Platform and method for generating and utilizing a protected audit log
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-011/30
G06F-012/14
H04L-009/32
출원번호
US-0540612
(2000-03-31)
발명자
/ 주소
Ellison,Carl M.
Golliver,Roger A.
Herbert,Howard C.
Lin,Derrick C.
McKeen,Francis X.
Neiger,Gilbert
Reneris,Ken
Sutton,James A.
Thakkar,Shreekant S.
Mittal,Millind
출원인 / 주소
Intel Corporation
인용정보
피인용 횟수 :
11인용 특허 :
113
초록▼
Briefly, one embodiment of a platform for generating and utilizing a protected audit log is described. The platform comprises a system memory and a memory to contain an audit log. The audit log includes a plurality of single-write, multiple read entries. At least one of the entries of the audit log
Briefly, one embodiment of a platform for generating and utilizing a protected audit log is described. The platform comprises a system memory and a memory to contain an audit log. The audit log includes a plurality of single-write, multiple read entries. At least one of the entries of the audit log includes stored data integrity information loaded into the system memory during its power cycle.
대표청구항▼
What is claimed is: 1. A platform comprising: a processor capable of operating in an isolated execution mode within a ring O operating mode, wherein the processor also supports one or more higher ring operating modes, as well as a non-isolated execution mode within at least the ring O operating mod
What is claimed is: 1. A platform comprising: a processor capable of operating in an isolated execution mode within a ring O operating mode, wherein the processor also supports one or more higher ring operating modes, as well as a non-isolated execution mode within at least the ring O operating mode; a system memory responsive to the processor, the system memory to include an isolated memory area and a non-isolated memory area, wherein the platform only allows access to data in the isolated memory area when the processor is operating in the isolated execution mode; and system logic to generate a log entry for an audit log in response to a segment of information being loaded into the isolated memory area, the log entry to represent the segment of information. 2. A platform according to claim 1, further comprising: protected memory responsive to the processor; and system logic to store the log entry in the protected memory. 3. The platform of claim 2, wherein the protected memory comprises single-write, multiple-read control registers. 4. The platform of claim 2, further comprising: an input/output control hub responsive to the processor, the input/output control hub comprising the protected memory. 5. The platform of claim 1, wherein the segment of information comprises at least part of a software module. 6. The platform of claim 1, wherein the log entry comprises a hash of the segment of information. 7. The platform of claim 6, further comprising: system logic to generate a total hash value for the audit log, the total hash value to represent one or more log entries. 8. A platform according to claim 1, further comprising: protected memory responsive to the processor; and system logic to store a pointer to the audit log in the protected memory. 9. A platform according to claim 8, further comprising: system logic to perform at least one operation from the group consisting of: storing data to represent a length of the audit log in the protected memory; and storing a total hash value of the audit log in the protected memory. 10. A platform according to claim 1, further comprising: protected memory responsive to the processor; and system logic to store a state value in the protected memory, the state value to include at least one item from the group consisting of: a series of hash values stored in a block of memory; a state pointer to identify locations of the hash values within the block of memory; and data to represent a length of the audit log. 11. A platform according to claim 1, further comprising system logic to perform operations comprising: storing the log entry in the audit log; and after storing the log entry, determining a security state by: computing a current hash value for at least one segment of information stored in the isolated memory area; and comparing the current hash value to data from the audit log. 12. A method comprising: storing a segment of information in an isolated memory area within a platform; wherein the platform comprises a processor capable of operating in an isolated execution mode within a ring O operating mode; wherein the processor also supports one or more higher ring operating modes, as well as a non-isolated execution mode within at least the ring O operating mode; and wherein the platform only allows access to information in the isolated memory area when the processor is operating in the isolated execution mode; and generating a log entry for an audit log for the platform, the log entry comprising data representing at least the segment of information stored in the isolated memory area. 13. The method of claim 12, wherein the audit log comprises data representing segments of information loaded into the isolated memory area during a current power cycle of the platform. 14. The method of claim 12, wherein the log entry comprises a hash value of a software module loaded into the isolated memory area. 15. The method of claim 12, further comprising: storing the log entry in the audit log; and after storing the log entry in the audit log, determining a security state by: computing a current hash value for at least one segment of information stored in the isolated memory area; and comparing the current hash value to data from the audit log. 16. The method of claim 12, further comprising: storing, within protected memory of the platform, at least one item from the group consisting of: a pointer to a memory address of the audit log; data to represent a length of the audit log; a total hash value of the audit log; and a state value comprising a series of hash values to represent respective segments of information stored in the isolated memory area. 17. The method of claim 16, further comprising: performing a cryptographic hash operation on the state value to produce an updated total hash value. 18. The method of claim 12, further comprising: storing, within protected memory of the platform, a total hash value of the audit log; and after storing the total hash value, determining a security state by: re-computing a total hash value; and comparing the re-computed total hash value to the total hash value stored in the protected memory. 19. The method of claim 12, further comprising: storing, within protected memory of the platform, a total hash value of the audit log; after storing the total hash value, loading a new segment of information into the isolated memory area; and using the total hash value from the protected memory to verify the audit log before updating the total hash value in accordance with the new segment of information. 20. An article, comprising: a machine-accessible medium; and instructions in the machine-accessible medium, wherein the instructions, when executed by a processing system, cause the processing system to perform operations comprising: storing a segment of information in an isolated memory area within the processing system; wherein the processing system comprises a processor capable of operating in an isolated execution mode within a ring O operating mode; wherein the processor also supports one or more higher ring operating modes, as well as a non-isolated execution mode within at least the ring O operating mode; and wherein the processing system only allows access to information in the isolated memory area when the processor is operating in the isolated execution mode; and generating a log entry for an audit log, the log entry comprising data to represent at least the segment of information stored in the isolated memory area. 21. An article according to claim 20, wherein the audit log comprises data representing segments of information loaded into the isolated memory area during a current power cycle of the processing system. 22. An article according to claim 20, wherein the instructions cause the processing system to store the audit log in a protected memory of the processing system. 23. An article according to claim 20, wherein the instructions cause the processing system to store a pointer to the audit log in a protected memory of the processing system. 24. An article according to claim 20, wherein the instructions cause the processing system to perform further operations comprising: storing the log entry in the audit log; and after storing the log entry, determining a security state by: computing a current hash value for at least one segment of information stored in the isolated memory area; and comparing the current hash value to data from the audit log. 25. An article according to claim 20, wherein the instructions cause the processing system to storing, within protected memory of the processing system, at least one item from the group consisting of: a pointer to a memory address of the audit log; data to represent a length of the audit log; a total hash value of the audit log; and a state value comprising a series of hash values to represent respective segments of information stored in the isolated memory area.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (113)
Hatada Minoru (Ebina JPX) Ishida Hideaki (Kawasaki JPX) Matsushita Masatoshi (Kawasaki JPX), Access control method for multiprocessor systems.
Gannon Patrick M. (Poughkeepsie NY) Gum Peter H. (Poughkeepsie NY) Hough Roger E. (Highland NY) Murray Robert E. (Woodstock NY), Apparatus and method for TLB purge reduction in a multi-level machine system.
Bealkowski Richard (Delray Beach FL) Blackledge ; Jr. John W. (Boca Raton FL) Cronk Doyle S. (Boca Raton FL) Dayan Richard A. (Boca Raton FL) Dixon Jerry D. (Boca Raton FL) Kinnear Scott G. (Boca Rat, Apparatus and method for preventing unauthorized access to BIOS in a personal computer system.
Heller Andrew R. (Morgan Hill CA) Worley ; Jr. William S. (Endicott NY), Authorization mechanism for transfer of program control or data between different address spaces having different storag.
Ermolovich Thomas R. (Lexington MA) Stewart Robert E. (Stow MA) Leonard Judson S. (Acton MA) Cutler David N. (Nashua NH), Communications device for data processing system.
Satou Mitsugu,JPX ; Iwata Shunichi,JPX, Computer system and semiconductor device on one chip including a memory and central processing unit for making interlock access to the memory.
Adams Phillip M. (Parowan UT) Holmstron Larry W. (Salt Lake City UT) Jacob Steve A. (South Weber UT) Powell Steven H. (Ogden UT) Condie Robert F. (Tuscon AZ) Culley Martin L. (Tuscon AZ), Kernels, description tables, and device drivers.
Barnett Philip C.,GBX, Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges.
Harold L. McFarland ; David R. Stiles ; Korbin S. Van Dyke ; Shrenik Mehta ; John Gregory Favor ; Dale R. Greenley ; Robert A. Cargnoni, Method and apparatus for debugging an integrated circuit.
Miller David A. ; Jansen Kenneth A. ; Culley Paul R. ; Taylor Mark ; Izquierdo Javier F., Method and apparatus for independently resetting processors and cache controllers in multiple processor systems.
Cotichini Christian,CAX ; Cain Fraser,CAX ; Ashworth David G.,CAX ; Livingston Peter Michael Bruce,CAX ; Solymar Gabor,CAX ; Gardner Philip B.,CAX ; Woinoski Timothy S.,CAX, Method and apparatus to monitor and locate an electronic device using a secured intelligent agent.
Kahle James Allan ; Loper Albert J. ; Mallick Soummya ; Ogden Aubrey Deene ; Sell John Victor, Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions w.
Melo Michael D. (Billerica MA), Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 8048.
Ganapathy Narayanan ; Stevens Luis F. ; Schimmel Curt F., Method, system and computer program product for dynamically allocating large memory pages of different sizes.
Eugene Feng ; Gary Phillips, Microcontroller system having allocation circuitry to selectively allocate and/or hide portions of a program memory address space.
Grimmer ; Jr. George G. ; Rhoades Michael W., Microcontroller with security logic circuit which prevents reading of internal memory by external program.
Goetz John W. ; Mahin Stephen W. ; Bergkvist John J., Microprocessor with an architecture mode control capable of supporting extensions of two distinct instruction-set archi.
Blomgren James S. (San Jose CA) Bracking Jimmy (San Jose CA) Richter David (San Jose CA) Spahn Francis (El Cerrito CA), Microprocessor with operation capture facility.
McDonald, Michael F.; Arora, Sumeet; Chu, Mark, Mutual exclusion at the record level with priority inheritance for embedded systems using one semaphore.
Reardon David C., Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place.
Neufeld E. David (Tomball TX), Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data trans.
Robinson Paul T. (Arlington MA) Mason Andrew H. (Hollis NH) Hall Judith S. (Sudbury MA), Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces.
John K. Gee ; David A. Greve ; David S. Hardin ; Allen P. Mass ; Michael H. Masters ; Nick M. Mykris ; Matthew M. Wilding, Real time processor capable of concurrently running multiple independent JAVA machines.
Browne Hendrik A., Secure computer system and method of providing secure access to a computer system including a stand alone switch operable to inhibit data corruption on a storage device.
Hudson Jerome D. ; Champagne Jean-Paul,FRX ; Galindo Mary A. ; Hickerson Cynthia M. K. ; Hickman Donna R. ; Lockhart Robert P. ; Saddler Nancy B. ; Stange Patricia A., System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential.
Angelo Michael F. ; Olarig Sompong P. ; Wooten David R. ; Driscoll Dan J., System and method for performing secure device communications in a peer-to-peer bus architecture.
Inoue Taro (Sagamihara JPX) Umeno Hidenori (Kanagawa JPX) Tanaka Shunji (Sagamihara JPX) Yamamoto Tadashi (Kanagawa JPX) Ohtsuki Toru (Hadano JPX), System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode.
Nardone Joseph M. ; Mangold Richard P. ; Pfotenhauer Jody L. ; Shippy Keith L. ; Aucsmith David W. ; Maliszewski Richard L. ; Graunke Gary L., Tamper resistant methods and apparatus.
Nardone Joseph M. ; Mangold Richard T. ; Pfotenhauer Jody L. ; Shippy Keith L. ; Aucsmith David W. ; Maliszewski Richard L. ; Graunke Gary L., Tamper resistant methods and apparatus.
Nardone Joseph M. ; Mangold Richard P. ; Pfotenhauer Jody L. ; Shippy Keith L. ; Aucsmith David W. ; Maliszewski Richard L. ; Graunke Gary L., Tamper resistant player for scrambled contents.
Mason Andrew H. (Hollis NH) Hall Judith S. (Sudbury MA) Robinson Paul T. (Arlington MA) Witek Richard T. (Littleton MA), Translation buffer for virtual machines with address space match.
Scott W. Devine ; Edouard Bugnion ; Mendel Rosenblum, Virtualization system including a virtual machine monitor for a computer with a segmented architecture.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.