| 发明名称 | Approaches for firmware to trust an application | ||
| 摘要 | Techniques for determining whether firmware should trust an application sufficiently so as to provide a service to the application. Firmware, executing on a device, receives an indication that an application, also executing on the device, is requesting a service provided by the firmware. The firmware obtains (a) an operating system signature associated with the application and (b) a firmware signature associated with the application. The operating system signature is a signature that is used by the operating system, executing on the device, to authenticate the application, while the firmware signature is a signature that is used by the firmware to authenticate the application. If the firmware determines that the operating system signature matches the firmware signature, then the firmware storing trust data that permits the application to access the service provided by the firmware. The firmware need not calculate a signature based on the in-memory image of the application. | ||
| 申请公布号 | US8918907(B2) | 申请公布日期 | 2014.12.23 |
| 申请号 | US201113085992 | 申请日期 | 2011.04.13 |
| 申请人 | Phoenix Technologies Ltd. | 发明人 | Lewis Timothy A. |
| 分类号 | G06F21/20;G06F21/51 | 主分类号 | G06F21/20 |
| 代理机构 | Brokaw Patent Law PC | 代理人 | Brokaw Patent Law PC ;Brokaw Christopher J. |
| 主权项 | 1. A non-transitory machine-readable medium storing one or more sequences of instructions, which when executed, causes: upon being instructed to execute an application, an operating system determining whether to permit execution of the application by (a) obtaining a first signature of an in-memory image of the application and (b) verifying that the first signature matches a second signature of a persistently stored image of the application; upon firmware receiving from the application a request for a service provided by the firmware, the firmware determining whether the application should be trusted by (a) verifying that the request originated from the in-memory image of the application and (b) verifying that the second signature of the persistently stored image of the application corresponds to an application which the firmware has previously been notified as being deemed trustworthy; upon the firmware determining that the application requesting the service from the firmware should be trusted, the firmware storing trust data that permits the application to access the service provided by the firmware; and upon the firmware determining that the application requesting the service from the firmware should not be trusted, the firmware denying performance of the service to the application. | ||
| 地址 | Campbell CA US | ||