232 Z.Du,X.Li,and K.Shen Since the fingerprint data is stored inside the flash chip,it might be easily accessed and copied if someone knows where to look for it.To further enhance the security,we adopted biometric-TPM multi-factor authentication.We use TPM to complement the fingerprint reader by encrypt the data and store the associated key in TPM. 3.2 Sensitive Data Protection One of the key issues of computer security is to protect data such that it can not be accessed by an unauthorized person.There are many ways to accomplish this task at OS level.But at the level of firmware we do not have the computation power to do data encryption without affecting the computer performance.One might use compli- cated virtualization technology or proprietary hard disk firmware to achieve this goal, but these solutions will either increase cost or deteriorate performance.Here,we pro- posed an easy way to protect data on a personal disk at the firmware level.The method is easy to implement,transparent to the user and very secure. In fact the ATA specification has been implemented security hard disk command to protect the contents on a hard disk.This feature is not commonly used because the data will be lost if one forget the password.If the password can be securely repro- duced we have no reason not to use this security feature. In our implementation we have used a public memorable user ID to generate a 32 byte password for the hard disk security password.Since the password is dynamically generated in a proprietary way before the computer is fully powered on,it ensured that only authorized person can access the data.With this implementation it is also possible that different people will have different access right based on how the pass- words are set in different hard disks. We have implemented a setup item to ask user's permission to use the password feature and input a user ID.The whole process of setting the password is done auto- matically and no one knows what exactly the password is.When the computer is turned on the next time,the UEFI firmware will retrieve the password and send an unlock command to hard disk.The whole process is automatically completed as part of the POST and the user is even not aware that the password is used. To associate the hard disk with the particular PC,we used the TPM chip as a com- plementary tool.In this case we used platform identity keys and made the hard disk password generation process dependent on the platform.With this added protection the password can not be recovered once the hard disk is separated from the platform. In another words,the hard disk is not only associated with the user ID but also bound with the platform where the TPM chip is mounted. 3.3 UEFI Intrusion Reporting During the system power on process,our secure firmware will check the Integrity of loaded software modules,verify user ID and passwords.In most of the cases a secure firmware will block the execution of an un-trusted software module or deny the ac- cess for an unauthorized person.This kind of passive action still leaves the intruder repeated chance to break into the system.One may also use event log feature in the computer.But this will only help to track the cause and is not help to prevent it from happening.232 Z. Du, X. Li, and K. Shen Since the fingerprint data is stored inside the flash chip, it might be easily accessed and copied if someone knows where to look for it. To further enhance the security, we adopted biometric-TPM multi-factor authentication. We use TPM to complement the fingerprint reader by encrypt the data and store the associated key in TPM. 3.2 Sensitive Data Protection One of the key issues of computer security is to protect data such that it can not be accessed by an unauthorized person. There are many ways to accomplish this task at OS level. But at the level of firmware we do not have the computation power to do data encryption without affecting the computer performance. One might use compli￾cated virtualization technology or proprietary hard disk firmware to achieve this goal, but these solutions will either increase cost or deteriorate performance. Here, we pro￾posed an easy way to protect data on a personal disk at the firmware level. The method is easy to implement, transparent to the user and very secure. In fact the ATA specification has been implemented security hard disk command to protect the contents on a hard disk. This feature is not commonly used because the data will be lost if one forget the password. If the password can be securely repro￾duced we have no reason not to use this security feature. In our implementation we have used a public memorable user ID to generate a 32 byte password for the hard disk security password. Since the password is dynamically generated in a proprietary way before the computer is fully powered on, it ensured that only authorized person can access the data. With this implementation it is also possible that different people will have different access right based on how the pass￾words are set in different hard disks. We have implemented a setup item to ask user’s permission to use the password feature and input a user ID. The whole process of setting the password is done auto￾matically and no one knows what exactly the password is. When the computer is turned on the next time, the UEFI firmware will retrieve the password and send an unlock command to hard disk. The whole process is automatically completed as part of the POST and the user is even not aware that the password is used. To associate the hard disk with the particular PC, we used the TPM chip as a com￾plementary tool. In this case we used platform identity keys and made the hard disk password generation process dependent on the platform. With this added protection the password can not be recovered once the hard disk is separated from the platform. In another words, the hard disk is not only associated with the user ID but also bound with the platform where the TPM chip is mounted. 3.3 UEFI Intrusion Reporting During the system power on process, our secure firmware will check the Integrity of loaded software modules, verify user ID and passwords. In most of the cases a secure firmware will block the execution of an un-trusted software module or deny the ac￾cess for an unauthorized person. This kind of passive action still leaves the intruder repeated chance to break into the system. One may also use event log feature in the computer. But this will only help to track the cause and is not help to prevent it from happening