发明名称 |
SYSTEM AND METHOD FOR PROTECTED OPERATING SYSTEM BOOT USING STATE VALIDATION |
摘要 |
A mechanism for protected operating system boot that prevents rogue componen ts from being loaded with the operating system, and thus prevents divulgence of the system key under inappropriate circumstances. After a portion of the machine startup procedur e has occurred, the operating system loader is run, the loader is validated, and a correct machi ne state is either verified to exist and/or created. Once the loader has been verified to be a legitimat e loader, and the machine state under which it is running is verified to be correct, the loader's futu re behavior is known to protect against the loading of rogue components that could cause divulgence of the system key. With the loader's behavior being known to be safe for the system key, the validator may unseal the system key and provides it to the loader.
|
申请公布号 |
CA2507793(A1) |
申请公布日期 |
2005.12.30 |
申请号 |
CA20052507793 |
申请日期 |
2005.05.17 |
申请人 |
MICROSOFT CORPORATION |
发明人 |
ENGLAND, PAUL;CROSS, DAVID B.;PALEY, MARK ELIOT;KURIEN, THEKKTHALACKAL VARUGIS;JACOMET, PIERRE;MCMICHAEL, LONNY DEAN;RAY, KENNETH D.;LASALLE, DEREK NORMAN;HUNTER, JAMIE;WILLMAN, BRYAN MARK |
分类号 |
G06F9/445;G06F11/00;G06F21/00;G06N;(IPC1-7):G06F9/445 |
主分类号 |
G06F9/445 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|