Securely recovering a computing device
US-9680648-B2 · Jun 13, 2017 · US
Securely recovering a computing device
US10142104B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10142104-B2 |
| Application number | US-201715619276-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 9, 2017 |
| Priority date | Jan 7, 2007 |
| Publication date | Nov 27, 2018 |
| Grant date | Nov 27, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a ROM (read only memory) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for updating an application established at a file system of a client device, the method comprising, at the client device: providing a request to a computing device to update the application, wherein the request includes a version identifier associated with the application; loading a code image that is received from the computing device into a storage device of the client device, wherein the code image is (i) digitally signed by a signature, (ii) associated with an application package, and (iii) based on the version identifier; verifying that the code image is trusted by certifying a fingerprint stored in a secure memory of the client device, wherein the fingerprint is associated with a unique device identifier of the client device; and in response to determining that the code image is trusted: verifying that an integrity of one or more files of the application package is not compromised, and establishing the one or more files at the file system by executing the code image; and in response to determining that the code image is not trusted: disabling access to the unique device identifier such as to prevent access to user data associated with the client device, and removing the code image from the storage device. 2. The method of claim 1 , wherein, subsequent to establishing the one or more files at the file system, the method further comprises: rebooting an operating system of the client device. 3. The method of claim 1 , wherein, in response to determining that the integrity of the one or more files is compromised, the method further comprises: preventing the one or more files from being established at the file system. 4. The method of claim 1 , wherein determining that the code image is trusted further comprises: verifying the signature of the code image by using the fingerprint. 5. The method of claim 1 , wherein, in response to determining that the code image is not trusted, the method further comprises: entering a Device Firmware Upgrade (DFU) mode to perform system management tasks. 6. The method of claim 1 , wherein the client device derives a hash value from the code image that is based on the unique device identifier. 7. The method of claim 1 , wherein the fingerprint is based on a public key. 8. The method of claim 1 , wherein, subsequent to determining that the code image is not trusted, the method further comprises: determining whether the unique device identifier is active; and in response to determining that the unique device identifier is inactive: preventing access to device hardware associated with the client device. 9. A system for updating an application, the system comprising: at least one processor; and at least one memory storing instructions, that when executed by the at least one processor, cause the system to: provide a request to a computing device to update the application, wherein the request includes a version identifier associated with the application; load a code image that is received from the computing device into a storage device of the system, wherein the code image is (i) digitally signed by a signature, (ii) associated with an application package, and (iii) based on the version identifier; verify that the code image is trusted by certifying a fingerprint stored in a secure memory of the system, wherein the fingerprint is associated with a unique device identifier of the system; and in response to determining that the code image is trusted: verify that an integrity of one or more files of the application package is not compromised, and establish the one or more files at a file system of the system by executing the code image; and in response to determining that the code image is not trusted: disable access to the unique device identifier such as to prevent access to user data associated with the system, and remove the code image from the storage device. 10. The system of claim 9 , wherein, subsequent to establishing the one or more files at the file system, the at least one processor further causes the system to: reboot an operating system of the system. 11. The system of claim 9 , wherein, in response to determining that the integrity of the one or more files is compromised, the at least one processor further causes the system to: prevent the one or more files from being established at the file system. 12. The system of claim 9 , wherein determining that the code image is trusted further comprises: verifying the signature of the code image by using the fingerprint. 13. The system of claim 9 , wherein, in response to determining that the code image is not trusted, the at least one processor further causes the system to: enter a Device Firmware Upgrade (DFU) mode to perform system management tasks. 14. The system of claim 9 , wherein the system derives a hash value from the code image that is based on the unique device identifier. 15. The system of claim 9 , wherein, subsequent to determining that the code image is not trusted, the at least one processor further causes the system to: determine whether the unique device identifier is active; and in response to determining that the unique device identifier is inactive: prevent access to device hardware associated with the system. 16. At least one non-transitory computer readable storage medium configured to store instructions that, when executed by at least one processor included in a computing device, cause the computing device to: provide a request to a host computing device to update an application established at a file system of the computing device, wherein the request includes a version identifier associated with the application; load a code image that is received from the host computing device into a storage device of the computing device, wherein the code image is (i) digitally signed by a signature, (ii) associated with an application package, and (iii) based on the version identifier; verify that the code image is trusted by certifying a fingerprint stored in a secure memory of the computing device, wherein the fingerprint is associated with a unique device identifier of the computing device; and in response to determining that the code image is trusted: verify that an integrity of one or more files of the application package is not compromised, and establish the one or more files at the file system by executing the code image; and in response to determining that the code image is not trusted: disable access to the unique device identifier such as to prevent access to user data associated with the file system, and remove the code image from the storage device. 17. The at least one non-transitory computer readable storage medium of claim 16 , wherein, subsequent to establishing the one or more files at the file system, the at least one processor further causes the computing device to: reboot an operating system of the computing device. 18. The at least one non-transitory computer readable storage medium of claim 16 , wherein, in response to determining that the integrity of the one or more files is compromised, the at least one processor further causes the computing device to: prevent the one or more files from being established at the file system. 19. The at least one non-transitory computer readable storage medium of claim 16 , wherein determining that the code image is trusted further comprises: verifying the signature of the code image by using the fingerprint. 20. The at least one non-transitory computer
Assignees
Inventors
Classifications
using a plurality of keys or algorithms · CPC title
Secure firmware programming, e.g. of basic input output system [BIOS] · CPC title
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Boot up procedures · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10142104B2 cover?
- A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a ROM (read only memory) of the portable device base…
- Who is the assignee on this patent?
- Apple Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/302. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 27 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).