High-assurance secure boot content protection

Abstract

A method and apparatus for high assurance boot processing is disclosed. A trusted processor is used to authenticate a trusted boot program and in conjunction with a selector, to provide the authenticated boot program to a boot memory where it can be accessed by a main processor to execute the bootup sequence. The trusted processor also provides a command for the main processor to write a data sequence to a hard drive or similar device, and monitors the data written by the main processor to verify that the data has not been tampered with or otherwise compromised.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS [0001] This application claims benefit of U.S. Provisional Patent Application No. 60 / 593,015, entitled “HIGH-ASSURANCE PROCESSOR ACTIVE MEMORY CONTENT PROTECTION,” by Michael Masaji Furusawa and Chieu T. Nguyen, filed Jul. 30, 2004, and U.S. Provisional Patent Application No. 60 / 593,016, entitled “HIGH-ASSURANCE SECURE BOOT CONTENT PROTECTION,” by Michael Masaji Furusawa, and Chieu T. Nguyen, filed Jul. 30, 2004 which applications are hereby incorporated by reference herein. [0002] This application is related to the following co-pending and commonly assigned patent application, which application is also incorporated by reference herein: [0003] application Ser. No. ______, entitled “HIGH-ASSURANCE PROCESSOR ACTIVE MEMORY CONTENT PROTECTION,” filed on same date herewith, by Michael Masaji Furusawa and Chieu T. Nguyen.BACKGROUND OF THE INVENTION [0004] 1. Field of the Invention [0005] The present invention relates to systems and methods of secure...

AI Technical Summary

Benefits of technology

[0011] The disclosed system includes a selector element coupled to the boot flash memory. This switch element operates under the control of a trusted hardware processor that is separate from the main processor. The selector element allows the trusted processor to authenticate the boot program before allowing the main processor to execute it to boot up the computer. It also permits the boot program to be securely stored.

[0012] The disclosed system also incorporates a “heartbeat monitor” function, which allows the trusted processor to monitor and verify the encryption of files and data being stored on the hard drive or other storage device. This “hardens” the encryption process, and eliminates the need for the main processor to include a secure hardware processor to perform the required file encryption / decryption. This increases security without the extra expense and eventual obsolescence inherent in hardware processor solutions.

[0013] Adequate security can be achieved without the problems associated with a trusted main processor because the trusted processor can control the secure boot contents and authenticate the boot program before providing it to the main processor for execution. It also permits monitoring the authenticity of data stored in the data storage devices. Relieved of trusted processor requirements, the main processor can be less expensive, faster, and can be easily upgraded when necessary. Further, the trusted processor can be designed so that it is adaptable to a wide variety of main processor technology roadmaps.

Problems solved by technology

Unfortunately, during boot-up, the computer system is vulnerable to hacking.

Images