Indian Patents. 199751:" A SYSTEM HAVING A HOST PROCESSOR THAT EXECUTES AN EXECUTABLE CODE AND A METHOD TO UPDATE AN EXECUTABLE CODE EXECUTED BY A HOST PROCESSOR"

Title of Invention	" A SYSTEM HAVING A HOST PROCESSOR THAT EXECUTES AN EXECUTABLE CODE AND A METHOD TO UPDATE AN EXECUTABLE CODE EXECUTED BY A HOST PROCESSOR"
Abstract	A subsystem prevents unauthorized modification of BIOS program code embedded in modifiable non-volatile memory devices such as flash memory. A cryptographic coprocessor containing the BIOS memory device performs authentication and validation on the BIOS upgrade based on a public/private key protocol. The authentication is performed by verifying the digital signature embedded in the BIOS upgrade.

Full Text	SUMMARY OF THE INVENTION The present invention describes a system to securely update an executable code. The system comprises of a first storage element for storing a code update, a second storage element for storing the executable code that needs to be updated, an identification code for identifying the first storage element and the code update, and a security processor. The security processor is coupled to the second storage element to authenticate and validate the first storage element and the code update using the device identification. Accordingly, the present invention relates to a system having a host processor that executes an executable code, the system comprising: a first storage element to store said executable code; a second storage element to store said executable code; and a security processor coupled to said second storage element to authenticate and validate said first storage element and said code update based on a device identification, the security processor responding to an access request from the host processor when the host processor processes an instruction in the executable code. The invention also relates to a method to update an executable code executed by a host processor, the method comprising: storing a code update of said executable code in a first storage element; storing said executable code in a second storage element; configuring said first storage element to contain a device identification; accessing said second storage element using a security processor; authenticating said first storage element based on said device identification by said security processor; the security processor responding to an access request from the host processor when the host processor processes an instruction in the executable code; and updating said executable code by said code update if said first storage element is authenticated. sabotages. However, EPROM devices do not suppon "field upgrades" because these devices are not in-circuit programmable, which is a necessary characteristic for field upgrades. Field upgrading allows customers to upgrade the BIOS in the field to avoid costly delay and parts exchanges. Because of the importance for field upgrading, virtually all BIOS firmware is now implemented using flash memories. However, being field modifiable, BIOS flash memories are vulnerable to virus attacks which could cause devastating results in sensitive applications such as financial transactions. With no security protection, conventional computer architectures implemented with BIOS flash memories are vulnerable to many kinds of intrusive attacks, such as a virus attack. In a typical virus attack, the virus code executes a code sequence to modify the BIOS flash memory. The code in BIOS flash memory, having no protection, is corrupted and the destructive effects may become effective immediately, when the system is booted up the next time, or when certain conditions or events have occurred. The infected code may further propagate to other areas of the BIOS code or the operating system kernel. Because the BIOS is the first program code to execute when the computer system is "powered up", prior to any system or network .virus scanning software, detection and eradication of a BIOS-based virus is extremely difficult. The BIOS-based virus can "hide its tracks" from such scanning software, effectively becoming invisible. The primary focus of the present invention, therefore, is to prevent corrupting the BIOS by a computer virus. This is achieved by imposing an authentication and validation procedure before the contents of the BIOS flash memory are modified. The approach which is pursued in this invention builds on the concept of BIOS authentication by incorporating the BIOS flash memories into existing hardware with authenticating capability such as the cryptographic coprocessor. Since the cryptographic coprocessor both stores the BIOS and enforces authentication of BIOS updates, an attacker has no means by which to corrupt the BIOS contents. SUMMARY OF THE INVENTION The present invention describes a system to securely update an executable code. The system comprises of a first storage element for storing a code update, a second storage element for storing the executable code that needs to be updated, an identification code for identifying the first storage element and the code update, and a security processor. The security processor is coupled to the second storage element to authenticate and validate the first storage element and the code update using the device identification. Accordingly, the present invention relates to a system having a host processor that executes an executable code, the system comprising: a first storage element to store said executable code; a second storage element to store said executable code; and a security processor coupled to said second storage element to authenticate and validate said first storage element and said code update based on a device identification, the security processor responding to an access request from the host processor when the host processor processes an instruction in the executable code. The invention also relates to a method to update an executable code executed by a host processor, the method comprising: storing a code update of said executable code in a first storage element; storing said executable code in a second storage element; configuring said first storage element to contain a device identification; accessing said second storage element using a security processor; authenticating said first storage element based on said device identification by said security processor; the security processor responding to an access request from the host processor when the host processor processes an instruction in the executable code; and updating said executable code by said code update if said first storage element is authenticated. BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS The features and advantages of the present invention will become apparent from the following detailed description of the present invention in which: Figure 1 is a diagram of the present invention where the BIOS flash memory resides inside a cryptographic coprocessor which may be interfaced to the PCI bus. Figure 2 is a flowchart of the operations that occur in the present invention during a normal read access to the BIOS program by the host processor. Figure 3 is a flowchart of the operations that occur in the present invention during a field upgrade of the BIOS program. DESCRIPTION OF THE PREFERRED EMBODIMENT The present invention provides a procedure to authenticate and validate a code update, such as a BIOS upgrade for example, using cryptographic technology. In the following description, some terminology is used to discuss certain cryptographic features. A "key" is an encoding and/or decoding parameter used by conventional cryptographic algorithms such as Rivest, Shamir and Adleman ("RSA"), Data Encryption Algorithm ("DEA") as specified in Data Encryption Standard ("DES") and the like. A "certificate" is defined as any digital information (typically a public key) associated with an entity, encrypted by a private key held by another entity such as a manufacturer or a widely published trusted authority (e.g., bank, governmental entity, trade association, etc.). A "digital signature" is similar to a certificate but is typically used for authenticating data. Herein, the term "secure" indicates that it is computationally infeasible for an interloper to successfully perpetuate fraud on a system. A security processor is an electronic device capable of performing security functions to provide security protection for the system. The authentication and validation are performed by a security processor which contains the BIOS firmware. One example of such a security processor is a cryptographic coprocessor. The cryptographic processor authenticates and validates the BIOS firmware by using secret information such as a digital signature embedded in the BIOS upgrade. Referring to Figure 1, an embodiment of a computer system implemented within the present invention is shown. The computer system 10 includes a chipset 31 which operates as an interface to support communications between host processor 30, system memory 32, and devices coupled to a system bus 33. System memory 32 may include, but is not limited to conventional memory such as various types of random access memory ("RAM"), e.g., DRAM, VRAM, SRAM, etc., as well as memory-mapped I/O devices. System bus 33 may be implemented in compliance with any type of bus architecture including Peripheral Component Interconnect ("PCI"), a Universal Serial Bus ("USB") and the like. One of the devices that may be coupled to the system bus 33 includes a cryptographic coprocessor 34. Cryptographic coprocessor 34 comprises a bus interface 40, a processing unit 41 and a local non-volatile memory 42. The bus interface 40 is used to establish an electrical connection to system bus 33. Processing unit 41 is used as the main controller for the cryptographic coprocessor 34. Processing unit 41 interfaces to its own local non-volatile memory 42. The boot-up program 43 is stored within non-volatile memory 42. It is contemplated that non-essential elements have not been illustrated to avoid obscuring the present invention. Examples of the non-essential elements that may be employed within the cryptographic coprocessor 34 include RAM, a random number generator, and various cryptographic algorithm accelerators. Furthermore, although host processor 30 is shown separate from cryptographic coprocessor 34 in Figure 1, cryptographic coprocessor 34 may be part of host processor 30 in which case host processor 30 accesses the BIOS program directly without going through system bus 33. In Figure 2, the steps associated with the "boot up" phase of the system are shown. First, in step 50, the host processor issues a read request for an address corresponding to the BIOS program. The cryptographic coprocessor responds to that request with the associated BIOS instruction (Step 60). Lastly, the host processor processes that data in step 70. To continue processing BIOS instructions, this sequence is repeated. In a typical field BIOS upgrade, the software manufacturer (the BIOS vendor) will send the user a diskette containing the new BIOS code, and the code to perform the upgrade operations. It is also possible for the BIOS vendor to establish a bulletin board system, or a data superhighway connection such as the Internet, to allow users to download the BIOS upgrade electronically and remotely. BIOS upgrading essentially involves erasing and writing to the BIOS flash memory. In Figure 3, the steps associated with a modification of the BIOS program are shown. In step 110, the host processor issues a "replace BIOS" command to the cryptographic coprocessor. This command would typically be generated by some type of BIOS management utility software, running either on the host processor itself or on a remote system. The purpose of this command is to prepare the cryptographic coprocessor for a new BIOS program (step 120). In step 130, the cryptographic coprocessor either passively receives the new BIOS program code from the host processor or actively retrieves it from a specified source (e.g. system memory). In step 140, the new BIOS program is stored internally or in a protected manner to assure that future authentication operations are performed on the specified "new BIOS program". In step 150, the cryptographic coprocessor performs the appropriate authentication operations on this internally stored version of the new BIOS program. There are many ways such authentication can be performed, including the use of secret information known only to the BIOS provider and the deployed cryptographic coprocessor. It is contemplated that public/private key cryptography may be used as part of the authentication procedure, specifically using the well-known techniques of digital signatures and certificates to validate the integrity and validity of the "new BIOS program". Whatever authentication technique is used, the salient feature is that it is performed within the cryptographic coprocessor on the local version of the new BIOS program. Once the authentication operations have been performed, in step 160, the cryptographic coprocessor can make a determination as to the validity of the new BIOS program. For example, the digital signature supplied with the "new BIOS program" may be valid, but the revision date may be inappropriate (e.g. older than the currently installed BIOS). If the new BIOS is determined to be invalid, it is deleted by the cryptographic coprocessor and is never used (step 170). If the new BIOS is valid, the new BIOS program is made operational and the previous BIOS program is deleted (step 180). Note that at this point, it would be normal to reboot the computer system to assure system-wide consistency. To support this digital signature-based method of BIOS authentication, the digital signature embedded in the distribution BIOS software upgrade should be underwritten or endorsed by an industry association, or a similar organization or procedure. The participants in this industry association are the BIOS vendors who want to be able to field upgrade their BIOS code. One of the functions of this industry association is to issue digital certificates to its BIOS vendor members, essentially assigning a digital » certificate to each vendor to be used in BIOS upgrade software. This association provides its public key to be used by the cryptographic coprocessor during the BIOS authentication procedure. The cryptographic coprocessor will be preloaded with the public key of the industry association for BIOS vendors so that it will be able to verify any digital signature embedded in the BIOS upgrade code. Alternatively, the cryptographic coprocessor may be preloaded with another public key that may be used to authenticate a certificate chain to obtain this industry association public key. The BIOS upgrade code could be encrypted if necessary (to protect the code from being reverse engineered for example). Since the digital signature or the certificate issued by the industry association normally represents the authenticity of a reputable or credible BIOS vendor, an intruder cannot corrupt the BIOS code (unless of course he or she somehow obtains secret private keys used to create such signatures or certificates) either directly or indirectly by virus attack. In another embodiment (not shown), the cryptographic coprocessor is part of the host processor. The host processor contains both the cryptographic coprocessor and the BIOS program. The host processor, acting itself as the security processor, performs the authentication and validation on the BIOS upgrade in the similar fashion as described above. The host processor will be preloaded withithespublic key of the industry association for BIOS vendors so that it will be able to verify any digital signature embedded in the BIOS upgrade code. Yet, in another embodiment (not shown), the BIOS program is located in a printed-circuit board ("PCB") or card plugged into a system expansion slot. The cryptographic coprocessor may be located on the same PCB or card or on another PCB or card or even inside the host processor. Regardless whether it is located in the system, as long as the cryptographic coprocessor is able to access the BIOS program, it can carry out the authentication and validation operations as described above. While this invention has been described with reference to illustrative embodiments, this description is not intended to be construed in a limiting sense. Various modifications of the illustrative embodiments, as well as other embodiments of the invention, which are apparent to persons skilled in the art to which the invention pertains are deemed to lie within the spirit and scope of the invention. WE CLAIM: 1. An apparatus having a host processor (30) that executes an executable code (43), the apparatus, characterized in that: a first storage element to store said executable code; a second storage element (42) to store said executable code; and a security processor (34) coupled to said second storage element to authenticate and validate said first storage element and said code update based on a device identification, the security processor responding to an access request from the host processor when the host processor processes an instruction in the executable code. 2. The apparatus as claimed in claim 1, wherein the said first storage element is one of a mass storage device and a file capable of being sent electronically in a computer network. 3. The apparatus as claimed in claim 1, wherein the said second storage element is a modifiable non-volatile memory device. 4. The apparatus as claimed in claim 1, wherein the security processor is a cryptographic processor. 5. The apparatus as claimed in claim 1, wherein said device identification received by said security processor includes a digital signature. 6. The apparatus as claimed in claim 1, wherein said executable code is encrypted to produce an encrypted code. 7. A method to update an executable code (43) executed by a host processor (30), based on the apparatus as claimed in claim 1, the method comprising: storing a. code update of said executable code in a first storage element; storing said executable code (45) in a second storage element; configuring said first storage element to contain a device identification; accessing said second storage element using a security processor; authenticating (150) said first storage element based on said device identification by said security processor; the security processor responding to an access request from the host processor when the host processor processes an instruction in the executable code; and updating said executable code by said code update if said first storage element is authenticated. 8. The method as claimed in claim 7, wherein before said updating step, the method includes a step of validating said code update in the said first storage element. 9. The method as claimed in claim 7, wherein the said executable code is a Basic Input and Output System. 10. The method as claimed in claim 7, wherein said executable code in the second storage element is an encrypted format. 11. The method as claimed in claim 7, wherein it comprises communicating with said security processor by said host processor in order to execute said executable code. 12. An apparatus having a host processor that executes an executable code substantially as herein before described with reference to and as illustrated in the foregoing description and accompanying drawings. 13. A method to update an executable code executed by a host processor, substantially as herein before described with reference to and as illustrated in the foregoing description and accompanying drawings.

Full Text

SUMMARY OF THE INVENTION
The present invention describes a system to securely update an executable code. The system comprises of a first storage element for storing a code update, a second storage element for storing the executable code that needs to be updated, an identification code for identifying the first storage element and the code update, and a security processor. The security processor is coupled to the second storage element to authenticate and validate the first storage element and the code update using the device identification.
Accordingly, the present invention relates to a system having a host processor that executes
an executable code, the system comprising:
a first storage element to store said executable code;
a second storage element to store said executable code; and
a security processor coupled to said second storage element to authenticate and
validate said first storage element and said code update based on a device
identification, the security processor responding to an access request from the host
processor when the host processor processes an instruction in the executable code.
The invention also relates to a method to update an executable code executed by a host processor, the method comprising:
storing a code update of said executable code in a first storage element;
storing said executable code in a second storage element;
configuring said first storage element to contain a device identification;
accessing said second storage element using a security processor;
authenticating said first storage element based on said device identification by said
security processor; the security processor responding to an access request from the
host processor when the host processor processes an instruction in the executable
code; and
updating said executable code by said code update if said first storage element is
authenticated.
sabotages. However, EPROM devices do not suppon "field upgrades" because these
devices are not in-circuit programmable, which is a necessary characteristic for field
upgrades. Field upgrading allows customers to upgrade the BIOS in the field to avoid costly delay and parts exchanges. Because of the importance for field upgrading, virtually all BIOS firmware is now implemented using flash memories. However, being field modifiable, BIOS flash memories are vulnerable to virus attacks which could cause devastating results in sensitive applications such as financial transactions.
With no security protection, conventional computer architectures implemented with BIOS flash memories are vulnerable to many kinds of intrusive attacks, such as a virus attack. In a typical virus attack, the virus code executes a code sequence to modify the BIOS flash memory. The code in BIOS flash memory, having no protection, is corrupted and the destructive effects may become effective immediately, when the system is booted up the next time, or when certain conditions or events have occurred. The infected code may further propagate to other areas of the BIOS code or the operating system kernel. Because the BIOS is the first program code to execute when the computer system is "powered up", prior to any system or network .virus scanning software, detection and eradication of a BIOS-based virus is extremely difficult. The BIOS-based virus can "hide its tracks" from such scanning software, effectively becoming invisible.
The primary focus of the present invention, therefore, is to prevent corrupting the BIOS by a computer virus. This is achieved by imposing an authentication and validation procedure before the contents of the BIOS flash memory are modified.
The approach which is pursued in this invention builds on the concept of BIOS authentication by incorporating the BIOS flash memories into existing hardware with authenticating capability such as the cryptographic coprocessor. Since the cryptographic coprocessor both stores the BIOS and enforces authentication of BIOS updates, an attacker has no means by which to corrupt the BIOS contents.
SUMMARY OF THE INVENTION
The present invention describes a system to securely update an executable code. The system comprises of a first storage element for storing a code update, a second storage element for storing the executable code that needs to be updated, an identification code for identifying the first storage element and the code update, and a security processor. The security processor is coupled to the second storage element to authenticate and validate the first storage element and the code update using the device identification.
Accordingly, the present invention relates to a system having a host processor that executes
an executable code, the system comprising:
a first storage element to store said executable code;
a second storage element to store said executable code; and
a security processor coupled to said second storage element to authenticate and
validate said first storage element and said code update based on a device
identification, the security processor responding to an access request from the host
processor when the host processor processes an instruction in the executable code.
The invention also relates to a method to update an executable code executed by a host processor, the method comprising:
storing a code update of said executable code in a first storage element;
storing said executable code in a second storage element;
configuring said first storage element to contain a device identification;
accessing said second storage element using a security processor;
authenticating said first storage element based on said device identification by said
security processor; the security processor responding to an access request from the
host processor when the host processor processes an instruction in the executable
code; and
updating said executable code by said code update if said first storage element is
authenticated.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
The features and advantages of the present invention will become apparent from the following detailed description of the present invention in which:
Figure 1 is a diagram of the present invention where the BIOS flash memory resides inside a cryptographic coprocessor which may be interfaced to the PCI bus.
Figure 2 is a flowchart of the operations that occur in the present invention during a normal read access to the BIOS program by the host processor.
Figure 3 is a flowchart of the operations that occur in the present invention during a
field upgrade of the BIOS program.
DESCRIPTION OF THE PREFERRED EMBODIMENT
The present invention provides a procedure to authenticate and validate a code update, such as a BIOS upgrade for example, using cryptographic technology. In the following description, some terminology is used to discuss certain cryptographic features. A "key" is an encoding and/or decoding parameter used by conventional cryptographic algorithms such as Rivest, Shamir and Adleman ("RSA"), Data Encryption Algorithm ("DEA") as specified in Data Encryption Standard ("DES") and the like. A "certificate" is defined as any digital information (typically a public key) associated with an entity, encrypted by a private key held by another entity such as a manufacturer or a widely published trusted authority (e.g., bank, governmental entity,
trade association, etc.). A "digital signature" is similar to a certificate but is typically used for authenticating data. Herein, the term "secure" indicates that it is computationally infeasible for an interloper to successfully perpetuate fraud on a system. A security processor is an electronic device capable of performing security functions to provide security protection for the system.
The authentication and validation are performed by a security processor which contains the BIOS firmware. One example of such a security processor is a cryptographic coprocessor. The cryptographic processor authenticates and validates the BIOS firmware by using secret information such as a digital signature embedded in the BIOS upgrade.
Referring to Figure 1, an embodiment of a computer system implemented within the present invention is shown. The computer system 10 includes a chipset 31 which operates as an interface to support communications between host processor 30, system memory 32, and devices coupled to a system bus 33. System memory 32 may include, but is not limited to conventional memory such as various types of random access memory ("RAM"), e.g., DRAM, VRAM, SRAM, etc., as well as memory-mapped I/O devices. System bus 33 may be implemented in compliance with any type of bus architecture including Peripheral Component Interconnect ("PCI"), a Universal Serial Bus ("USB") and the like.
One of the devices that may be coupled to the system bus 33 includes a cryptographic coprocessor 34. Cryptographic coprocessor 34 comprises a bus interface 40, a processing unit 41 and a local non-volatile memory 42. The bus interface 40 is used to establish an electrical connection to system bus 33. Processing unit 41 is used as the main controller for the cryptographic coprocessor 34. Processing unit 41 interfaces to its own local non-volatile memory 42. The boot-up program 43 is stored within non-volatile memory 42. It is contemplated that non-essential elements have not been illustrated to avoid obscuring the present invention. Examples of the non-essential elements that may be employed within the cryptographic coprocessor 34 include RAM, a random number generator, and various cryptographic algorithm accelerators. Furthermore, although host processor 30 is shown separate from
cryptographic coprocessor 34 in Figure 1, cryptographic coprocessor 34 may be part of host processor 30 in which case host processor 30 accesses the BIOS program directly without going through system bus 33.
In Figure 2, the steps associated with the "boot up" phase of the system are shown. First, in step 50, the host processor issues a read request for an address corresponding to the BIOS program. The cryptographic coprocessor responds to that request with the associated BIOS instruction (Step 60). Lastly, the host processor processes that data in step 70. To continue processing BIOS instructions, this sequence is repeated.
In a typical field BIOS upgrade, the software manufacturer (the BIOS vendor) will send the user a diskette containing the new BIOS code, and the code to perform the upgrade operations. It is also possible for the BIOS vendor to establish a bulletin board system, or a data superhighway connection such as the Internet, to allow users to download the BIOS upgrade electronically and remotely. BIOS upgrading essentially involves erasing and writing to the BIOS flash memory.
In Figure 3, the steps associated with a modification of the BIOS program are shown. In step 110, the host processor issues a "replace BIOS" command to the cryptographic coprocessor. This command would typically be generated by some type of BIOS management utility software, running either on the host processor itself or on a remote system. The purpose of this command is to prepare the cryptographic coprocessor for a new BIOS program (step 120). In step 130, the cryptographic coprocessor either passively receives the new BIOS program code from the host processor or actively retrieves it from a specified source (e.g. system memory). In step 140, the new BIOS program is stored internally or in a protected manner to assure that future authentication operations are performed on the specified "new BIOS program". In step 150, the cryptographic coprocessor performs the appropriate authentication operations on this internally stored version of the new BIOS program. There are many ways such authentication can be performed, including the use of secret information known only to the BIOS provider and the deployed cryptographic coprocessor. It is contemplated that public/private key cryptography may be used as
part of the authentication procedure, specifically using the well-known techniques of digital signatures and certificates to validate the integrity and validity of the "new BIOS program". Whatever authentication technique is used, the salient feature is that it is performed within the cryptographic coprocessor on the local version of the new BIOS program. Once the authentication operations have been performed, in step 160, the cryptographic coprocessor can make a determination as to the validity of the new BIOS program. For example, the digital signature supplied with the "new BIOS program" may be valid, but the revision date may be inappropriate (e.g. older than the currently installed BIOS). If the new BIOS is determined to be invalid, it is deleted by the cryptographic coprocessor and is never used (step 170). If the new BIOS is valid, the new BIOS program is made operational and the previous BIOS program is deleted (step 180). Note that at this point, it would be normal to reboot the computer system to assure system-wide consistency.
To support this digital signature-based method of BIOS authentication, the digital signature embedded in the distribution BIOS software upgrade should be underwritten or endorsed by an industry association, or a similar organization or procedure. The participants in this industry association are the BIOS vendors who want to be able to field upgrade their BIOS code. One of the functions of this industry association is to issue digital certificates to its BIOS vendor members, essentially assigning a digital » certificate to each vendor to be used in BIOS upgrade software. This association provides its public key to be used by the cryptographic coprocessor during the BIOS authentication procedure. The cryptographic coprocessor will be preloaded with the public key of the industry association for BIOS vendors so that it will be able to verify any digital signature embedded in the BIOS upgrade code. Alternatively, the cryptographic coprocessor may be preloaded with another public key that may be used to authenticate a certificate chain to obtain this industry association public key. The BIOS upgrade code could be encrypted if necessary (to protect the code from being reverse engineered for example). Since the digital signature or the certificate issued by the industry association normally represents the authenticity of a reputable or credible BIOS vendor, an intruder cannot corrupt the BIOS code (unless of course he or she
somehow obtains secret private keys used to create such signatures or certificates) either directly or indirectly by virus attack.
In another embodiment (not shown), the cryptographic coprocessor is part of the host processor. The host processor contains both the cryptographic coprocessor and the BIOS program. The host processor, acting itself as the security processor, performs the authentication and validation on the BIOS upgrade in the similar fashion as described above. The host processor will be preloaded withithespublic key of the industry association for BIOS vendors so that it will be able to verify any digital signature embedded in the BIOS upgrade code.
Yet, in another embodiment (not shown), the BIOS program is located in a printed-circuit board ("PCB") or card plugged into a system expansion slot. The cryptographic coprocessor may be located on the same PCB or card or on another PCB or card or even inside the host processor. Regardless whether it is located in the system, as long as the cryptographic coprocessor is able to access the BIOS program, it can carry out the authentication and validation operations as described above.
While this invention has been described with reference to illustrative embodiments, this description is not intended to be construed in a limiting sense. Various modifications of the illustrative embodiments, as well as other embodiments of the invention, which are apparent to persons skilled in the art to which the invention pertains are deemed to lie within the spirit and scope of the invention.

WE CLAIM:
1. An apparatus having a host processor (30) that executes an
executable code (43), the apparatus, characterized in that:
a first storage element to store said executable code;
a second storage element (42) to store said executable code; and
a security processor (34) coupled to said second storage element to
authenticate and validate said first storage element and said code
update based on a device identification, the security processor
responding to an access request from the host processor when the
host processor processes an instruction in the executable code.
2. The apparatus as claimed in claim 1, wherein the said first storage
element is one of a mass storage device and a file capable of being
sent electronically in a computer network.
3. The apparatus as claimed in claim 1, wherein the said second storage
element is a modifiable non-volatile memory device.
4. The apparatus as claimed in claim 1, wherein the security processor
is a cryptographic processor.
5. The apparatus as claimed in claim 1, wherein said device
identification received by said security processor includes a digital
signature.
6. The apparatus as claimed in claim 1, wherein said executable code is
encrypted to produce an encrypted code.
7. A method to update an executable code (43) executed by a host
processor (30), based on the apparatus as claimed in claim 1, the
method comprising:
storing a. code update of said executable code in a first storage
element;
storing said executable code (45) in a second storage element;
configuring said first storage element to contain a device
identification;
accessing said second storage element using a security processor;
authenticating (150) said first storage element based on said device
identification by said security processor; the security processor
responding to an access request from the host processor when the
host processor processes an instruction in the executable code; and
updating said executable code by said code update if said first storage
element is authenticated.
8. The method as claimed in claim 7, wherein before said updating step,
the method includes a step of validating said code update in the said
first storage element.
9. The method as claimed in claim 7, wherein the said executable code is
a Basic Input and Output System.
10. The method as claimed in claim 7, wherein said executable code in
the second storage element is an encrypted format.
11. The method as claimed in claim 7, wherein it comprises
communicating with said security processor by said host processor in
order to execute said executable code.
12. An apparatus having a host processor that executes an executable code
substantially as herein before described with reference to and as
illustrated in the foregoing description and accompanying drawings.
13. A method to update an executable code executed by a host processor,
substantially as herein before described with reference to and as
illustrated in the foregoing description and accompanying drawings.

Documents:

2754-del-1997-abstract.pdf

2754-del-1997-claims.pdf

2754-DEL-1997-Correspondence-Others (29-01-2010).pdf

2754-del-1997-correspondence-others.pdf

2754-del-1997-correspondence-po.pdf

2754-DEL-1997-Description (Complete).pdf

2754-del-1997-drawings.pdf

2754-del-1997-form-1.pdf

2754-del-1997-form-13.pdf

2754-del-1997-form-19.pdf

2754-del-1997-form-2.pdf

2754-DEL-1997-Form-26-(29-01-2010).pdf

2754-del-1997-form-3.pdf

2754-del-1997-form-4.pdf

2754-del-1997-form-6.pdf

2754-del-1997-pa.pdf

2754-del-1997-pct-210.pdf

2754-del-1997-pct-220.pdf

2754-del-1997-pct-409.pdf

2754-del-1997-pct-416.pdf

2754-del-1997-petition-137.pdf

2754-del-1997-petition-138.pdf

« Previous Patent

Next Patent »

Patent Number

199751

Indian Patent Application Number

2754/DEL/1997

PG Journal Number

38/2008

Publication Date

19-Sep-2008

Grant Date

15-Dec-2006

Date of Filing

26-Sep-1997

Name of Patentee

Intel Corporation

Applicant Address

2200 Mission College Boulevard, Clara, California 95052,USA.

Inventors:

#	Inventor's Name	Inventor's Address
1	Derek Lee Davis	4509 E. Desert Trumpet Road, Phoenix, Arizona 85044,USA.

PCT International Classification Number

H04L 9/00

PCT International Application Number

N/A

PCT International Filing date

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1			NA