US 12,223,053 B2
Detection and remediation of unauthorized boot of storage media
Charles C. Ruffino, Menifee, CA (US); Stephen Hardwick, Austin, TX (US); and Mark Chen, Newark, CA (US)
Assigned to SOFTIRON LIMITED, London (GB)
Filed by SOFTIRON LIMITED, Chilworth (GB)
Filed on May 23, 2022, as Appl. No. 17/750,528.
Claims priority of provisional application 63/196,881, filed on Jun. 4, 2021.
Prior Publication US 2022/0391513 A1, Dec. 8, 2022
Int. Cl. G06F 21/57 (2013.01); H04L 9/08 (2006.01)
CPC G06F 21/575 (2013.01) [H04L 9/0894 (2013.01); G06F 2221/2143 (2013.01)] 28 Claims
OG exemplary drawing
 
1. An apparatus, comprising:
a cryptographic key for decrypting content to be read from a storage media;
a control circuit configured to, upon a boot of a server:
dynamically generate a new boot authentication code using a prescribed method;
determine a reconstituted boot authentication code, the reconstituted boot authentication code reconstituted from an initial boot authentication code that was previously generated using the prescribed method;
compare the new and reconstituted boot authentication codes;
based on a determination that the new and reconstituted boot authentication codes do not match, take a corrective action;
generate the initial boot authentication code using the prescribed method;
generate a plurality of secrets derived from the initial boot authentication code;
store one or more the plurality of secrets locally in encrypted form or remotely from the apparatus; and
delete the initial boot authentication code and any of the plurality of secrets that are unencrypted and local to the apparatus.