WO2010039788A3 - Processor boot security device and methods thereof - Google Patents
Processor boot security device and methods thereof Download PDFInfo
- Publication number
- WO2010039788A3 WO2010039788A3 PCT/US2009/058962 US2009058962W WO2010039788A3 WO 2010039788 A3 WO2010039788 A3 WO 2010039788A3 US 2009058962 W US2009058962 W US 2009058962W WO 2010039788 A3 WO2010039788 A3 WO 2010039788A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- authentication information
- boot
- source
- access
- network authentication
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/1425—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
- G06F12/1433—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4416—Network booting; Remote initial program loading [RIPL]
Abstract
A method of securing network authentication information at a data processing device includes determining a boot source from which to boot the device and comparing the boot source to an expected source. If the boot source is not the expected source, access to the network authentication information is inhibited, such as by disabling access to the portion of memory that stores the authentication information. Further, if the boot source is the expected source, boot code authentication information is retrieved from memory and verified during the boot sequence. If the device authentication information is not authenticated, access to the network authentication information is inhibited. Accordingly, access to the network authentication information is allowed only if the data processing device is booted from an expected source, and only if the boot code is authenticated, thereby reducing the likelihood of unauthorized access to the network authentication information.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10148708P | 2008-09-30 | 2008-09-30 | |
US61/101,487 | 2008-09-30 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2010039788A2 WO2010039788A2 (en) | 2010-04-08 |
WO2010039788A3 true WO2010039788A3 (en) | 2010-07-22 |
Family
ID=42058872
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2009/058962 WO2010039788A2 (en) | 2008-09-30 | 2009-09-30 | Processor boot security device and methods thereof |
Country Status (2)
Country | Link |
---|---|
US (2) | US8443181B2 (en) |
WO (1) | WO2010039788A2 (en) |
Families Citing this family (39)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010039788A2 (en) | 2008-09-30 | 2010-04-08 | Bigfoot Networks, Inc. | Processor boot security device and methods thereof |
US20100306442A1 (en) * | 2009-06-02 | 2010-12-02 | International Business Machines Corporation | Detecting lost and out of order posted write packets in a peripheral component interconnect (pci) express network |
GB2493340A (en) * | 2011-07-28 | 2013-02-06 | St Microelectronics Res & Dev | Address mapping of boot transactions between dies in a system in package |
US9055443B2 (en) | 2011-10-27 | 2015-06-09 | T-Mobile Usa, Inc. | Mobile device-type locking |
US9319884B2 (en) | 2011-10-27 | 2016-04-19 | T-Mobile Usa, Inc. | Remote unlocking of telecommunication device functionality |
US9591484B2 (en) | 2012-04-20 | 2017-03-07 | T-Mobile Usa, Inc. | Secure environment for subscriber device |
US10075848B2 (en) | 2012-08-25 | 2018-09-11 | T-Mobile Usa, Inc. | SIM level mobile security |
CN110569633B (en) * | 2012-10-25 | 2023-04-18 | 英特尔公司 | Theft protection in firmware |
US10733288B2 (en) | 2013-04-23 | 2020-08-04 | Hewlett-Packard Development Company, L.P. | Verifying controller code and system boot code |
US9734339B2 (en) | 2013-04-23 | 2017-08-15 | Hewlett-Packard Development Company, L.P. | Retrieving system boot code from a non-volatile memory |
US20150121054A1 (en) * | 2013-10-31 | 2015-04-30 | Advanced Micro Devices, Inc. | Platform Secure Boot |
US9547767B2 (en) | 2013-11-13 | 2017-01-17 | Via Technologies, Inc. | Event-based apparatus and method for securing bios in a trusted computing system during execution |
US9767288B2 (en) | 2013-11-13 | 2017-09-19 | Via Technologies, Inc. | JTAG-based secure BIOS mechanism in a trusted computing system |
US9507942B2 (en) | 2013-11-13 | 2016-11-29 | Via Technologies, Inc. | Secure BIOS mechanism in a trusted computing system |
US9129113B2 (en) | 2013-11-13 | 2015-09-08 | Via Technologies, Inc. | Partition-based apparatus and method for securing bios in a trusted computing system during execution |
US10049217B2 (en) | 2013-11-13 | 2018-08-14 | Via Technologies, Inc. | Event-based apparatus and method for securing bios in a trusted computing system during execution |
US9779242B2 (en) | 2013-11-13 | 2017-10-03 | Via Technologies, Inc. | Programmable secure bios mechanism in a trusted computing system |
US10055588B2 (en) | 2013-11-13 | 2018-08-21 | Via Technologies, Inc. | Event-based apparatus and method for securing BIOS in a trusted computing system during execution |
US9367689B2 (en) * | 2013-11-13 | 2016-06-14 | Via Technologies, Inc. | Apparatus and method for securing BIOS in a trusted computing system |
US9798880B2 (en) | 2013-11-13 | 2017-10-24 | Via Technologies, Inc. | Fuse-enabled secure bios mechanism with override feature |
US10095868B2 (en) | 2013-11-13 | 2018-10-09 | Via Technologies, Inc. | Event-based apparatus and method for securing bios in a trusted computing system during execution |
US9183394B2 (en) | 2013-11-13 | 2015-11-10 | Via Technologies, Inc. | Secure BIOS tamper protection mechanism |
US9779243B2 (en) | 2013-11-13 | 2017-10-03 | Via Technologies, Inc. | Fuse-enabled secure BIOS mechanism in a trusted computing system |
US10013565B2 (en) * | 2014-08-18 | 2018-07-03 | Dell Products, Lp | System and method for secure transport of data from an operating system to a pre-operating system environment |
US9807607B2 (en) | 2014-10-03 | 2017-10-31 | T-Mobile Usa, Inc. | Secure remote user device unlock |
US10769315B2 (en) * | 2014-12-01 | 2020-09-08 | T-Mobile Usa, Inc. | Anti-theft recovery tool |
US20160253501A1 (en) * | 2015-02-26 | 2016-09-01 | Dell Products, Lp | Method for Detecting a Unified Extensible Firmware Interface Protocol Reload Attack and System Therefor |
US9813399B2 (en) | 2015-09-17 | 2017-11-07 | T-Mobile Usa, Inc. | Secure remote user device unlock for carrier locked user devices |
CN106792195B (en) * | 2016-12-26 | 2020-12-08 | 深圳Tcl数字技术有限公司 | Intelligent selection method and system for starting information source of intelligent television |
US10387333B2 (en) * | 2017-01-05 | 2019-08-20 | Qualcomm Incorporated | Non-volatile random access memory with gated security access |
US10476875B2 (en) | 2017-04-21 | 2019-11-12 | T-Mobile Usa, Inc. | Secure updating of telecommunication terminal configuration |
US10171649B2 (en) | 2017-04-21 | 2019-01-01 | T-Mobile Usa, Inc. | Network-based device locking management |
US10757087B2 (en) * | 2018-01-02 | 2020-08-25 | Winbond Electronics Corporation | Secure client authentication based on conditional provisioning of code signature |
US10972901B2 (en) | 2019-01-30 | 2021-04-06 | T-Mobile Usa, Inc. | Remote SIM unlock (RSU) implementation using blockchain |
WO2020159533A1 (en) | 2019-02-01 | 2020-08-06 | Hewlett-Packard Development Company, L.P. | Security credential derivation |
CN109902035B (en) * | 2019-02-03 | 2023-10-31 | 成都皮兆永存科技有限公司 | composite memory |
WO2020167283A1 (en) | 2019-02-11 | 2020-08-20 | Hewlett-Packard Development Company, L.P. | Recovery from corruption |
US11288373B2 (en) * | 2019-04-11 | 2022-03-29 | Baidu Usa Llc | Boot failure recovery scheme for hardware-based system of autonomous driving vehicles |
US20230385071A1 (en) * | 2022-05-31 | 2023-11-30 | Renesas Electronics Corporation | Semiconductor device |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030140238A1 (en) * | 2002-01-22 | 2003-07-24 | Texas Instruments Incorporated | Implementation of a secure computing environment by using a secure bootloader, shadow memory, and protected memory |
US20060090084A1 (en) * | 2004-10-22 | 2006-04-27 | Mark Buer | Secure processing environment |
US20060179308A1 (en) * | 2005-02-07 | 2006-08-10 | Andrew Morgan | System and method for providing a secure boot architecture |
US20080141017A1 (en) * | 2006-07-13 | 2008-06-12 | Mccoull James Ross | Gaming machine having a secure boot chain and method of use |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7073064B1 (en) * | 2000-03-31 | 2006-07-04 | Hewlett-Packard Development Company, L.P. | Method and apparatus to provide enhanced computer protection |
FI114416B (en) * | 2001-06-15 | 2004-10-15 | Nokia Corp | Method for securing the electronic device, the backup system and the electronic device |
US20050138409A1 (en) * | 2003-12-22 | 2005-06-23 | Tayib Sheriff | Securing an electronic device |
JP4433401B2 (en) * | 2004-12-20 | 2010-03-17 | レノボ シンガポール プライヴェート リミテッド | Information processing system, program, and information processing method |
US7467304B2 (en) * | 2005-06-22 | 2008-12-16 | Discretix Technologies Ltd. | System, device, and method of selectively allowing a host processor to access host-executable code |
US7424398B2 (en) * | 2006-06-22 | 2008-09-09 | Lexmark International, Inc. | Boot validation system and method |
US7757098B2 (en) * | 2006-06-27 | 2010-07-13 | Intel Corporation | Method and apparatus for verifying authenticity of initial boot code |
US7987351B2 (en) * | 2006-10-06 | 2011-07-26 | Broadcom Corporation | Method and system for enhanced boot protection |
WO2010039788A2 (en) | 2008-09-30 | 2010-04-08 | Bigfoot Networks, Inc. | Processor boot security device and methods thereof |
-
2009
- 2009-09-30 WO PCT/US2009/058962 patent/WO2010039788A2/en active Application Filing
- 2009-09-30 US US12/570,338 patent/US8443181B2/en active Active
-
2013
- 2013-04-08 US US13/858,503 patent/US9141804B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030140238A1 (en) * | 2002-01-22 | 2003-07-24 | Texas Instruments Incorporated | Implementation of a secure computing environment by using a secure bootloader, shadow memory, and protected memory |
US20060090084A1 (en) * | 2004-10-22 | 2006-04-27 | Mark Buer | Secure processing environment |
US20060179308A1 (en) * | 2005-02-07 | 2006-08-10 | Andrew Morgan | System and method for providing a secure boot architecture |
US20080141017A1 (en) * | 2006-07-13 | 2008-06-12 | Mccoull James Ross | Gaming machine having a secure boot chain and method of use |
Also Published As
Publication number | Publication date |
---|---|
US8443181B2 (en) | 2013-05-14 |
US20100082968A1 (en) | 2010-04-01 |
WO2010039788A2 (en) | 2010-04-08 |
US9141804B2 (en) | 2015-09-22 |
US20130227266A1 (en) | 2013-08-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2010039788A3 (en) | Processor boot security device and methods thereof | |
TWI669626B (en) | Processing method, server and client for preventing copy attacks | |
US20160110545A1 (en) | Code pointer authentication for hardware flow control | |
US10503931B2 (en) | Method and apparatus for dynamic executable verification | |
WO2007096871A3 (en) | Device, system and method of accessing a security token | |
WO2016078327A1 (en) | Method and apparatus for identifying malicious operation in mobile terminal | |
WO2007067221A3 (en) | Methods and apparatus for the secure handling of data in a microcontroller | |
MY175911A (en) | Method and system protecting against identity theft or replication abuse | |
EA201491905A1 (en) | METHOD AND SYSTEM FOR ABSTRACT AND RANDOMIZED DISPOSABLE PASSWORDS FOR TRANSACTION AUTHENTICATION | |
EA201200084A1 (en) | METHOD OF REMOTE CONTROL AND MONITORING DATA ON THE DESKTOP | |
GB201306126D0 (en) | Method, secure device, system and computer program product for security managing access to a file system | |
KR20130015007A (en) | Method for verifying a memory block of a nonvolatile memory | |
JP2008539482A5 (en) | ||
WO2008073606A3 (en) | Access control system based on a hardware and software signature of a requesting device | |
ATE525826T1 (en) | AUTHORIZATION OF A TRANSACTION | |
JP4621732B2 (en) | Method for authenticating device outside vehicle, bus system of motor vehicle having control device, and computer program for authenticating device outside vehicle | |
RU2007122786A (en) | METHOD AND SYSTEM FOR PROTECTING SOFTWARE APPLICATIONS AGAINST PIRACY | |
KR101630462B1 (en) | Apparatus and Method for Securing a Keyboard | |
US9507955B2 (en) | System and method for executing code securely in general purpose computer | |
CN110069936A (en) | A kind of wooden horse steganography method and detection method | |
KR101397666B1 (en) | Method for controlling access right of application, and user device | |
US20160042160A1 (en) | Apparatus and method for preventing cloning of code | |
WO2010151102A1 (en) | Remote destroy mechanism using trusted platform module | |
MY176457A (en) | Secure external storage system and method thereof | |
US20140130162A1 (en) | Phishing preventing system and operating method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09818416 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 09818416 Country of ref document: EP Kind code of ref document: A2 |