Method and apparatus for assessing integrity of computer system software

Assignee

• Compaq Computer Corporation · US

Inventors

• David P. Jablon · Lowell, US
• Nora E. Hanley · Shrewsbury, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2105
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A method and device for reliably assessing the integrity of a computer system's software prevents execution of corrupted programs at time of system initialization, enhancing system security. Programs and data comprising the system's trusted software, including all startup processes, are verified before being utilized. Methods to verify the trusted software use a hierarchy of both modification detection codes and public-key digital signature codes. The top-level codes are placed in a protectable non-volatile storage area, and are used by the startup program to verify the integrity of subsequent programs. A trusted initialization program sets a hardware latch to protect the codes in the non-volatile memory from being overwritten by subsequent untrusted programs. The latch is only reset at system restart, when control returns to the bootstrap program. Software reconfiguration is possible with trusted programs that write new top-level codes while the latch is open. The mechanism itself is immune to malicious software attack when the write-protect latch is closed before running untrusted software. Preferred embodiments in an IBM-compatible personal computer uses the reset switch to init…