Systems are provided for the enhancement of the system BIOS for microprocessor-based devices. Before the end of a BIOS start-up procedure, the BIOS operation is diverted to a BIOS security authentication system which may be a portion of an enhanced system BIOS. The BIOS security authentication system establishes communication with an information module, if the information module is present. The information module is typically a removable or installable card, which may be unique to one or more users. Based upon an information exchange between the security authentication module and the information module, the security authentication module controllably allows or prevents the system BIOS start-up procedure to resume and finish. In a preferred embodiment, the security authentication module is used as a pre-boot authentication system, to prevent a microprocessor-based device from booting up, unless a valid authorized information module is present. In other preferred embodiments, an adaptive security authentication module interface is provided, to allow information exchange with a variety of information modules having one or more information formats. In alternate embodiments, information from the information exchange may be transferred to the main system BIOS (such as to provide system functions to the BIOS, or to provide identity information of the user, based upon the information module).
In one embodiment a computer system, comprises a processor, a basic input/output system (BIOS) including logic instructions which, when executed by the processor, configure the processor to initiate power on self test (POST) processing in the basic input/output system (BIOS) of a computing device, detect a connection to a remote memory device, and write an access level indicator stored on the remote memory device to an output device.
The present invention provides an application authentication system capable of authenticating an application on a terminal device, which does not have a secure information concealing area, by a secure device. In an application authentication system in which a secure device 10 fitted to a terminal device 30 that has no secure information concealing area authenticates an application 31 stored in the terminal device, the secure device 10 authenticates an application running means 33 stored in an unwritable area 302 of the terminal device, and also authenticates the application based on a process applied to the application 31 by the application running means to request an access to the secure device. Since the terminal authentication by the secure device and the application authentication executed within the terminal device are coupled in combination, the secure device can authenticate the application operated on the terminal device without the secure information concealing area.
The disclosure describes a method for securing the trustworthiness of an electronic device. At least first and second check-up data are stored in the electronic device. In the method, a first step of a boot program is executed. In the first boot step, the trustworthiness of the first check-up data is examined, wherein if the check-up shows that the first check-up data is trusted, the second check-up data related to the second boot step is examined to confirm the trustworthiness of the second boot step. If the check-up shows that the second check-up data related to the second boot step is trusted, the second boot step is executed after said first boot step.
