International Business Machines Corporation
Securing operating system configuration using hardware

Abstract:

A method, system, and computer program product includes receiving, in a booted state of a computing system, a request to load an operating system configuration. The method further includes storing, automatically in response to receiving the request, a digital key to authenticate the operating system configuration. The method further includes restarting the computing system. In response to restarting the computing system and while the computing system is in a pre-boot state, the method includes: validating that the digital key stored is one for a valid operating system configuration; receiving, from a user interface physically coupled to the computing system, a signal confirming the received request; authenticating, in response to receiving the signal, the operating system configuration using the digital key; and booting, in response to the authenticating, the operating system configuration.