SYSTEMS AND METHODS FOR USING A MANAGEMENT CONTROLLER TO SECURELY MONITOR AND ENFORCE INTEGRITY OF BIOS MODULES DURING BOOT PROCESS OF INFORMATION HANDLING SYSTEM

Organization Name

dell products l.p.

Inventor(s)

Balasingh P. Samuel of Round Rock TX (US)

Michael W. Arms of Copperas Cove TX (US)

Adolfo S. Montero of Pflugerville TX (US)

SYSTEMS AND METHODS FOR USING A MANAGEMENT CONTROLLER TO SECURELY MONITOR AND ENFORCE INTEGRITY OF BIOS MODULES DURING BOOT PROCESS OF INFORMATION HANDLING SYSTEM - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240265107 titled 'SYSTEMS AND METHODS FOR USING A MANAGEMENT CONTROLLER TO SECURELY MONITOR AND ENFORCE INTEGRITY OF BIOS MODULES DURING BOOT PROCESS OF INFORMATION HANDLING SYSTEM

The abstract of this patent application describes a method that involves a management controller verifying the integrity of firmware and a driver integrity table using a public key. The driver integrity table contains identifying information and hashes of executable modules of the BIOS, signed by a private key associated with the public key.

• The method includes verifying the integrity of firmware and the driver integrity table using a public key.
• The driver integrity table contains identifying information and hashes of executable modules of the BIOS, signed by a private key.
• The management controller performs power sequencing of the information handling system to begin execution of the BIOS if integrity is verified.

Potential Applications: - This technology can be applied in computer systems to ensure the security and integrity of firmware and driver modules. - It can be used in critical systems where data integrity and security are paramount, such as in healthcare or financial institutions.

Problems Solved: - Ensures the integrity of firmware and driver modules in an information handling system. - Provides a secure method for verifying the authenticity of executable code in the BIOS.

Benefits: - Enhances the security of computer systems by verifying the integrity of firmware and driver modules. - Helps prevent unauthorized access or tampering with critical system components.

Commercial Applications: Title: Secure Firmware Verification Technology for Information Handling Systems This technology can be commercially used in industries where data security is crucial, such as finance, healthcare, and government sectors. It can also be integrated into hardware devices to provide secure boot processes and protect against malicious attacks.

Questions about Secure Firmware Verification Technology for Information Handling Systems:

1. How does this technology improve the security of information handling systems? This technology improves security by verifying the integrity of firmware and driver modules using a public key infrastructure, ensuring that only authentic and unaltered code is executed.

2. What are the potential implications of using this technology in critical systems like healthcare or finance? Using this technology in critical systems can help prevent unauthorized access, data breaches, and tampering with essential components, ensuring the integrity and security of sensitive information.

Original Abstract Submitted

a method may include a management controller verifying integrity of firmware of the management controller using a public key and verifying integrity of a driver integrity table using the public key, wherein the driver integrity table sets forth a plurality of entries, each entry comprising identifying information for an executable module of the bios and a hash of executable code of such executable module signed by a private key, wherein the driver integrity table is signed by the private key and wherein the private key is associated with the public key. the method may further include performing, by the management controller, power sequencing of the information handling system to begin execution of the bios if integrity of the firmware and integrity of the driver integrity table are verified.