US2017024565A1PendingUtilityA1

System, method, and computer program product for mounting an image of a computer system in a pre-boot environment for validating the computer system

59
Assignee: MCAFEE INCPriority: Mar 31, 2009Filed: Sep 30, 2016Published: Jan 26, 2017
Est. expiryMar 31, 2029(~2.7 yrs left)· nominal 20-yr term from priority
G06F 21/575G06F 9/4403G06F 21/554G06F 2221/034G06F 21/564G06F 21/56G06F 9/4406
59
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system, method, and computer program product are provided for controlling loading of an operating system, including mounting an image of an operating system in a pre-boot environment of a programmable device, identifying an untrusted component of the operating system registered to be automatically loaded or loaded during a boot-up stage of the operating system that is predetermined to be early, and substituting a trusted component for the untrusted component.

Claims

exact text as granted — not AI-modified
1 . A non-transitory computer readable medium comprising instructions stored thereon that when executed cause a programmable device to:
 mount an image of an operating system in a pre-boot environment of the programmable device;   identify an untrusted component of the operating system registered to be automatically loaded or loaded during a boot-up stage of the operating system that is predetermined to be early; and   substitute a trusted component for the untrusted component, wherein the trusted component is a first component and the untrusted component is a second component.   
     
     
         2 . The computer readable medium of  claim 1 , wherein the instructions stored thereon that when executed cause the programmable device to substitute a trusted component for the untrusted component comprise instructions that when executed cause the programmable device to:
 determine that the untrusted component is a critical component, and   identify that the trusted component is capable of substituting for the critical component.   
     
     
         3 . The computer readable medium of  claim 1 , wherein the untrusted component is an advanced component and wherein the trusted component is a standard component. 
     
     
         4 . The computer readable medium of  claim 1 , wherein the instructions stored thereon that when executed cause the programmable device to identify an untrusted component of the operating system comprise instructions that when executed cause the programmable device to:
 verify a digital signature associated with components of the operating system registered to be automatically loaded or loaded during a boot-up stage of the operating system that is predetermined to be early.   
     
     
         5 . The computer readable medium of  claim 1 , wherein the instructions stored thereon further comprise instructions that when executed cause the programmable device to:
 monitor a security system of the programmable device during execution of the operating system, to ensure that the security system executes as expected.   
     
     
         6 . The computer readable medium of  claim 1 , wherein the pre-boot environment is provided by a chipset extension. 
     
     
         7 . A programmable apparatus, comprising:
 one or more processors; and   a memory, coupled to the one or more processors, on which are stored instructions, comprising instructions that when executed cause at least some of the one or more processors to:
 mount an image of an operating system in a pre-boot environment of the programmable apparatus; 
 identify an untrusted component of the operating system registered to be automatically loaded or loaded during a boot-up stage of the operating system that is predetermined to be early; and 
 substitute a trusted component for the untrusted component, wherein the trusted component is a first component and the untrusted component is a second component. 
   
     
     
         8 . The programmable apparatus of  claim 7 , wherein the instructions that when executed cause at least some of the one or more processors to substitute a trusted component for the untrusted component comprise instructions that when executed cause at least some of the one or more processors to:
 determine that the untrusted component is a critical component, and   identify that the trusted component is capable of substituting for the critical component.   
     
     
         9 . The programmable apparatus of  claim 7 , wherein the untrusted component is an advanced component and wherein the trusted component is a standard component. 
     
     
         10 . The programmable apparatus of  claim 7 , wherein the programmable apparatus is a mobile device. 
     
     
         11 . The programmable apparatus of  claim 7 , wherein the programmable apparatus is an embedded programmable device. 
     
     
         12 . The programmable apparatus of  claim 7 , wherein the one or more processors and memory are virtualized. 
     
     
         13 . The programmable apparatus of  claim 7 , wherein the instructions that when executed cause at least some of the one or more processors to identify an untrusted component of the operating system comprise instructions that when executed cause at least some of the one or more processors to:
 verify a digital signature associated with components of the operating system registered to be automatically loaded or loaded during a boot-up stage of the operating system that is predetermined to be early.   
     
     
         14 . A method of controlling loading of an operating system, comprising:
 mounting an image of an operating system in a pre-boot environment of a programmable device;   identifying an untrusted component of the operating system registered to be automatically loaded or loaded during a boot-up stage of the operating system that is predetermined to be early; and   substituting a trusted component for the untrusted component, wherein the trusted component is a first component and the untrusted component is a second component.   
     
     
         15 . The method of  claim 14 , wherein substituting a trusted component for the untrusted component comprises:
 determining that the untrusted component is a critical component, and   identifying that the trusted component is capable of substituting for the critical component.   
     
     
         16 . The method of  claim 14 , wherein the untrusted component is an advanced component and wherein the trusted component is a standard component. 
     
     
         17 . The method of  claim 14 , wherein identifying an untrusted component of the operating system further comprises:
 verifying a digital signature associated with components of the operating system registered to be automatically loaded or loaded during a boot-up stage of the operating system that is predetermined to be early.   
     
     
         18 . The method of  claim 14 , further comprising:
 monitoring a security system of the programmable device during execution of the operating system, to ensure that the security system executes as expected.   
     
     
         19 . The method of  claim 14 , wherein the pre-boot environment is a virtualized pre-boot environment. 
     
     
         20 . The method of  claim 14 , wherein the pre-boot environment is provided by a chipset extension.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.