| 摘要 |
An information processing apparatus having a verification capability of a configuration change. The information processing apparatus includes: a configuration storage unit to store information on components having been connected to the information processing apparatus as reference configuration information; a detecting unit to detect configuration information on components being connected to the information processing apparatus in booting; a comparing unit to compare, detected configuration information and the reference configuration information when the information processing apparatus is booted; a boot control unit to terminate booting of the information processing apparatus when an unequal comparison occurs; a monitoring unit to monitor, after the information processing apparatus is booted, a configuration change of the information processing apparatus in operation; and a dynamic update unit to update, when the configuration change of the information processing apparatus in operation is recognized, the reference configuration information with configuration information of the configuration-changed information processing apparatus. |
| 主权项 |
1. An information processing apparatus comprising:
a configuration storage unit to store information on components having been connected to the information processing apparatus as reference configuration information; a detecting unit to detect configuration information on components being connected to the information processing apparatus in booting; a comparing unit to compare the detected configuration information and the reference configuration information in an enabling status of secure boot capability when the information processing apparatus is booted; a boot control unit to terminate booting of the information processing apparatus when an unequal comparison between the detected configuration information and the reference configuration information occurs; a monitoring unit to monitor, after the information processing apparatus is booted, a configuration change of the information processing apparatus that is in operation; and a dynamic update unit to update, when the configuration change of the information processing apparatus in the operation is recognized by the monitoring unit, the reference configuration information with configuration information of the information processing apparatus a configuration of which has been changed, in a disabling status of the secure boot capability, wherein when the configuration change of the information processing apparatus in the operation is recognized by the monitoring unit, the comparing unit compares, before the reference configuration information is updated, the configuration information of the information processing apparatus the configuration of which has been changed and the reference configuration information in the disabling status of the secure boot capability, and when an equal comparison between the configuration information of the information processing apparatus the configuration of which has been changed and the reference configuration information occurs, the disabling status of the secure boot capability is changed to the enabling status of the secure boot capability after an updating process by the dynamic update unit is executed, and wherein when the configuration change of the information processing apparatus in the operation is recognized by the monitoring unit, the comparing unit compares, before the reference configuration information is updated, the configuration information of the information processing apparatus the configuration of which has been changed and the reference configuration information in the disabling status of the secure boot capability, when an unequal comparison between the configuration information of the information processing apparatus the configuration of which has been changed and the reference configuration information occurs, the updating process by the dynamic update unit is terminated while keeping the information processing apparatus in a running state, and the disabling status of the secure boot capability is changed to the enabling status of the secure boot capability after the information processing apparatus is rebooted. |
