摘要:
A method and system for updating a root of trust measurement (RTM) function in a personal computer is disclosed. The RTM function is located in a boot block of the personal computer. The method and system comprise initializing a request to update the RTM function and unlocking the boot block based on an authentication process. The method and system further includes updating the RTM function. Through the use of the method and system in accordance with the present invention, the RTM function in a personal computer is updated in a manner that ensures that the update is authentic.
摘要:
A computer system contains selectively available boot block codes. A first boot block is of the conventional type and is stored in storage media such as flash ROM on a system planar with the processor of the computer system. A second boot block is located on a feature card and contains an immutable security code in compliance with the Trusted Computing Platform Alliance (TCPA) specification. The boot block on the feature card is enabled if the first boot block detects the presence of the feature card. The computer system can be readily modified as the computer system is reconfigured, while maintaining compliance with the TCPA specification. A switching mechanism controls which of the boot blocks is to be activated. The feature card is disabled in the event of a computer system reset to prevent access to the TCPA compliant code and function.
摘要:
A method and system for enabling security attestation for a computing device during a return from an S4 sleep state. When the computing device enters into the S4 state following a successful boot up, the attestation log is appended to the TPM tick count and the log is signed (with a security signature). When the device is awaken from S4 state, the BIOS obtains and verifies the log created during the previous boot. The CRTM maintains a set of virtual PCRs and references these virtual PCRs against the log. If the values do not match, the return from S4 state fails and the device is rebooted.
摘要:
When an authenticated wireless computer loses connectivity to a wireless access point of a network and roams to another access point, the wireless computer (e.g., a hypervisor in the computer) determines whether the new access point is authorized for secure communication and if so, releases access to secure data on the network through the new access point.
摘要:
An apparatus, system, and method are disclosed for securing I/O communications between a blade and peripheral interface device. The apparatus includes a determination module, a source security module, and a source communication module. The determination module identifies I/O data configured for transmission to a destination module configured to receive secure I/O data. The source security module encrypts the I/O data to generate secured I/O data such that subsequent decryption of the secured I/O data is restricted to a destination module. The source communication module transmits the secured I/O data over a vulnerable communication link to the destination module. The vulnerable communication link comprises a message intercept vulnerability. The destination module is configured to unencrypt the secure I/O data for a destination device such as a display device.
摘要:
Methods and arrangements are disclosed for secure single sign on to an operating system using only a power-on password. In many embodiments modified BIOS code prompts for, receives and verifies the power-on password. The power-on password is hashed and stored in a Platform Configuration Register of the Trusted Platform Module. In a setup mode, the trusted platform module encrypts the operating system password using the hashed power-on password. In a logon mode, the trusted platform module decrypts the operating system password using the hashed power-on password.
摘要:
A method, computer program product and computer system for securing alterable data. A computer that is remotely managed may be equipped with a protected storage that is accessible only by BIOS code. The protected storage may have the capacity to store a symmetrical encryption key. An EEPROM, which normally contains the BIOS code, may be used to store accessible configuration data as well as remotely unaccessible sensitive access information (e.g., passwords). The remotely unaccessible sensitive data is encrypted with the symmetrical encryption key by the BIOS code. Remote access to the sensitive data is accomplished via change requests submitted to the BIOS code over a secure channel. The BIOS code then determines whether the request is valid. If so, then sensitive data is decrypted, altered, encrypted, and re-written into the EEPROM. Normal access to accessible data is unaffected and remote access is allowed without changing the computer system architecture.
摘要:
An apparatus, method, and system to seal a data repository to a trusted computing platform is described. The data repository may be sealed by encrypting the data on the repository and sealing a cryptographic key to a specific set of platform resources. With the data repository sealed to the platform, the system boot sequence will fail if the system configuration is compromised, for example by insertion of “snoopware” or a modified BIOS. Additionally, if the computer containing the data repository is lost or stolen, the encrypted data remains secure even if the repository is attached to a system modified to bypass normal safeguards.
摘要:
A data processing system and method are disclosed for protecting data within a hard disk drive included within a data processing system. Data is generated. A signature value is provided which is stored in a signature device. The signature device is capable of being inserted into and removed from a computer system. A textual description of the data is created. The data is encrypted utilizing both the signature value stored on the device and the textual description. The encrypted data is then stored on the hard disk drive. The data processing system does not permanently store encryption keys.
摘要:
A system and method for isolating a computer system from entry of a personal identification number (PIN) to a smart card. The system and method includes a computer system that is in communication with an unsecure network to allow a user to engage in a purchase transaction. The system and method also includes a smart card reader in which a smart card is inserted and read. A secure personal-identification-number (PIN) entry device is coupled between the computer system and the smart card reader. The secure PIN entry device is used for entering a correct code for the PIN. Communication between computer system and secure PIN entry device is disconnected until the correct code for the PIN is entered at secure PIN entry device and sent to the smart card in order to authorize use of the smart card for the purchase transaction. In response to the correct code for the PIN being entered and sent to the smart card, communication between computer system and secure PIN entry device is established. The secure PIN entry device has a processor for controlling the disconnection and connection of communication between the computer system and the secure PIN entry device. The secure PIN entry device also has a display for displaying a message request relating to the purchase transaction. The message request prompts a user to provide the PIN to authorize use of the smart card for a purchase transaction.