WO2009044533A1 - セキュアブート端末、セキュアブート方法、セキュアブートプログラム、記録媒体及び集積回路 - Google Patents

セキュアブート端末、セキュアブート方法、セキュアブートプログラム、記録媒体及び集積回路 Download PDF

Info

Publication number
WO2009044533A1
WO2009044533A1 PCT/JP2008/002728 JP2008002728W WO2009044533A1 WO 2009044533 A1 WO2009044533 A1 WO 2009044533A1 JP 2008002728 W JP2008002728 W JP 2008002728W WO 2009044533 A1 WO2009044533 A1 WO 2009044533A1
Authority
WO
WIPO (PCT)
Prior art keywords
secure boot
configuration information
software module
storage means
terminal
Prior art date
Application number
PCT/JP2008/002728
Other languages
English (en)
French (fr)
Inventor
Hisashi Takayama
Hideki Matsushima
Takayuki Ito
Tomoyuki Haga
Kenneth Alexander Nicolson
Original Assignee
Panasonic Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Panasonic Corporation filed Critical Panasonic Corporation
Priority to JP2009535966A priority Critical patent/JP5385148B2/ja
Priority to EP08835878A priority patent/EP2196936A4/en
Priority to US12/676,960 priority patent/US8555049B2/en
Publication of WO2009044533A1 publication Critical patent/WO2009044533A1/ja

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)
  • Storage Device Security (AREA)

Abstract

起動時にセキュアブート処理を行う端末において、ソフトウェアモジュールの更新の途中で電源断等が起こった場合でも、確実に起動することを可能にする。CPUとソフトウェアモジュール格納手段と証明書格納手段と、ソフトウェアモジュール及び証明書を更新する更新手段とソフトウェアモジュールの構成情報を格納する構成情報格納手段を備えるセキュリティデバイスと更新前の構成でのソフトウェアモジュールの構成情報を格納する代替構成情報格納手段と証明書を用いてソフトウェアモジュールを検証して実行するブート制御手段とを備える端末であり、構成情報格納手段が格納する構成情報と代替構成情報格納手段が格納する構成情報とを参照してソフトウェアモジュールの証明書の検証を行う。
PCT/JP2008/002728 2007-10-05 2008-09-30 セキュアブート端末、セキュアブート方法、セキュアブートプログラム、記録媒体及び集積回路 WO2009044533A1 (ja)

Priority Applications (3)

Application Number Priority Date Filing Date Title
JP2009535966A JP5385148B2 (ja) 2007-10-05 2008-09-30 セキュアブート端末、セキュアブート方法、セキュアブートプログラム、記録媒体及び集積回路
EP08835878A EP2196936A4 (en) 2007-10-05 2008-09-30 SAFE START-UP END UNIT, SAFE START-UP PROCEDURE, SAFE STARTER PROGRAM, RECORDING MEDIA AND INTEGRATED CIRCUIT
US12/676,960 US8555049B2 (en) 2007-10-05 2008-09-30 Secure boot terminal, secure boot method, secure boot program, recording medium, and integrated circuit

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2007261977 2007-10-05
JP2007-261977 2007-10-05

Publications (1)

Publication Number Publication Date
WO2009044533A1 true WO2009044533A1 (ja) 2009-04-09

Family

ID=40525965

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2008/002728 WO2009044533A1 (ja) 2007-10-05 2008-09-30 セキュアブート端末、セキュアブート方法、セキュアブートプログラム、記録媒体及び集積回路

Country Status (4)

Country Link
US (1) US8555049B2 (ja)
EP (1) EP2196936A4 (ja)
JP (1) JP5385148B2 (ja)
WO (1) WO2009044533A1 (ja)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009157133A1 (ja) * 2008-06-23 2009-12-30 パナソニック株式会社 情報処理装置、情報処理方法、これらを実現するコンピュータプログラム及び集積回路
JP2012532358A (ja) * 2009-07-01 2012-12-13 パナソニック株式会社 セキュアブート方法およびセキュアブート装置
JP2014503101A (ja) * 2011-01-19 2014-02-06 インターナショナル・ビジネス・マシーンズ・コーポレーション コードを更新および認証するための方法およびシステム、プログラムの完全性を試験する方法およびシステム
JP2014518428A (ja) * 2011-07-07 2014-07-28 インテル・コーポレーション Biosフラッシュ攻撃に対する保護および通知
JP2017021434A (ja) * 2015-07-07 2017-01-26 キヤノン株式会社 情報処理装置及びその制御方法
JP2020042632A (ja) * 2018-09-12 2020-03-19 キヤノン株式会社 情報処理装置、情報処理装置の起動方法、及びプログラム
US10708064B2 (en) 2017-05-12 2020-07-07 Renesas Electronics Corporation Semiconductor device, boot method, and boot program

Families Citing this family (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9069990B2 (en) * 2007-11-28 2015-06-30 Nvidia Corporation Secure information storage system and method
US9158896B2 (en) * 2008-02-11 2015-10-13 Nvidia Corporation Method and system for generating a secure key
US20090204801A1 (en) * 2008-02-11 2009-08-13 Nvidia Corporation Mechanism for secure download of code to a locked system
US9069706B2 (en) * 2008-02-11 2015-06-30 Nvidia Corporation Confidential information protection system and method
US9613215B2 (en) 2008-04-10 2017-04-04 Nvidia Corporation Method and system for implementing a secure chain of trust
JP5178341B2 (ja) * 2008-06-23 2013-04-10 パナソニック株式会社 オプショナルなコンポーネントを伴うセキュアブートの方法
US8375211B2 (en) * 2009-04-21 2013-02-12 International Business Machines Corporation Optimization of signing soap body element
US8205257B1 (en) * 2009-07-28 2012-06-19 Symantec Corporation Systems and methods for preventing threats originating from a non-process based component hosted by a trusted process
EP2558972A1 (en) * 2010-04-12 2013-02-20 InterDigital Patent Holdings, Inc. Staged control release in boot process
US20120084562A1 (en) * 2010-10-04 2012-04-05 Ralph Rabert Farina Methods and systems for updating a secure boot device using cryptographically secured communications across unsecured networks
KR101649115B1 (ko) * 2010-11-11 2016-08-19 삼성전자주식회사 디스플레이 장치 및 이에 적용되는 마이컴 코드 업데이트 방법
US8812830B2 (en) 2011-08-31 2014-08-19 Microsoft Corporation Attestation protocol for securely booting a guest operating system
CN103136019A (zh) * 2011-11-29 2013-06-05 国际商业机器公司 用于加载配置信息的方法和装置
US9262637B2 (en) * 2012-03-29 2016-02-16 Cisco Technology, Inc. System and method for verifying integrity of platform object using locally stored measurement
US9489924B2 (en) 2012-04-19 2016-11-08 Nvidia Corporation Boot display device detection and selection techniques in multi-GPU devices
EP2973156B1 (en) * 2013-03-15 2018-04-25 Intel Corporation Key revocation in system on chip devices
CN103338450A (zh) * 2013-06-26 2013-10-02 华为技术有限公司 一种验证方法及设备
CN105981326B (zh) * 2014-02-26 2019-05-14 三菱电机株式会社 证书管理装置和证书管理方法
EP2933070A1 (en) * 2014-04-17 2015-10-21 Aldebaran Robotics Methods and systems of handling a dialog with a robot
US9438627B2 (en) 2014-06-11 2016-09-06 International Business Machines Corporation Shared security utility appliance for secure application and data processing
US10552827B2 (en) * 2014-09-02 2020-02-04 Google Llc Dynamic digital certificate updating
US9916451B2 (en) * 2015-02-09 2018-03-13 Dell Products L.P. Information handling system boot pre-validation
AT517154B1 (de) * 2015-03-05 2018-07-15 Siemens Ag Oesterreich Überwachung des Startvorgangs einer integrierten Schaltung
US9674162B1 (en) 2015-03-13 2017-06-06 Amazon Technologies, Inc. Updating encrypted cryptographic key pair
US9893885B1 (en) 2015-03-13 2018-02-13 Amazon Technologies, Inc. Updating cryptographic key pair
US9479340B1 (en) 2015-03-30 2016-10-25 Amazon Technologies, Inc. Controlling use of encryption keys
US10003467B1 (en) * 2015-03-30 2018-06-19 Amazon Technologies, Inc. Controlling digital certificate use
JP6601491B2 (ja) * 2015-05-20 2019-11-06 富士通株式会社 プログラム検証方法、検証プログラム、及び情報処理装置
US10503931B2 (en) * 2016-05-09 2019-12-10 Arris Enterprises Llc Method and apparatus for dynamic executable verification
EP3333748A1 (de) * 2016-12-08 2018-06-13 Siemens Aktiengesellschaft Geräteeinheit geeignet für den betrieb im geschützten und/oder offenen betriebszustand sowie zugehöriges verfahren
EP3542298B1 (en) 2017-01-12 2022-08-03 Google LLC Verified boot and key rotation
EP3382590B1 (en) * 2017-03-31 2019-10-16 OMRON Corporation Method for initializing a computerized system and computerized system against rollback attacks
WO2019036795A1 (en) 2017-08-22 2019-02-28 Absolute Software Corporation MONITORING INTEGRITY OF A FIRMWARE USING "SILVER" MEASURES
EP3489853B1 (en) 2017-11-27 2021-02-24 Schneider Electric Industries SAS A method for providing a firmware update of a device
US11068600B2 (en) * 2018-05-21 2021-07-20 Kct Holdings, Llc Apparatus and method for secure router with layered encryption
US11120137B2 (en) 2018-06-19 2021-09-14 Netgear, Inc. Secure transfer of registered network access devices
US11347879B2 (en) * 2018-09-07 2022-05-31 Truist Bank Determining the relative risk for using an originating IP address as an identifying factor
US10771264B2 (en) 2018-10-10 2020-09-08 Hewlett Packard Enterprise Development Lp Securing firmware
US11861011B2 (en) * 2019-06-25 2024-01-02 ZPE Systems, Inc. Secure boot process
JP7289739B2 (ja) * 2019-06-27 2023-06-12 キヤノン株式会社 情報処理装置、情報処理方法およびプログラム
KR20210091585A (ko) * 2020-01-14 2021-07-22 삼성전자주식회사 사용자 인증에 기반한 펌웨어 업데이트를 수행하는 전자 장치 및 이의 동작방법
US11431510B1 (en) * 2020-04-30 2022-08-30 Wells Fargo Bank, N.A. Code-sign white listing (CSWL)
US11681513B2 (en) * 2020-05-14 2023-06-20 Texas Instmments Incorporated Controlled scope of authentication key for software update
FR3122749B1 (fr) 2021-05-10 2023-10-27 Marbeuf Conseil Et Rech Procédé pour sécuriser l’utilisation d’un logiciel

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050021968A1 (en) 2003-06-25 2005-01-27 Zimmer Vincent J. Method for performing a trusted firmware/bios update
US20050108564A1 (en) * 2003-11-13 2005-05-19 International Business Machines Corporation Reducing the boot time of a TCPA based computing system when the Core Root of Trust Measurement is embedded in the boot block code
JP2005523537A (ja) * 2002-04-18 2005-08-04 インターナショナル・ビジネス・マシーンズ・コーポレーション データ・アクセス制御機能を使用した、統合システム内でのセキュア動作の初期化、維持、更新および回復
JP2007072909A (ja) * 2005-09-08 2007-03-22 Internatl Business Mach Corp <Ibm> 秘密情報へのアクセスを制御するシステムおよびその方法

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6157721A (en) * 1996-08-12 2000-12-05 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
US7194092B1 (en) * 1998-10-26 2007-03-20 Microsoft Corporation Key-based secure storage
US6263431B1 (en) * 1998-12-31 2001-07-17 Intle Corporation Operating system bootstrap security mechanism
US6757824B1 (en) * 1999-12-10 2004-06-29 Microsoft Corporation Client-side boot domains and boot rules
JP2004013477A (ja) 2002-06-06 2004-01-15 Nec Viewtechnology Ltd ブートプログラム選択及び更新方法並びにこれを用いたフラッシュメモリ
US7216369B2 (en) * 2002-06-28 2007-05-08 Intel Corporation Trusted platform apparatus, system, and method
US7318150B2 (en) * 2004-02-25 2008-01-08 Intel Corporation System and method to support platform firmware as a trusted process
US20060136705A1 (en) * 2004-12-21 2006-06-22 Motorola, Inc. Multiple stage software verification
KR100746012B1 (ko) * 2005-11-07 2007-08-06 삼성전자주식회사 코드 이미지를 안전하게 갱신하고 부팅하는 방법 및 장치
JP4769608B2 (ja) * 2006-03-22 2011-09-07 富士通株式会社 起動検証機能を有する情報処理装置
US7827397B2 (en) * 2006-07-13 2010-11-02 Aristocrat Technologies Australia Pty, Ltd. Gaming machine having a secure boot chain and method of use
US7743422B2 (en) * 2006-08-21 2010-06-22 International Business Machines Corporation System and method for validating a computer platform when booting from an external device
US8117429B2 (en) * 2006-11-01 2012-02-14 Nokia Corporation System and method for a distributed and flexible configuration of a TCG TPM-based local verifier
US8254568B2 (en) * 2007-01-07 2012-08-28 Apple Inc. Secure booting a computing device
US20080178257A1 (en) * 2007-01-20 2008-07-24 Takuya Mishina Method for integrity metrics management
US8621191B2 (en) * 2007-12-26 2013-12-31 Nokia Corporation Methods, apparatuses, and computer program products for providing a secure predefined boot sequence

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005523537A (ja) * 2002-04-18 2005-08-04 インターナショナル・ビジネス・マシーンズ・コーポレーション データ・アクセス制御機能を使用した、統合システム内でのセキュア動作の初期化、維持、更新および回復
US20050021968A1 (en) 2003-06-25 2005-01-27 Zimmer Vincent J. Method for performing a trusted firmware/bios update
US20050108564A1 (en) * 2003-11-13 2005-05-19 International Business Machines Corporation Reducing the boot time of a TCPA based computing system when the Core Root of Trust Measurement is embedded in the boot block code
JP2007072909A (ja) * 2005-09-08 2007-03-22 Internatl Business Mach Corp <Ibm> 秘密情報へのアクセスを制御するシステムおよびその方法

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8510544B2 (en) 2008-06-23 2013-08-13 Panasonic Corporation Starts up of modules of a second module group only when modules of a first group have been started up legitimately
WO2009157133A1 (ja) * 2008-06-23 2009-12-30 パナソニック株式会社 情報処理装置、情報処理方法、これらを実現するコンピュータプログラム及び集積回路
JP2012532358A (ja) * 2009-07-01 2012-12-13 パナソニック株式会社 セキュアブート方法およびセキュアブート装置
US8892862B2 (en) 2009-07-01 2014-11-18 Panasonic Corporation Secure boot method for executing a software component including updating a current integrity measurement based on whether the software component is enabled
US10620936B2 (en) 2011-01-19 2020-04-14 International Business Machines Corporation Updating software
JP2014503101A (ja) * 2011-01-19 2014-02-06 インターナショナル・ビジネス・マシーンズ・コーポレーション コードを更新および認証するための方法およびシステム、プログラムの完全性を試験する方法およびシステム
US10007510B2 (en) 2011-01-19 2018-06-26 International Business Machines Corporation Updating software
US10108413B2 (en) 2011-01-19 2018-10-23 International Business Machines Corporation Updating software
JP2014518428A (ja) * 2011-07-07 2014-07-28 インテル・コーポレーション Biosフラッシュ攻撃に対する保護および通知
JP2017021434A (ja) * 2015-07-07 2017-01-26 キヤノン株式会社 情報処理装置及びその制御方法
US10708064B2 (en) 2017-05-12 2020-07-07 Renesas Electronics Corporation Semiconductor device, boot method, and boot program
JP2020042632A (ja) * 2018-09-12 2020-03-19 キヤノン株式会社 情報処理装置、情報処理装置の起動方法、及びプログラム
US11514169B2 (en) 2018-09-12 2022-11-29 Canon Kabushiki Kaisha Information processing apparatus, method of controlling information processing apparatus, and storage medium
JP7182966B2 (ja) 2018-09-12 2022-12-05 キヤノン株式会社 情報処理装置、情報処理装置の起動方法、及びプログラム

Also Published As

Publication number Publication date
US8555049B2 (en) 2013-10-08
EP2196936A4 (en) 2012-05-02
EP2196936A1 (en) 2010-06-16
JP5385148B2 (ja) 2014-01-08
JPWO2009044533A1 (ja) 2011-02-03
US20100185845A1 (en) 2010-07-22

Similar Documents

Publication Publication Date Title
WO2009044533A1 (ja) セキュアブート端末、セキュアブート方法、セキュアブートプログラム、記録媒体及び集積回路
WO2008085449A3 (en) Secure booting a computing device
WO2007095465A3 (en) Method and apparatus for securely booting from an external storage device
WO2011031899A3 (en) Apparatus, system, and method for power reduction in a storage device
WO2011109780A3 (en) Code download and firewall for embedded secure application
WO2008008367A3 (en) System-on-a-chip (soc) test interface security
WO2006124751A3 (en) Method and apparatus for providing software-based security coprocessors
WO2011017028A3 (en) System and method for accessing diagnostic information
EP1918894A4 (en) INFORMATION STORAGE DEVICE, INFORMATION STORAGE PROGRAM, VERIFICATION DEVICE, AND INFORMATION STORAGE METHOD
WO2009042658A3 (en) Method, system and apparatus for providing a boot loader of an embedded system
WO2012012007A3 (en) Methods and system for verifying memory device integrity
GB2433623A (en) Secure boot scheme from exterbal memory using international memory
WO2011159806A3 (en) Apparatus, system, and method for providing error correction
WO2009072755A3 (en) Digital information security system, kernel driver apparatus and digital information security method
TR201902826T4 (tr) Bir elektronik cihaza güvenilir yazılım sağlamaya yönelik yöntem.
WO2008021332A3 (en) System and method for automatically updating a widget on a desktop
EP2221093A4 (en) SERVER SYSTEM, GAME DEVICE, CONTROL PROCEDURE, PROGRAM AND INFORMATION MEMORY
WO2007050357A3 (en) Embedded system that boots from usb flash drive
WO2007078877A3 (en) Freeze-dried ghost pages
WO2007054942A3 (en) Secure read-write storage device
WO2007011971A3 (en) Content dependency verification for a gaming machine
WO2010049391A3 (en) Performing a data write on a storage device
WO2006096837A3 (en) System and method for managing software patches
WO2010046436A3 (en) Method and apparatus for secure software platform access
WO2008081801A1 (ja) 情報端末、セキュリティデバイス、データ保護方法及びデータ保護プログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08835878

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 12676960

Country of ref document: US

Ref document number: 2008835878

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2009535966

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE