Exception analysis for data storage devices
US-2021081238-A1 · Mar 18, 2021 · US
Preventing discovery of unique identifiers in firmware
US11423148B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11423148-B2 |
| Application number | US-202016920188-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 2, 2020 |
| Priority date | Jul 2, 2020 |
| Publication date | Aug 23, 2022 |
| Grant date | Aug 23, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Discovery of unique identifiers in firmware can be prevented. During the boot process on a computing system, and after the firmware has generated firmware tables containing unique identifiers, an anonymizer module of the firmware can generate an anonymized version of the firmware tables and cause the anonymized version of the firmware tables, rather than the original, system-unique firmware tables, to be accessible after the operating system is loaded. In this way, once the operating system is loaded, when a module attempts to read the firmware tables, the read will be performed against the anonymized version of the firmware tables thereby preventing the module from obtaining any of the computing system's unique identifiers. A copy of the firmware tables may be maintained separately from the anonymized version of the firmware tables to enable authorized utilities to obtain the computing system's unique identifiers.
First claim
Opening claim text (preview).
What is claimed: 1. A method for preventing discovery of unique identifiers in firmware, the method comprising: during a boot process on a computing system, identifying a firmware table that includes one or more unique identifiers of the computing system; creating an anonymized version of the firmware table by replacing at least one of the one or more unique identifiers with an anonymized identifier; and causing the anonymized version of the firmware table rather than the firmware table to be accessible to an operating system. 2. The method of claim 1 , wherein the firmware table is identified in conjunction with a boot loader being executed. 3. The method of claim 2 , wherein the firmware table is identified in response to the boot loader calling the ExitBootServices function. 4. The method of claim 1 , wherein the anonymized identifier is randomly generated. 5. The method of claim 4 , wherein the anonymized identifier is randomly generated from the corresponding unique identifier. 6. The method of claim 1 , wherein the firmware table includes multiple unique identifiers and wherein creating the anonymized version of the firmware table comprises replacing each of the multiple identifiers with a respective anonymized identifier. 7. The method of claim 1 , further comprising: identifying one or more additional firmware tables that each include one or more unique identifiers of the computing system; for each of the one or more additional firmware tables, creating an anonymized version of the additional firmware table by replacing at least one of the one or more unique identifiers with an anonymized identifier; and causing the anonymized version of each of the one or more additional firmware tables to be accessible to the operating system. 8. The method of claim 1 , wherein the firmware table is stored in a first portion of memory and wherein causing the anonymized version of the firmware table rather than the firmware table to be accessible to the operating system comprises maintaining the anonymized version of the firmware table in the first portion of memory. 9. The method of claim 1 , further comprising: storing a copy of the firmware table separately from the anonymized version of the firmware table. 10. The method of claim 9 , further comprising: enabling an authorized utility to access the copy of the firmware table after the operating system is loaded. 11. One or more computer storage media storing computer executable instructions which when executed on a computing system perform a method for preventing discovery of unique identifiers in firmware, the method comprising: after a firmware table has been generated, creating an anonymized version of the firmware table; and causing the anonymized version of the firmware table rather than the firmware table to be accessible to an operating system. 12. The computer storage media of claim 11 , wherein the firmware table includes one or more unique identifiers of the computing system and wherein creating the anonymized version of the firmware table comprises replacing each of the one or more unique identifiers with an anonymized identifier. 13. The computer storage media of claim 12 , wherein replacing each of the one or more unique identifiers with an anonymized identifier comprises randomly generating the anonymized identifier. 14. The computer storage media of claim 11 , wherein the anonymized version of the firmware table is created in response to a boot loader being executed. 15. The computer storage media of claim 11 , wherein the method further comprises: storing a copy of the firmware table separately from the anonymized version of the firmware table. 16. The computer storage media of claim 11 , wherein the method further comprises: after one or more additional firmware tables have been generated, creating, for each of the additional firmware tables, an anonymized version of the additional firmware table; and causing the anonymized version of each of the one or more additional firmware tables rather than the one or more additional firmware tables to be accessible to the operating system. 17. A computing system comprising: one or more processors; memory; and firmware stored on one or more computer storage media, the firmware including an anonymizer module that is configured to prevent discovery of unique identifiers in the firmware by performing the following: identifying one or more firmware tables that have been generated in the memory; for each of the one or more firmware tables, creating an anonymized version of the firmware table; and storing a copy of each of the firmware tables separately from the anonymized version of each of the one or more firmware tables. 18. The computing system of claim 17 , wherein the anonymizer module identifies the one or more firmware tables that have been generated in the memory before an operating system is loaded. 19. The computing system of claim 18 , further comprising: a component stored on the one or more computer storage media that enables an authorized utility to access the copy of each of the firmware tables. 20. The computing system of claim 19 , wherein the component is either: part of the firmware; or a component that is loaded by the operating system.
Assignees
Inventors
Classifications
Version control (security arrangements therefor G06F21/57); Configuration management · CPC title
Configuring for program initiating, e.g. using registry, configuration files · CPC title
to assure secure computing or processing of information · CPC title
- G06F9/4401Primary
Bootstrapping (security arrangements therefor G06F21/57) · CPC title
by anonymising data, e.g. decorrelating personal data from the owner's identification · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11423148B2 cover?
- Discovery of unique identifiers in firmware can be prevented. During the boot process on a computing system, and after the firmware has generated firmware tables containing unique identifiers, an anonymizer module of the firmware can generate an anonymized version of the firmware tables and cause the anonymized version of the firmware tables, rather than the original, system-unique firmware tab…
- Who is the assignee on this patent?
- Dell Products Lp
- What technology area does this patent fall under?
- Primary CPC classification G06F9/4401. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Aug 23 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).