The present disclosure relates generally to information handling systems, and more particularly to a Basic Input/Output System (BIOS) secure data management system for information handling systems.
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option is an information handling system (IHS). An IHS generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes. Because technology and information handling needs and requirements may vary between different applications, IHSs may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in IHSs allow for IHSs to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, IHSs may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
IHSs include a Basic Input/Output System (BIOS) that is used to boot the IHS by initializing the IHS, testing the IHS components, loading an operating system on the IHS, and performing a variety of other BIOS functionality known in the art. It is desirable to keep some data provided to and/or utilized by the BIOS persistent across IHS boots. For example, it would be convenient for the BIOS to store passwords, keys, and/or other sensitive and/or private data known in the art such that the user does not have to continually provide such data upon each IHS boot. Conventionally, data that is desired to be kept persistent across IHS boots is stored in a non-volatile random access memory (NVRAM), hard disk drive, solid state drive, and/or other storage system that is accessible throughout the runtime of the IHS. As such, only data that is not intended to be secured against basic malicious attacks (e.g., a hash of a password or other obfuscated security data) may be kept persistent across IHS boots, as conventional BIOS has no mechanism to store data such that it is both persistent across IHS boots and also secure against third parties retrieving the stored data.
Accordingly, it would be desirable to provide a Basic Input/Output System (BIOS) secure data management system.