发明名称 |
Apparatus and method to harden computer system |
摘要 |
In some embodiments, a processor-based system may include a processor, the processor having a processor identification, one or more electronic components coupled to the processor, at least one of the electronic components having a component identification, and a hardware security component coupled to the processor and the electronic component. The hardware security component may include a secure non-volatile memory and a controller. The controller may be configured to receive the processor identification from the processor, receive the at least one component identification from the one or more electronic components, and determine if a boot of the processor-based system is a provisioning boot of the processor-based system. If the boot is determined to be the provisioning boot, the controller may be configured to store a security code in the secure non-volatile memory, wherein the security code is based on the processor identification and the at least one component identification. Other embodiments are disclosed and claimed. |
申请公布号 |
US9311512(B2) |
申请公布日期 |
2016.04.12 |
申请号 |
US201414450607 |
申请日期 |
2014.08.04 |
申请人 |
Intel Corporation |
发明人 |
Gurumoorthy Naga;Kumar Arvind;Parker Matthew J. |
分类号 |
G06F11/00;G06F21/88;G06F21/57;G06F21/73;G06F9/44;G06F9/445 |
主分类号 |
G06F11/00 |
代理机构 |
Jordan IP Law, LLC |
代理人 |
Jordan IP Law, LLC |
主权项 |
1. At least one non-transitory computer readable storage medium comprising a set of embedded controller firmware instructions which, if executed by an embedded controller that is integrated into a computing platform, cause the embedded controller to:
determine a platform code based on a processor identification of a processor and a component identification of at least one electronic component upon a non-provisioning boot of the processor-based system; and determine if the platform code is valid based on a comparison with a stored security code wherein the security code is based on a processor identification of the processor and an a component identification of the at least one electronic component upon a provisioning boot of the processor-based system. |
地址 |
Santa Clara CA US |