JP7200122B2 - 信頼されたシステムファームウェア状態のリストアのためのシステムおよび方法 - Google Patents

信頼されたシステムファームウェア状態のリストアのためのシステムおよび方法 Download PDF

Info

Publication number
JP7200122B2
JP7200122B2 JP2019552048A JP2019552048A JP7200122B2 JP 7200122 B2 JP7200122 B2 JP 7200122B2 JP 2019552048 A JP2019552048 A JP 2019552048A JP 2019552048 A JP2019552048 A JP 2019552048A JP 7200122 B2 JP7200122 B2 JP 7200122B2
Authority
JP
Japan
Prior art keywords
secure
code
store
secure code
hardware configuration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2019552048A
Other languages
English (en)
Japanese (ja)
Other versions
JP2020511727A (ja
JP2020511727A5 (https=
Inventor
ヘック,ジェームズ・エイ
バレンティノ,ラルフ・ピィ
ハートウェル,デイビッド・ダブリュ
Original Assignee
オラクル・インターナショナル・コーポレイション
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by オラクル・インターナショナル・コーポレイション filed Critical オラクル・インターナショナル・コーポレイション
Publication of JP2020511727A publication Critical patent/JP2020511727A/ja
Publication of JP2020511727A5 publication Critical patent/JP2020511727A5/ja
Application granted granted Critical
Publication of JP7200122B2 publication Critical patent/JP7200122B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0634Configuration or reconfiguration of storage systems by changing the state or mode of one or more devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0655Vertical data movement, i.e. input-output transfer; data movement between one or more hosts and one or more storage devices
    • G06F3/0656Data buffering arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0655Vertical data movement, i.e. input-output transfer; data movement between one or more hosts and one or more storage devices
    • G06F3/0659Command handling arrangements, e.g. command buffers, queues, command scheduling
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0679Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Human Computer Interaction (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Stored Programmes (AREA)
JP2019552048A 2017-03-22 2017-11-30 信頼されたシステムファームウェア状態のリストアのためのシステムおよび方法 Active JP7200122B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/466,514 US10997296B2 (en) 2017-03-22 2017-03-22 System and method for restoration of a trusted system firmware state
US15/466,514 2017-03-22
PCT/US2017/063915 WO2018174969A1 (en) 2017-03-22 2017-11-30 System and method for restoration of a trusted system firmware state

Publications (3)

Publication Number Publication Date
JP2020511727A JP2020511727A (ja) 2020-04-16
JP2020511727A5 JP2020511727A5 (https=) 2020-08-27
JP7200122B2 true JP7200122B2 (ja) 2023-01-06

Family

ID=60766163

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2019552048A Active JP7200122B2 (ja) 2017-03-22 2017-11-30 信頼されたシステムファームウェア状態のリストアのためのシステムおよび方法

Country Status (5)

Country Link
US (1) US10997296B2 (https=)
EP (1) EP3602374B1 (https=)
JP (1) JP7200122B2 (https=)
CN (1) CN110494855B (https=)
WO (1) WO2018174969A1 (https=)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10997296B2 (en) 2017-03-22 2021-05-04 Oracle International Corporation System and method for restoration of a trusted system firmware state
BE1026835B1 (de) * 2018-12-06 2020-07-07 Phoenix Contact Gmbh & Co Router mit Anmeldungsfunktionalität und hierfür geeignetes Zugriffskontrollverfahren
US11829478B2 (en) * 2019-01-08 2023-11-28 Oracle International Corporation Full server recovery architecture for cloud bare metal instances
US11288372B2 (en) 2019-10-07 2022-03-29 Microsoft Technology Licensing, Llc Secure installation of baseboard management controller firmware via a physical interface
US11222120B2 (en) * 2019-11-19 2022-01-11 Dell Products L.P. Storage device firmware bootloader recovery system and method therefor
US11314866B2 (en) 2019-11-25 2022-04-26 Dell Products L.P. System and method for runtime firmware verification, recovery, and repair in an information handling system
US11099838B1 (en) * 2020-02-26 2021-08-24 Quanta Computer Inc. Method and system for recovery for custom integrated circuit
CN115270100A (zh) * 2021-04-29 2022-11-01 华为技术有限公司 一种安全保护方法、装置及系统
US11783040B2 (en) 2021-07-09 2023-10-10 Dell Products L.P. Cryptographically verifying a firmware image with boot speed in an information handling system
US11726879B2 (en) 2021-07-12 2023-08-15 Dell Products L.P. Multiple block error correction in an information handling system
US12353609B2 (en) * 2021-10-21 2025-07-08 Dell Products L.P. Method and system for a secure management of storage devices using a key management service
CN114398013B (zh) * 2022-01-26 2024-06-18 东芯半导体股份有限公司 Nand存储器安全代码生成模块和生成方法、以及nand存储器
NL2036158B1 (en) * 2023-10-31 2025-05-13 Adc Tech Netherlands B V Server node

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040139357A1 (en) 2003-01-14 2004-07-15 Samsung Electronics Co., Ltd. Electronic device having microcomputer and firmwave updating method thereof
JP2006081246A (ja) 2004-09-07 2006-03-23 Yaskawa Electric Corp シリアル通信指令方式サーボアンプ装置
JP2009211339A (ja) 2008-03-04 2009-09-17 Canon Inc 光学装置
US20120079260A1 (en) 2010-09-27 2012-03-29 Hon Hai Precision Industry Co., Ltd. Basic input-output system circuit and method for using the same
US20120110379A1 (en) 2010-10-27 2012-05-03 Hon Hai Precision Industry Co., Ltd. Firmware recovery system and method
JP2013164842A (ja) 2012-02-09 2013-08-22 Kofukin Seimitsu Kogyo (Shenzhen) Yugenkoshi Bmcファームウェアの修復機能を持つ電子装置及びその修復方法
US20160306623A1 (en) 2015-04-16 2016-10-20 Aic Inc. Control module of node and firmware updating method for the control module

Family Cites Families (47)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5388267A (en) * 1991-05-29 1995-02-07 Dell Usa, L.P. Method and apparatus for updating and restoring system BIOS functions while maintaining BIOS integrity
JPH09330272A (ja) * 1996-06-12 1997-12-22 Hitachi Ltd Bios制御方式
US7257714B1 (en) * 1999-10-19 2007-08-14 Super Talent Electronics, Inc. Electronic data storage medium with fingerprint verification capability
SE515327C2 (sv) * 1999-08-27 2001-07-16 Ericsson Telefon Ab L M Anordning för att utföra säkra transaktioner i en kommunikationsanordning
US7930531B2 (en) * 2000-01-06 2011-04-19 Super Talent Electronics, Inc. Multi-partition USB device that re-boots a PC to an alternate operating system for virus recovery
KR20030038542A (ko) * 2000-05-19 2003-05-16 셀프 리페어링 컴퓨터스, 인크. 스위칭 가능 소자를 가진 컴퓨터
US6757838B1 (en) * 2000-10-13 2004-06-29 Hewlett-Packard Development Company, L.P. Hardware independent implementation of computer system BIOS recovery
US7149854B2 (en) * 2001-05-10 2006-12-12 Advanced Micro Devices, Inc. External locking mechanism for personal computer memory locations
TW548574B (en) * 2001-10-19 2003-08-21 Micro Star Int Co Ltd Display interface with dual basic input/output system and the computer having the same
US7536598B2 (en) * 2001-11-19 2009-05-19 Vir2Us, Inc. Computer system capable of supporting a plurality of independent computing environments
US20040268116A1 (en) * 2003-06-30 2004-12-30 Vasisht Virender K Fault tolerant recovery block with reduced flash footprint
US20070157015A1 (en) * 2005-12-29 2007-07-05 Swanson Robert C Methods and apparatus to optimize boot speed
US20080168310A1 (en) 2007-01-05 2008-07-10 Microsoft Corporation Hardware diagnostics and software recovery on headless server appliances
US8522309B2 (en) 2007-01-22 2013-08-27 Simon Yoffe Security switch
US8924708B2 (en) 2007-01-22 2014-12-30 Simon Yoffe Security switch
US8250354B2 (en) * 2007-11-29 2012-08-21 GlobalFoundries, Inc. Method and apparatus for making a processor sideband interface adhere to secure mode restrictions
US7861021B2 (en) * 2008-01-24 2010-12-28 International Business Machines Corporation Device receiving unit that performs a determination based on data exchange which interfacing device takes precedence when a plurality of interfacing devices are simultaneously connected
TWI414996B (zh) * 2008-04-14 2013-11-11 Asustek Comp Inc 電腦系統
US8495349B2 (en) * 2008-10-09 2013-07-23 International Business Machines Corporation Generating a primary BIOS code memory address and a recovery BIOS code memory address, where the recovery BIOS service code is loaded when the primary BIOS code fails to execute
US8341602B2 (en) * 2009-01-29 2012-12-25 Microsoft Corporation Automated verification of a type-safe operating system
US8468592B2 (en) * 2009-07-31 2013-06-18 Google Inc. Native code module security for 64-bit instruction set architectures
CN102446103A (zh) * 2010-10-08 2012-05-09 鸿富锦精密工业(深圳)有限公司 Bios刷新装置及利用其进行bios数据刷新的方法
CN102455950A (zh) * 2010-10-28 2012-05-16 鸿富锦精密工业(深圳)有限公司 基板管理控制器的韧体恢复系统及方法
US8843769B2 (en) * 2011-04-18 2014-09-23 Texas Instruments Incorporated Microcontroller with embedded secure feature
US8863109B2 (en) * 2011-07-28 2014-10-14 International Business Machines Corporation Updating secure pre-boot firmware in a computing system in real-time
US8732527B2 (en) * 2011-08-16 2014-05-20 Google Inc. Secure recovery apparatus and method
TWI537735B (zh) * 2011-12-16 2016-06-11 祥碩科技股份有限公司 電子裝置及其基本輸入輸出系統的更新裝置
WO2013102521A1 (en) * 2012-01-03 2013-07-11 International Business Machines Corporation Method for secure self-booting of an electronic device
US9075995B2 (en) * 2013-03-11 2015-07-07 Microsoft Technology Licensing, Llc Dynamically loaded measured environment for secure code launch
WO2014175861A1 (en) * 2013-04-23 2014-10-30 Hewlett-Packard Development Company, L.P. Recovering from compromised system boot code
US20150052616A1 (en) * 2013-08-14 2015-02-19 L-3 Communications Corporation Protected mode for securing computing devices
US9779241B2 (en) * 2013-09-25 2017-10-03 Cisco Technology, Inc. Synchronization of UEFI secure boot variables on a managed server
TW201525858A (zh) * 2013-12-31 2015-07-01 Ibm 基板管理控制器與其韌體載入方法
US9135029B2 (en) * 2014-01-02 2015-09-15 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Securely reconfiguring a multi-node system to prevent firmware rollback
US9075945B1 (en) * 2014-06-27 2015-07-07 Google Inc. Method for implementing efficient entropy decoder by using high level synthesis
CN106687976A (zh) * 2014-07-11 2017-05-17 Pcms控股公司 基于虚拟化的安全设备恢复的系统和方法
US9921915B2 (en) * 2015-10-16 2018-03-20 Quanta Computer Inc. Baseboard management controller recovery
US10055296B2 (en) * 2015-10-30 2018-08-21 Quanta Computer Inc. System and method for selective BIOS restoration
US9930051B1 (en) * 2015-11-06 2018-03-27 Amazon Technologies, Inc. Remote management of hardware hosts in cloud infrastructure
US10133637B2 (en) * 2016-08-04 2018-11-20 Dell Products L.P. Systems and methods for secure recovery of host system code
US20180091315A1 (en) * 2016-09-27 2018-03-29 Qualcomm Incorporated Revocation and updating of compromised root of trust (rot)
US10534618B2 (en) * 2016-09-27 2020-01-14 American Megatrends International, Llc Auto bootloader recovery in BMC
US10740468B2 (en) * 2016-09-30 2020-08-11 Hewlett Packard Enterprise Development Lp Multiple roots of trust to verify integrity
US20180097839A1 (en) * 2016-10-01 2018-04-05 Neeraj S. Upasani Systems, apparatuses, and methods for platform security
US10691803B2 (en) * 2016-12-13 2020-06-23 Amazon Technologies, Inc. Secure execution environment on a server
US10997296B2 (en) 2017-03-22 2021-05-04 Oracle International Corporation System and method for restoration of a trusted system firmware state
US10372460B2 (en) * 2017-03-28 2019-08-06 Dell Products, Lp System and method for baseboard management controller assisted dynamic early host video on systems with a security co-processor

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040139357A1 (en) 2003-01-14 2004-07-15 Samsung Electronics Co., Ltd. Electronic device having microcomputer and firmwave updating method thereof
JP2006081246A (ja) 2004-09-07 2006-03-23 Yaskawa Electric Corp シリアル通信指令方式サーボアンプ装置
JP2009211339A (ja) 2008-03-04 2009-09-17 Canon Inc 光学装置
US20120079260A1 (en) 2010-09-27 2012-03-29 Hon Hai Precision Industry Co., Ltd. Basic input-output system circuit and method for using the same
US20120110379A1 (en) 2010-10-27 2012-05-03 Hon Hai Precision Industry Co., Ltd. Firmware recovery system and method
JP2013164842A (ja) 2012-02-09 2013-08-22 Kofukin Seimitsu Kogyo (Shenzhen) Yugenkoshi Bmcファームウェアの修復機能を持つ電子装置及びその修復方法
US20160306623A1 (en) 2015-04-16 2016-10-20 Aic Inc. Control module of node and firmware updating method for the control module

Also Published As

Publication number Publication date
US20180276385A1 (en) 2018-09-27
JP2020511727A (ja) 2020-04-16
US10997296B2 (en) 2021-05-04
CN110494855A (zh) 2019-11-22
EP3602374A1 (en) 2020-02-05
CN110494855B (zh) 2023-09-26
EP3602374B1 (en) 2022-06-22
WO2018174969A1 (en) 2018-09-27

Similar Documents

Publication Publication Date Title
JP7200122B2 (ja) 信頼されたシステムファームウェア状態のリストアのためのシステムおよび方法
CN104662552B (zh) 安全的盘访问控制
US8832369B2 (en) Systems and methods for remote raid configuration in an embedded environment
US20130254521A1 (en) Simulated Network Boot Environment for Bootstrap Redirection
JP6968811B2 (ja) ネットワークを通じて更新されることができるセキュアなブートコードキャッシュ
CN110073355A (zh) 服务器上的安全执行环境
US8601250B2 (en) Control over loading of device drivers for an individual instance of a PCI device
US8321617B1 (en) Method and apparatus of server I/O migration management
US11157628B2 (en) Method to transfer firmware level security indicators to OS level threat protection tools at runtime
CN104081376B (zh) 使用分布式文件系统协议远程维持系统固件映像
US7698704B2 (en) Method for installing operating system on remote storage: flash deploy and install zone
US11137995B2 (en) Updating firmware of a microcontroller
WO2024130860A1 (zh) 一种fpga裸金属服务器的实现方法及系统
JP7441896B2 (ja) システム特徴をセキュアに分離するためのシステムおよび方法
US10802717B2 (en) Systems and methods for efficient firmware inventory of storage devices in an information handling system
CN101268442B (zh) 配置远程数据处理系统的方法和系统
JP2008112303A (ja) ストレージ仮想化スイッチ
TWI866411B (zh) 用於初始化計算系統的電腦實施方法、電腦程式產品、以及計算系統
CN111886573A (zh) 存储资源的安全共享

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20200715

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20200715

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20210914

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20211213

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20220210

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20220314

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20220628

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20220928

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20221104

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20221122

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20221221

R150 Certificate of patent or registration of utility model

Ref document number: 7200122

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250