发明名称 |
Server active management technology (AMT) assisted secure boot |
摘要 |
In some embodiments, the invention involves a system and method relating to secure booting of a platform. In at least one embodiment, the present invention is intended to securely boot a platform using one or more signature keys stored in a secure location on the platform, where access to the signature is by a microcontroller on the platform and the host processor has no direct access to alter the signature key. Other embodiments are described and claimed. |
申请公布号 |
US8984265(B2) |
申请公布日期 |
2015.03.17 |
申请号 |
US200711731526 |
申请日期 |
2007.03.30 |
申请人 |
Intel Corporation |
发明人 |
Vaid Kushagra;Zimmer Vincent J.;Shekhar Mrigank |
分类号 |
G06F9/00;G06F15/177;G06F21/57;H04L9/08 |
主分类号 |
G06F9/00 |
代理机构 |
Trop, Pruner & Hu, P.C. |
代理人 |
Trop, Pruner & Hu, P.C. |
主权项 |
1. A system for secure boot on a platform, comprising:
a host processor coupled with a firmware memory store to store firmware to boot the host processor; and a second processor on the platform, the second processor communicatively coupled to a secure area of a memory store, the secure area of the memory store being inaccessible to the firmware and other host processor applications, the second processor to retrieve and validate a signature key from the secure area to control image loading during boot the second processor has network access for an out-of-band connection, even when the host processor has not yet booted, and the second processor to validate the key when the host processor is not even booted using the out-of-band connection by accessing an active directory listing valid keys on a remote server to determine if the signature key is valid or revoked. |
地址 |
Santa Clara CA US |