The present disclosure relates generally to information handling systems, and more particularly to virtual appliance pre-boot authentication using an information handing system.
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option is an information handling system (IHS). An IHS generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes. Because technology and information handling needs and requirements may vary between different applications, IHSs may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in IHSs allow for IHSs to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, IHSs may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
An IHS platform may be used by different users at different times. Current practice is generally for the platform to have a single operating system and for the operating system to be responsible for implementing authentication and authorization for the different users. That is, the platform will boot to a production operating system. The production operating system will then prompt the user for credentials and receive those credentials. The inputting of credentials at this level exposes the operating system to potential malicious attacks.
To improve the security of the platform, systems may require either a power on password or a hard disk password. However, both of these are credentials relating to a single user for the system. If authenticated, the system will boot a default operating system.
Embedded hypervisors on client platforms are starting to come to market. A hypervisor may be known as a virtual machine monitor and is a virtualization platform that allows multiple operating systems to run concurrently on a host IHS. In other words, the hypervisor enables more than one operating system to execute concurrently on a platform. As a result, client platforms are starting to be deployed with multiple operating systems. Two configurations are anticipated to become prevalent. The first configuration is a quick starting webtop/mail client constrained operating system side by side with a production operating system. The second configuration is for two full featured production operating systems to co-exist. One operating system may be a personal or unsecured image. The other operating system may be a highly secure, corporate image. In order to improve the utility of the platform, it is desirable to allow the quick starting and personal operating systems to be booted with minimal or no authentication required, while enforcing pre boot authentication for the secure, corporate image.
Accordingly, it would be desirable to provide an improved virtual appliance pre-boot authentication system absent the disadvantages discussed above.