公开(公告)号：US07490245B2

公开(公告)日：2009-02-10

申请号：US10898822

申请日：2004-07-24

申请人： Rod David Waltermann ,  Michael Douglas Anderson ,  Ernest Nelson Mandese ,  Kerry Graham Sanders

发明人： Rod David Waltermann ,  Michael Douglas Anderson ,  Ernest Nelson Mandese ,  Kerry Graham Sanders

IPC分类号： H04L9/32

CPC分类号： G06F21/57

摘要： Initially, a hardware inventory device is provided within the data processing system. UIC that uniquely identifies the data processing system is stored in a non-erasable memory of the hardware inventory device. An encrypted hash generated by combining the UIC and a BIOS hash is stored in the non-erasable memory of the hardware inventory device. In response to a loading of a software program previously installed within a direct access storage device of the data processing system, the following steps are performed: i. the encrypted hash is obtained from the non-erasable memory of the hardware inventory device; ii. the encrypted hash is decrypted; iii. a new hash is generated by using the UIC and a BIOS from the data processing system, and the decrypted hash is compared with the new hash; and iv. the software program loading is allowed to continue when the decrypted hash matches the new hash.

摘要翻译： 最初，在数据处理系统内提供硬件清单装置。 唯一识别数据处理系统的UIC被存储在硬件清单设备的不可擦除存储器中。 通过组合UIC和BIOS散列产生的加密哈希存储在硬件清单设备的不可擦除存储器中。 响应于先前安装在数据处理系统的直接访问存储设备中的软件程序的加载，执行以下步骤：i。 从硬件清单设备的不可擦除存储器获得加密散列; ii。 加密散列被解密; iii。 通过使用来自数据处理系统的UIC和BIOS生成新的散列，并将解密的散列与新的散列进行比较; 和iv。 当解密的哈希匹配新的哈希时，允许软件程序加载继续。