Invention Grant
US08028172B2 Systems and methods for updating a secure boot process on a computer with a hardware security module
有权
使用硬件安全模块在计算机上更新安全引导过程的系统和方法
- Patent Title: Systems and methods for updating a secure boot process on a computer with a hardware security module
- Patent Title (中): 使用硬件安全模块在计算机上更新安全引导过程的系统和方法
-
Application No.: US11036018Application Date: 2005-01-14
-
Publication No.: US08028172B2Publication Date: 2011-09-27
- Inventor: Jamie Hunter , Paul England , Russell Humphries , Stefan Thom , James Anthony Schwartz, Jr. , Kenneth D. Ray , Jonathan Schwartz
- Applicant: Jamie Hunter , Paul England , Russell Humphries , Stefan Thom , James Anthony Schwartz, Jr. , Kenneth D. Ray , Jonathan Schwartz
- Applicant Address: US WA Redmond
- Assignee: Microsoft Corporation
- Current Assignee: Microsoft Corporation
- Current Assignee Address: US WA Redmond
- Agency: Woodcock Washburn LLP
- Main IPC: H04L9/32
- IPC: H04L9/32
Abstract:
Systems and methods are provided for maintaining and updating a secure boot process on a computer with a trusted platform module (TPM). A boot process may be maintained by inspecting a log of TPM activity, determining data that prevented a secret to unseal, and returning the data to an original state. In situations where this type of recovery is not workable, techniques for authenticating a user may be used, allowing the authenticated user to bypass the security features of the boot process and reseal the boot secrets to platform configuration register (PCR) values that may have changed. Finally, a secure boot process may be upgraded by migrating TPM sealed secrets to a temporary storage location, updating one or more aspects of a secure boot process, and resealing the secrets to the resulting new platform configuration. Other advantages and features of the invention are described below.
Public/Granted literature
- US20060161784A1 Systems and methods for updating a secure boot process on a computer with a hardware security module Public/Granted day:2006-07-20
Information query
