 | 2012-10-23 | Hewlett-Packard Development Company, L.P. | System and method for updating a basic input/output system (BIOS) |
US8639923B2 (en) * | 2010-05-28 | 2014-01-28 | Dell Products, Lp | System and method for component authentication of a secure client hosted virtualization in an information handling system |
US8458490B2 (en) | 2010-05-28 | 2013-06-04 | Dell Products, Lp | System and method for supporting full volume encryption devices in a client hosted virtualization system |
US8527761B2 (en) | 2010-05-28 | 2013-09-03 | Dell Products, Lp | System and method for fuse enablement of a secure client hosted virtualization in an information handling system |
US8990584B2 (en) * | 2010-05-28 | 2015-03-24 | Dell Products, Lp | System and method for supporting task oriented devices in a client hosted virtualization system |
US8751781B2 (en) | 2010-05-28 | 2014-06-10 | Dell Products, Lp | System and method for supporting secure subsystems in a client hosted virtualization system |
WO2012038211A1 (en) | 2010-09-22 | 2012-03-29 | International Business Machines Corporation | Attesting use of an interactive component during a boot process |
US8869264B2 (en) | 2010-10-01 | 2014-10-21 | International Business Machines Corporation | Attesting a component of a system during a boot process |
EP2630580A4 (en) * | 2010-10-19 | 2014-04-02 | Hewlett Packard Development Co | METHODS AND SYSTEMS FOR GENERATING AUTHORIZED VIRTUAL DEVICES |
US20120131334A1 (en) | 2010-11-18 | 2012-05-24 | International Business Machines Corporation | Method for Attesting a Plurality of Data Processing Systems |
US9489232B2 (en) | 2010-11-18 | 2016-11-08 | International Business Machines Corporation | Techniques for attesting data processing systems |
US8949586B2 (en) * | 2011-10-06 | 2015-02-03 | Cisco Technology, Inc. | System and method for authenticating computer system boot instructions during booting by using a public key associated with a processor and a monitoring device |
US8843650B2 (en) * | 2012-01-09 | 2014-09-23 | Fujitsu Limited | Trusted network booting system and method |
JP5689429B2 (ja) | 2012-02-27 | 2015-03-25 | 株式会社日立製作所 | 認証装置、および、認証方法 |
CN103324874A (zh) * | 2012-03-23 | 2013-09-25 | 联想(北京)有限公司 | 一种验证方法及一种电子设备 |
US9760661B2 (en) | 2012-04-26 | 2017-09-12 | Hewlett-Packard Development Company, L.P. | Providing virtual optical disk drive |
GB2508893A (en) * | 2012-12-14 | 2014-06-18 | Ibm | Trusted boot device, which will not allow a computer to boot, if the computer firmware is not trusted by the boot device |
US9197662B2 (en) * | 2014-02-26 | 2015-11-24 | Symantec Corporation | Systems and methods for optimizing scans of pre-installed applications |
US9672361B2 (en) | 2014-04-30 | 2017-06-06 | Ncr Corporation | Self-service terminal (SST) secure boot |
CN104035806A (zh) * | 2014-06-30 | 2014-09-10 | 普联技术有限公司 | 一种基于多重镜像的系统启动方法及装置 |
US9740866B2 (en) * | 2015-06-10 | 2017-08-22 | The Boeing Company | Automatic measuring boot process using an automatic measuring processor coupled to a memory |
KR101709116B1 (ko) | 2015-10-01 | 2017-02-22 | 한국전자통신연구원 | 가상 머신 부팅 장치 및 방법 |
CN105975194A (zh) * | 2016-05-05 | 2016-09-28 | 青岛海信移动通信技术股份有限公司 | 一种恢复出厂设置的方法及装置 |
US11138343B2 (en) * | 2019-01-18 | 2021-10-05 | International Business Machines Corporation | Multiple signatures in metadata for the same data record |
JP7282616B2 (ja) * | 2019-06-27 | 2023-05-29 | キヤノン株式会社 | 情報処理装置、情報処理方法およびプログラム |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6092147A (en) | 1997-04-15 | 2000-07-18 | Sun Microsystems, Inc. | Virtual machine with securely distributed bytecode verification |
JP3293760B2 (ja) | 1997-05-27 | 2002-06-17 | 株式会社エヌイーシー情報システムズ | 改ざん検知機能付きコンピュータシステム |
US6279109B1 (en) | 1999-01-07 | 2001-08-21 | Dell U.S.A., L.P. | Computing system and operating method for booting and running a graphical user interface (GUI) with r/w hard drive partition unavailable |
US6715043B1 (en) | 1999-03-19 | 2004-03-30 | Phoenix Technologies Ltd. | Method and system for providing memory-based device emulation |
JP2001155420A (ja) | 1999-11-25 | 2001-06-08 | Tomcat Computer Kk | Cdシステム |
US7073064B1 (en) * | 2000-03-31 | 2006-07-04 | Hewlett-Packard Development Company, L.P. | Method and apparatus to provide enhanced computer protection |
US20030221094A1 (en) | 2002-04-17 | 2003-11-27 | Avery Pennarun | Method and system for configuring a computer |
US6993649B2 (en) * | 2002-12-17 | 2006-01-31 | John Alan Hensley | Method of altering a computer operating system to boot and run from protected media |
US7290258B2 (en) | 2003-06-25 | 2007-10-30 | Microsoft Corporation | Managing multiple devices on which operating systems can be automatically deployed |
US20050138393A1 (en) * | 2003-12-22 | 2005-06-23 | Challener David C. | Determining user security level using trusted hardware device |
US20050138409A1 (en) * | 2003-12-22 | 2005-06-23 | Tayib Sheriff | Securing an electronic device |
-
2004
- 2004-12-20 JP JP2004367548A patent/JP4433401B2/ja active Active
-
2005
- 2005-12-19 US US11/312,001 patent/US7937575B2/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
US20060136708A1 (en) | 2006-06-22 |
JP2006172376A (ja) | 2006-06-29 |
US7937575B2 (en) | 2011-05-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4433401B2 (ja) | 情報処理システム、プログラム、及び情報処理方法 | |
US10142104B2 (en) | Securely recovering a computing device | |
US8909940B2 (en) | Extensible pre-boot authentication | |
JP6054908B2 (ja) | 変数セットを修復する方法、コンピュータ・プログラムおよびコンピュータ | |
JP4971466B2 (ja) | コンピューティング・デバイスの安全なブート | |
US8201239B2 (en) | Extensible pre-boot authentication | |
EP2681689B1 (en) | Protecting operating system configuration values | |
US10216936B2 (en) | Method of preventing computer malfunction, computer program, and computer | |
US7921286B2 (en) | Computer initialization for secure kernel | |
US8826405B2 (en) | Trusting an unverified code image in a computing device | |
US9851981B2 (en) | Booting a computer from a user trusted device with an operating system loader stored thereon | |
JP5465738B2 (ja) | システム・ファームウェアの更新方法およびコンピュータ | |
RU2623887C2 (ru) | Способ установки обновления модуля полнодискового шифрования | |
JP2019133220A (ja) | 完全性検証装置、完全性検証システム、完全性検証方法、及び、完全性検証プログラム | |
US20230359741A1 (en) | Trusted boot method and apparatus, electronic device, and readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20090526 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20090731 |
|
A711 | Notification of change in applicant |
Free format text: JAPANESE INTERMEDIATE CODE: A711 Effective date: 20090917 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20091208 |
|
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 |
|
RD02 | Notification of acceptance of power of attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7422 Effective date: 20091217 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20091217 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 4433401 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20130108 Year of fee payment: 3 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20130108 Year of fee payment: 3 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20130108 Year of fee payment: 3 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20140108 Year of fee payment: 4 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |