PROVISIONING OF OPERATING SYSTEMS TO USER TERMINALS

摘要

Methods and apparatus are provided for provisioning an operating system image from a server (2) to an untrusted user terminal (4) via a data communications network (3). A trusted device (5) such as a pocket USB device has tamper-resistant storage (9) containing bootloader logic, for controlling booting of a user terminal, and security data. On connection of the trusted device (5) to an untrusted user terminal (4), the user terminal is booted via the bootloader logic on the trusted device. Under control of the bootloader logic, a connection is established to the server (2) via the network (3) and the server is authenticated using the security data on the trusted device (5). An operating system boot image is received from the server (2) via this connection. The boot image is used to provision an operating system image from the server (2) to the user terminal (4) for execution of the operating system at the user terminal (4).

主权项

1. A method for provisioning an operating system image from a server to an untrusted user terminal via a data communications network, the method comprising:
creating a connection to a user terminal of a trusted device having a tamper-resistant storage, wherein the tamper-resistant storage comprises bootloader logic for controlling booting of a user terminal and security data; booting the user terminal via said bootloader logic on the trusted device; establishing a connection, under control of the bootloader logic, to the server via the network and authenticating the server using said security data on the trusted device; receiving an operating system boot image from the server via said connection; and using the boot image to provision an operating system image from the server p) to the user terminal for executing the operating system at the user terminal.