Browse Prior Art Database

Autonomic Method to unlock a hardfile password for remote maintenance

IP.com Disclosure Number: IPCOM000018725D
Original Publication Date: 2003-Aug-04
Included in the Prior Art Database: 2003-Aug-04
Document File: 1 page(s) / 41K

Publishing Venue

IBM

Abstract

Maintenance applications use WOL as a means to gain remote access to a client machine. Maintenance applications send a WOL packet to a client machine, which powers on and goes through an alternate boot sequence. The system could boot across the network to a maintenance server to execute maintenance utilities , perform device driver updates, or execute commands such as remote backup and antivirus software . The WOL/remote boot technology was designed for desktop systems, which are stationary and the network system remains constantly powered from auxiliary power supplies. Migration of this technology to portable laptop systems creates significant challenges. One of major challenges is managing a hardfile with a password. If a hardfile is locked, it cannot be managed correctly since the software has no access to the hardfile. This article addresses this problem.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 100% of the total text.

Page 1 of 1

Autonomic Method to unlock a hardfile password for remote maintenance

   To solve the problem, the hardfile password could be transmitted as part of the magic packet which wakes up the mobile client. The password could be sent in either an encrypted or un-encrypted state. Although sending an un-encrypted password solves the problem , the password would be in the clear which could compromise the system. Sending an encrypted password would be the most secure solution. This encrypted value could be un-encrypted by utilizing a previously stored key in the TPM to decrypt the password. This would securely unlock the drive without ever compromising the password. This method works but is subject to a replay attack. What is more secure is that , upon the first packet, the BIOS would generate a random number and respond to the caller. At this point , the system will power off. The sever would take the random number, encrypt the random number with the password, and send the data to the client with another WOL packet. This would secure the transaction and unlock the hardfile.

Disclosed by International Business Machines Corporation

1