1. Technical Field
The present invention generally relates to remote management of data processing systems and in particular to remote management extending to xe2x80x9chard-lockedxe2x80x9d security information for a data processing system. Still more particularly, the present invention relates to permitting a remote entity to change xe2x80x9chard-lockedxe2x80x9d security data after correct authentication without compromising security.
2. Description of the Related Art
Critical security information, including passwords, boot sequences, security options, and the like, are frequently kept within a data processing system in a nonvolatile storage device which can be locked down xe2x80x9chardxe2x80x9d (i.e., requiring a reset to unlock) prior to the operating system load, thereby effectively hiding the information during operation of the data processing system to prevent unauthorized access to this information. The information is therefore accessible only during startup of the data processing system (i.e., the xe2x80x9cpre-bootxe2x80x9d environment), and usually is only available to selected, trusted routines within the power on self test (POST) basic input/output system (BIOS). The information is not accessible at run time or anytime after the operating system begins loading, which protects the information from an unauthorized attack (e.g., a virus).
However, this treatment of the security information also prevents remote access by authorized users since there exists no completely secure method to identify the authorized user or to restrict access to the security information to only an authorized user. For complete remote manageability of a data processing system, remote access to the security data, including the ability to change the security data, is required. Currently, the only way to allow such remote access to the security data is to leave the data unprotected and allow configuration utilities to access the security information after booting of the operating system. The data processing system user is thus required to choose between a highly secure system with local maintenance or a remote maintenance strategy with less security.
It would be desirable, therefore, to permit remote access of critical information for the purpose of remote maintenance without compromising the security of such information, and to allow a remote entity to change the security data upon correct authentication.
It is therefore one object of the present invention to provide improved remote management of data processing systems.
It is another object of the present invention to provide remote management of data processing systems extending to xe2x80x9chard-lockedxe2x80x9d security information for a data processing system.
It is yet another object of the present invention to provide a mechanism permitting a remote entity to change xe2x80x9chard-lockedxe2x80x9d security data after correct authentication without compromising security.
The foregoing objects are achieved as is now described. Authentication of an entity remotely managing a data processing system is enabled to allow changes by the remote entity to hard-locked critical security information normally accessible only during the POST and only to trusted entities such as the system BIOS. The remote entity builds a change request and generates a hash from the change request with a current password appended. The change request and the hash are stored in a lockable non-volatile buffer which, once locked, requires a system reset to access. During the next POST, a trusted entity such as the system BIOS reads the change request, generates an authentication hash from the change request and the current password within the hard-locked security information, and compares the buffered hash with the generated hash. If a match is determined, the security information is updated; otherwise a tamper error is reported.
The above as well as additional objectives, features, and advantages of the present invention will become apparent in the following detailed written description.