As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option is an information handling system (IHS). An IHS generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes. Because technology and information handling needs and requirements may vary between different applications, IHSs may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in IHSs allow for IHSs to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, global communications, etc. In addition, IHSs may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
If an intruder obtains physical access to an information handling system, it is possible for that intruder to monitor the system's code execution, memory state, bus traffic, debug ports, hard drives, ports, and so on; thereby accessing key values and other protected data. Conventional attempts to address this problem include implanting bugs into the information handling system that probe communication lines, such as internal serial buses. However, it is prohibitively expensive to secure all buses within such a system.
As the inventors hereof have recognized, some secure storage devices may be encrypted by a key that can be cleared upon intrusion, but this is process is irrevocable and the data is effectively lost forever. Also, chassis intrusion detection mechanisms are often backed by a coin cell battery or the like. Failure of the battery can also invoke intrusion detection and also irrevocably wipe the key storage.
To address these, and other problems, the inventors hereof have developed systems and methods that provide recovery of the stored keys to avoid permanent data loss in response to intrusion, battery failure, other tampering events, or the like.