| 发明名称 |
Booting from a trusted network image |
| 摘要 |
The present invention extends to methods, systems, and computer program products for booting from a trusted network image. The image can be executed from a trusted source on a Wide Area Network (“WAN”) to perform a maintenance operation, such as, for example, malware scanning, operating system repair, factory reset, etc. at the computer system. Trust can be established using a Certificate Authority or an out of band communication channel (e.g., voice communication, text message, electronic mail, etc.) to retrieve a one-time pad (“OTP”). Using the OTP the computer can validate that it is connected to the trusted source. The trusted source can chain to additional images hosted on a third-party server. The additional images can provide a user with options for various different maintenance operations or various different implementations of the same maintenance operation. For example, the trusted source can link to multiple different malware scanners. |
| 申请公布号 |
US9535715(B2) |
申请公布日期 |
2017.01.03 |
| 申请号 |
US201213714454 |
申请日期 |
2012.12.14 |
| 申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Pfeifer, Jr. William Daniel;Hill Douglas Grayson |
| 分类号 |
G06F9/44;G06F21/57;G06F21/33;H04L29/08;H04L29/06;H04L12/24 |
主分类号 |
G06F9/44 |
| 代理机构 |
|
代理人 |
Churna Timothy;Drakos Kate;Minhas Micky |
| 主权项 |
1. At a computer system, the computer system including one or more processors, system memory, and a display device, a method for booting from a trusted network image to perform a maintenance operation at the computer system, the method comprising:
initiating a boot process from an internal firmware memory at the computer system, the boot process initiated without reference to any interfaces for exchanging data with any local storage devices accessible at the computer system; presenting a boot order menu at the display device in response to input received during the boot process, the boot order menu including one or more selectable local boot options and a network boot option, the network boot option for performing the maintenance operation on software previously installed at the computer system by executing a network bootstrap program stored at another computer system on a network, the previously installed software having been installed on a local storage device accessible to the computer system prior to the boot process being initiated; in response to receiving selection of the network boot option at the boot order menu, the firmware memory controlling other components of the computer system to obtain the network bootstrap program through network communication, including:
connecting to the other computer system on the network using network communication;making a trust determination to establish trust with the other computer system; andafter establishing trust with the other computer system, receiving a path to the network bootstrap program from the other computer system; and running the network bootstrap program at the computer system to perform the maintenance operation on the previously installed software at the computer system, the network bootstrap program run prior to transitioning the boot process to instructions outside of the firmware memory. |
| 地址 |
Redmond WA US |
