Method of providing digital signatures
Hardware memory write lock circuit
Security bit for designating the security status of information stored in a nonvolatile memory
Fault protection flip flop
Circuit arrangement for preventing unauthorized access to a communication system which is protected by a subscriber-specific password
Computer security device
Security for integrated circuit microcomputer with EEPROM
Dual operating system computer
Solid state key for controlling access to computer systems and to computer software and/or for secure communications
Method and operating system for executing programs in a multi-mode microprocessor
ApplicationNo. 231443 filed on 04/20/1994
US Classes:714/36, Test sequence at power-up or initialization713/187, COMPUTER PROGRAM MODIFICATION DETECTION BY CRYPTOGRAPHY714/38Of computer software
ExaminersPrimary: Beausoliel, Robert W. Jr.
Assistant: Palys, Joseph E.
Attorney, Agent or Firm
International ClassesG06F 011/00
AbstractA method and device for reliably assessing the integrity of a computer system's software prevents execution of corrupted programs at time of system initialization, enhancing system security. Programs and data comprising the system's trusted software, including all startup processes, are verified before being utilized. Methods to verify the trusted software use a hierarchy of both modification detection codes and public-key digital signature codes. The top-level codes are placed in a protectable non-volatile storage area, and are used by the startup program to verify the integrity of subsequent programs. A trusted initialization program sets a hardware latch to protect the codes in the non-volatile memory from being overwritten by subsequent untrusted programs. The latch is only reset at system restart, when control returns to the bootstrap program. Software reconfiguration is possible with trusted programs that write new top-level codes while the latch is open. The mechanism itself is immune to malicious software attack when the write-protect latch is closed before running untrusted software. Preferred embodiments in an IBM-compatible personal computer uses the reset switch to initiate a trusted path between the user and a program. Damage from certain classes of computer virus and trojan horse attacks is prevented. A system recovery process is described. A related improved method for user authentication uses a read-and -write memory protection latch to prevent access to sensitive authentication data.