JP4898790B2 - ファームウェアへの認証の追加実装 - Google Patents

ファームウェアへの認証の追加実装 Download PDF

Info

Publication number
JP4898790B2
JP4898790B2 JP2008509281A JP2008509281A JP4898790B2 JP 4898790 B2 JP4898790 B2 JP 4898790B2 JP 2008509281 A JP2008509281 A JP 2008509281A JP 2008509281 A JP2008509281 A JP 2008509281A JP 4898790 B2 JP4898790 B2 JP 4898790B2
Authority
JP
Japan
Prior art keywords
memory
accessory
program code
firmware program
digest
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2008509281A
Other languages
English (en)
Japanese (ja)
Other versions
JP2008541211A5 (enExample
JP2008541211A (ja
Inventor
アショク ヴァデカール,
ブライアン ニール,
Original Assignee
サーティコム コーポレーション
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by サーティコム コーポレーション filed Critical サーティコム コーポレーション
Publication of JP2008541211A publication Critical patent/JP2008541211A/ja
Publication of JP2008541211A5 publication Critical patent/JP2008541211A5/ja
Application granted granted Critical
Publication of JP4898790B2 publication Critical patent/JP4898790B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
JP2008509281A 2005-05-05 2006-05-05 ファームウェアへの認証の追加実装 Active JP4898790B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US67781605P 2005-05-05 2005-05-05
US60/677,816 2005-05-05
PCT/CA2006/000711 WO2006116871A2 (en) 2005-05-05 2006-05-05 Retrofitting authentication onto firmware

Publications (3)

Publication Number Publication Date
JP2008541211A JP2008541211A (ja) 2008-11-20
JP2008541211A5 JP2008541211A5 (enExample) 2009-06-25
JP4898790B2 true JP4898790B2 (ja) 2012-03-21

Family

ID=37308333

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2008509281A Active JP4898790B2 (ja) 2005-05-05 2006-05-05 ファームウェアへの認証の追加実装

Country Status (6)

Country Link
US (1) US8566791B2 (enExample)
EP (1) EP1877947A4 (enExample)
JP (1) JP4898790B2 (enExample)
CN (1) CN101218588B (enExample)
CA (1) CA2606981C (enExample)
WO (1) WO2006116871A2 (enExample)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4897701B2 (ja) * 2004-12-22 2012-03-14 サーティコム コーポレーション 部分リボケーション・リスト
US8467528B2 (en) * 2006-08-31 2013-06-18 Advanced Micro Devices, Inc. Multimedia content protection
JP2008171041A (ja) * 2007-01-05 2008-07-24 Ricoh Co Ltd 画像形成装置、画像形成装置の起動方法、制御装置及び拡張ユニットの起動方法
US7841010B2 (en) 2007-01-08 2010-11-23 Apple Inc. Software or other information integrity verification using variable block length and selection
CA2618544C (en) * 2007-01-16 2015-07-21 Bally Gaming, Inc. Rom bios based trusted encrypted operating system
US8171275B2 (en) 2007-01-16 2012-05-01 Bally Gaming, Inc. ROM BIOS based trusted encrypted operating system
US20100174920A1 (en) * 2009-01-06 2010-07-08 Jonathan Peter Buckingham Data processing apparatus
US20110268265A1 (en) * 2010-04-30 2011-11-03 Lathrop Alexander M Disk media security system and method
US8918907B2 (en) * 2011-04-13 2014-12-23 Phoenix Technologies Ltd. Approaches for firmware to trust an application
KR101689204B1 (ko) * 2011-09-07 2016-12-23 인텔 코포레이션 디바이스의 펌웨어 무결성 검증
CN104838387B (zh) * 2012-10-11 2018-03-02 爱迪德技术有限公司 芯片验证
EP2808818B1 (en) * 2013-05-29 2016-07-13 Nxp B.V. Processing system
CN104376276B (zh) * 2013-08-16 2017-12-29 昆达电脑科技(昆山)有限公司 嵌入式Linux设备映像文件验证方法
JP6181493B2 (ja) 2013-09-20 2017-08-16 国立大学法人名古屋大学 書換検出システム、書換検出装置及び情報処理装置
JP6342281B2 (ja) * 2014-09-26 2018-06-13 国立大学法人名古屋大学 書換検出システム及び情報処理装置
US10657262B1 (en) * 2014-09-28 2020-05-19 Red Balloon Security, Inc. Method and apparatus for securing embedded device firmware
US10044654B2 (en) * 2014-10-30 2018-08-07 Oracle International Corporation Operating a match cooperative without handling personally identifiable information
JP6338540B2 (ja) * 2015-03-02 2018-06-06 日本電信電話株式会社 認証システム、認証結果利用サーバ及び認証方法
US10616197B2 (en) 2016-04-18 2020-04-07 Atmel Corporation Message authentication with secure code verification
US10114941B2 (en) 2016-08-24 2018-10-30 Altera Corporation Systems and methods for authenticating firmware stored on an integrated circuit
US10268823B2 (en) * 2016-10-27 2019-04-23 Wind River Systems, Inc. Device, system, and method for securing executable operations
CN107451468A (zh) * 2017-07-14 2017-12-08 杭州谷逸网络科技有限公司 一种控制设备的在线安全检测实现方法
US11036863B2 (en) 2017-08-01 2021-06-15 Dell Products, L.P. Validating an image using an embedded hash in an information handling system
US11720674B2 (en) 2021-01-28 2023-08-08 Northrop Grumman Systems Corporation Systems and methods for malware detection
CN113360177A (zh) * 2021-06-07 2021-09-07 中电科思仪科技股份有限公司 一种用于矢量网络分析仪固件程序在线升级的装置及方法
EP4468186A4 (en) * 2022-02-22 2025-10-01 Ntt Inc AUTHENTICATION SYSTEM, GENERATION DEVICE, GENERATION METHOD AND GENERATION PROGRAM

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2205667B (en) * 1987-06-12 1991-11-06 Ncr Co Method of controlling the operation of security modules
US6138236A (en) * 1996-07-01 2000-10-24 Sun Microsystems, Inc. Method and apparatus for firmware authentication
US6026293A (en) * 1996-09-05 2000-02-15 Ericsson Inc. System for preventing electronic memory tampering
GB9626241D0 (en) 1996-12-18 1997-02-05 Ncr Int Inc Secure data processing method and system
US5954817A (en) 1996-12-31 1999-09-21 Motorola, Inc. Apparatus and method for securing electronic information in a wireless communication device
JP3793629B2 (ja) * 1997-10-30 2006-07-05 沖電気工業株式会社 メモリカードとメモリカード装置
WO2000018162A1 (en) * 1998-09-18 2000-03-30 Qualcomm Incorporated Method and apparatus for authenticating embedded software in a remote unit over a communications channel
US6480800B1 (en) * 1999-02-08 2002-11-12 International Business Machines Corp. Method and system for generating self-testing and random input stimuli for testing digital systems
US6571335B1 (en) * 1999-04-01 2003-05-27 Intel Corporation System and method for authentication of off-chip processor firmware code
MX237690B (es) * 2000-07-25 2006-06-12 Macrovision Corp Sistema y metodo de verificacion de la autenticidad de imagenes ejecutables conectables dinamicamente.
KR100561497B1 (ko) * 2000-09-08 2006-03-17 인터내셔널 비지네스 머신즈 코포레이션 소프트웨어 보안 인증 경로
GB0116568D0 (en) * 2001-07-06 2001-08-29 Ncipher Corp Ltd Firmware validation
JP4676724B2 (ja) 2003-08-12 2011-04-27 株式会社リコー 情報処理装置、情報処理方法、情報処理プログラム、及び記録媒体
US7142891B2 (en) * 2003-10-10 2006-11-28 Texas Instruments Incorporated Device bound flashing/booting for cloning prevention
US20060101310A1 (en) * 2004-10-22 2006-05-11 Nimrod Diamant Device, system and method for verifying integrity of software programs
US7818585B2 (en) * 2004-12-22 2010-10-19 Sap Aktiengesellschaft Secure license management
US20060143600A1 (en) * 2004-12-29 2006-06-29 Andrew Cottrell Secure firmware update
JP2006191491A (ja) * 2005-01-07 2006-07-20 Canon Inc 情報処理装置及びその方法並びにプログラム及び記憶媒体
US7490352B2 (en) * 2005-04-07 2009-02-10 Microsoft Corporation Systems and methods for verifying trust of executable files

Also Published As

Publication number Publication date
WO2006116871A3 (en) 2006-12-21
CN101218588B (zh) 2010-05-19
EP1877947A4 (en) 2009-11-25
CN101218588A (zh) 2008-07-09
US8566791B2 (en) 2013-10-22
JP2008541211A (ja) 2008-11-20
CA2606981C (en) 2016-09-06
CA2606981A1 (en) 2006-11-09
EP1877947A2 (en) 2008-01-16
WO2006116871A2 (en) 2006-11-09
US20070156638A1 (en) 2007-07-05

Similar Documents

Publication Publication Date Title
JP4898790B2 (ja) ファームウェアへの認証の追加実装
US8250373B2 (en) Authenticating and verifying an authenticable and verifiable module
KR101795457B1 (ko) 보안 기능이 강화된 디바이스의 초기화 방법 및 디바이스의 펌웨어 업데이트 방법
US7131036B2 (en) Method of detecting malicious code
US8327153B2 (en) Method and system for verifying software platform of vehicle
US8166308B2 (en) System and method for authenticating a gaming device
US20090285390A1 (en) Integrated circuit with secured software image and method therefor
AU2001266228A1 (en) Method of detecting malicious code
US11336444B2 (en) Hardware security module for verifying executable code, device having hardware security module, and method of operating device
CA2618544C (en) Rom bios based trusted encrypted operating system
US20090013166A1 (en) Rom bios based trusted encrypted operating system
WO2009156302A1 (en) Electronic device and method of software or firmware updating of an electronic device
JPWO2015068220A1 (ja) ソフトウェア更新装置及びソフトウェア更新プログラム
EP2978158A1 (en) Methods and architecture for encrypting and decrypting data
US20100100966A1 (en) Method and system for blocking installation of some processes
CN111177709A (zh) 一种终端可信组件的执行方法、装置及计算机设备
US10708064B2 (en) Semiconductor device, boot method, and boot program
JP7171339B2 (ja) 情報処理装置、情報処理装置の制御方法、及び、プログラム
CN117556418A (zh) 一种确定内核状态的方法和相关设备
Cooper et al. e paper title
JP2014178906A (ja) 認証方法、認証プログラムおよび認証装置

Legal Events

Date Code Title Description
A072 Dismissal of procedure [no reply to invitation to correct request for examination]

Free format text: JAPANESE INTERMEDIATE CODE: A072

Effective date: 20081028

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20090501

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20090501

RD02 Notification of acceptance of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7422

Effective date: 20100120

RD04 Notification of resignation of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7424

Effective date: 20100128

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20110826

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20111122

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20111215

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20111226

R150 Certificate of patent or registration of utility model

Ref document number: 4898790

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

Free format text: JAPANESE INTERMEDIATE CODE: R150

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20150106

Year of fee payment: 3

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313113

S531 Written request for registration of change of domicile

Free format text: JAPANESE INTERMEDIATE CODE: R313531

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250