Enabling a secure environment through operating system switching
US-9563457-B2 · Feb 7, 2017 · US
Verifying integrity of backup file in a multiple operating system environment
US2016012233A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016012233-A1 |
| Application number | US-201414330862-A |
| Country | US |
| Kind code | A1 |
| Filing date | Jul 14, 2014 |
| Priority date | Jul 14, 2014 |
| Publication date | Jan 14, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Provided is a technique to enhance security of a computer in a multi-OS operating environment. A memory image of a primary OS is in an active state, and a memory image of a secondary OS is in a non-active state. When switching is performed from the primary OS to the secondary OS, a runtime image is created, and a digest P is calculated and encrypted (C). When switching is performed from the secondary OS to the primary OS, a digest of the stopped runtime image is calculated. Only when comparison between the decrypted digest P and the calculated digest shows agreement, is switching of the primary OS allowed.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: in response to switching operation of a computer from a first operating environment to a second operating environment, encrypting a representative file enabling verification of identity of at least a portion of a first memory image, the first memory image corresponding to the first operating environment; saving the first memory image at a selected location; decrypting the encrypted representative file in response to switching operation from the second operating environment to the first operating environment; and comparing a file representative of the saved first memory image with the decrypted representative file. 2 . The method of claim 1 , wherein the representative file is a digest that is created by hashing at least a portion of the first memory image 3 . The method of claim 1 , wherein a system firmware causes the computer to execute the encrypting, the saving, the decrypting and the comparing. 4 . The method of claim 3 , wherein the encrypting includes using an encryption key that is stored at a SMRAM area. 5 . The method of claim 3 , wherein the encrypting includes: creating a public key and an encrypted private key; and storing a decrypted private key at a SMRAM area. 6 . The method of claim 5 , wherein encryption and decryption of the private key is performed by a security chip. 7 . The method of claim 3 , wherein the encrypting and the decrypting include using a common key that is stored in a non-volatile memory, which is accessible only to the system firmware. 8 . The method of claim 1 , wherein the selected location is an address space of a system memory that is divided from a physical address space where the second operating environment operates. 9 . The method of claim 1 , wherein the selected location is a disk drive that stores boot images of the first operating environment and the second operating environment. 10 . The method of claim 1 , further comprising: in response to switching operation from the second operating environment to the first operating environment, encrypting a representative file enabling verification of identity of at least a portion of a second memory image, the second memory image corresponding to the second operating environment; saving the second memory image at a selected location; decrypting the encrypted representative file in response to switching operation from the first operating environment to the second operating environment; and comparing a file representative of the saved second memory image with the decrypted representative file. 11 . The method of claim 1 , further comprising: decrypting the encrypted representative file before the operating environment transits to an active state in response to a resume operation; and stopping the resumption when the decrypted representative file and a representative file extracted from the memory image kept in the non-active state do not agree. 12 . The method of claim 11 , wherein encrypting a representative file includes: transitioning to an execution environment of a system firmware in response to the switching operation; and operating the system firmware to make the computer implement a function to encrypt the representative file and decrypt the representative file. 13 . The method of claim 12 , wherein the system firmware causes the computer to implement a function to compare the decrypted representative file and a representative file that is extracted from the memory image kept in a non-active state. 14 . A program product comprising a computer readable storage medium that stores code executable by a processor to perform: in response to switching operation from the first operating environment to the second operating environment, encrypting a representative file enabling verification of identity of at least a portion of a first memory image, the first memory image corresponding to the first operating environment; saving the runtime image at a selected location; decrypting the encrypted representative file in response to switching operation from the second operating environment to the first operating environment; and comparing a file representative of the saved first memory image with the decrypted representative file. 15 . The program product of claim 14 , wherein the code is further executable to perform encrypting and the decrypting include using a common key that is stored in a non-volatile memory, which is accessible only to the system firmware. 16 . The computer program of claim 14 , wherein the code is further executable to decrypting the encrypted representative file before resuming the operating environment in response to a resume operation; and stopping the resumption when the decrypted representative file and a representative file extracted from the memory image kept in a saved state do not agree. 17 . A computer capable of operating in any one of a plurality of operating environments, comprising: a processor; a volatile memory that stores a program executed by the processor; a disk drive that stores a plurality of operating systems that can be booted; a user interface enabling switching operation; an encryption unit that encrypts a representative file that is extracted from a memory image stored in the volatile memory in response to switching operation from a first operating environment to a second operating environment; a save unit that saves the memory image at a predetermined place; a decryption unit that decrypts the encrypted representative file in response to switching operation from the second operating environment to the first operating environment; and a comparison unit that compares a representative file extracted from the saved memory image with the decrypted representative file. 18 . The computer of claim 17 , further comprising a non-volatile memory that stores a system firmware including a module making up the encryption unit and the decryption unit. 19 . The computer of claim 18 , further comprising a security chip that encrypts a key to encrypt the representative file and decrypts the key using values stored secure registers in response to a request from the system firmware. 20 . The computer of claim 17 , wherein the selected location is a non-volatile storage that is different from the disk drive.
Assignees
Inventors
Classifications
involving additional devices, e.g. trusted platform module [TPM], smartcard or USB · CPC title
Multiboot arrangements, i.e. selecting an operating system to be loaded · CPC title
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
- G06F21/575Primary
Secure boot · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016012233A1 cover?
- Provided is a technique to enhance security of a computer in a multi-OS operating environment. A memory image of a primary OS is in an active state, and a memory image of a secondary OS is in a non-active state. When switching is performed from the primary OS to the secondary OS, a runtime image is created, and a digest P is calculated and encrypted (C). When switching is performed from the sec…
- Who is the assignee on this patent?
- Lenovo Singapore Pte Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F21/575. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Jan 14 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).