-
1.发明公开公开(公告)号:US20240296235A1
公开(公告)日:2024-09-05
申请号:US18177901
申请日:2023-03-03
申请人: Dell Products, L.P.
发明人: Rama Rao Bisa , Dharma Bhushan Ramaiah , Vineeth Radhakrishnan , Mini Thottunkal Thankappan , Shinose Abdul Rahiman , Chandrashekar Nelogal , Mukund P. Khatri , A Anis Ahmed , Marshal F. Savage , Jason Matthew Young
CPC分类号: G06F21/602 , G06F21/33
摘要: According to embodiments of the present disclosure, an Information Handling
System (IHS) including multiple Security Protocol and Data Model (SPDM)-enabled devices is configured to perform collective attestation. The collective attestation is provided by computer-executable instructions that, when executed by a processor of the IHS, receive an attestation request from a requesting device and a device identity certificate from each of the devices. Using the device identity certificates, the instructions perform a cryptographic hash over the received device identity certificates, and send the cryptographic hash to the requesting device in response to the request.-
公开(公告)号:US20240296234A1
公开(公告)日:2024-09-05
申请号:US18177156
申请日:2023-03-02
申请人: Dell Products, L.P.
发明人: Mini Thottunkal Thankappan , Shinose Abdul Rahiman , Rama Rao Bisa , Dharma Bhushan Ramaiah , Vineeth Radhakrishnan
CPC分类号: G06F21/602 , G06F21/33 , G06F21/85
摘要: According to embodiments of the present disclosure, a dynamic key distribution system is provided. The dynamic key distribution includes computer-executable instructions to encrypt, using a first Security Protocol and Data Model (SPDM)-enabled device conforming to a SPDM specification, an original Pre-Shared Key (PSK) with a SPDM identity certificate of the first SPDM-enabled device, wherein the original PSK is associated with a second SPDM-enabled device. The instructions are also configured to provision the encrypted PSK in the second SPDM-enabled device, and authenticate the second SPDM-enabled device by decrypting the encrypted PSK to obtain the original PSK using an SPDM protocol.
-
公开(公告)号:US12073204B2
公开(公告)日:2024-08-27
申请号:US17934949
申请日:2022-09-23
申请人: Dell Products, L.P.
发明人: Mahesh Babu Ramaiah , Rama Rao Bisa
CPC分类号: G06F8/65 , G06F8/63 , G06F11/076
摘要: Embodiments of systems and methods to provide a firmware update to devices configured in a redundant configuration in an Information Handling System (IHS) are disclosed. In an illustrative, non-limiting embodiment, an IHS may include first and second Remote Access Controllers (RACs) that each includes computer-executable instructions to receive, by the first RAC, a firmware update image associated with the device in which the firmware update image conforms to a PLDM specification. The first RAC may then, issue a command to the firmware device indicating that the firmware device is to request a firmware update from the first RAC in which the command includes information about the second RAC. The information indicates the ability of the second RAC to complete a transfer of the firmware update image when the first RAC partially completes the transfer of the firmware update image.
-
公开(公告)号:US20240281538A1
公开(公告)日:2024-08-22
申请号:US18171924
申请日:2023-02-21
申请人: Dell Products, L.P.
发明人: Vineeth Radhakrishnan , Mini Thottunkal Thankappan , Shinose Abdul Rahiman , Rama Rao Bisa , Dharma Bhushan Ramaiah
IPC分类号: G06F21/57
CPC分类号: G06F21/577 , G06F21/575 , G06F2221/033
摘要: According to embodiments of the present disclosure, an Information Handling System (IHS) includes a plurality of Security Protocol and Data Model (SPDM)-enabled devices conforming to a SPDM specification, and instructions stored in a memory and executable by a processor to communicate with the SPDM-enabled devices to derive a trust score for each of the SPDM-enabled devices, and perform one or more optimization actions to optimize an overall security state of the IHS.
-
公开(公告)号:US11977877B2
公开(公告)日:2024-05-07
申请号:US17935158
申请日:2022-09-26
申请人: Dell Products, L.P.
发明人: Deepaganesh Paulraj , Kala Sampathkumar , Rama Rao Bisa , Darshan Hebbar , Manjunath Am , Elie Antoun Jreij , Naveen Karthick Chandrasekaran , Pavan Kumar Gavvala , Manjunath Vishwanath , Sivakami Velusamy
CPC分类号: G06F8/65
摘要: In various embodiments, a remote access controller supporting remote management of an Information Handling System (IHS). The remote access controller receives a first firmware image comprising first firmware for a first hardware component of the IHS. A personality of the first firmware is determined and at least a portion of the first firmware is stored to a first region of a persistent storage of the first hardware component, where the first region is designated as storing firmware for adapting the first hardware component to the first personality. In response to a detected reconfiguration of the IHS, the remote access controller generates a notification of the first firmware that is stored by the first hardware component and that is usable to adapt operation of the first hardware component to the first personality.
-
公开(公告)号:US20240104214A1
公开(公告)日:2024-03-28
申请号:US17934228
申请日:2022-09-22
申请人: Dell Products, L.P.
发明人: Deepaganesh Paulraj , Rama Rao Bisa , Kala Sampathkumar , Mini Thottunkal Thankappan , Hiren Kishorbhai Pitroda
CPC分类号: G06F21/572 , G06F8/65
摘要: Systems and methods update firmware during authentication of a hardware component of an IHS (Information Handling System), where firmware updates are managed by a remote access controller that provides remote management of the IHS. The remote access controller calculates a measurement based on firmware loaded for use by a hardware component of the IHS. Based on the measurement, an integrity of the firmware loaded for use by the hardware component is validated against a reference signature. When the integrity of the firmware is not validated, the hardware component is quarantined. When the integrity of the firmware is successfully validated, the remote access controller determines whether a firmware update is required for the firmware loaded by the hardware component. When a firmware update is required, an integrity of the updated firmware is validated, the updated firmware is loaded by the hardware component and further initialization of the hardware component is allowed.
-
公开(公告)号:US20240103849A1
公开(公告)日:2024-03-28
申请号:US17935589
申请日:2022-09-27
申请人: Dell Products, L.P.
发明人: Manjunath Vishwanath , Rama Rao Bisa , Pavan Kumar Gavvala , Manjunath AM , Shantanu Kumar Pradhan , Chandrasekhar R
IPC分类号: G06F8/656
CPC分类号: G06F8/656
摘要: Embodiments of systems and methods to provide a firmware update to devices configured in a redundant configuration in an Information Handling System (IHS) are disclosed. In an illustrative, non-limiting embodiment, an IHS may include computer-executable instructions to receive a firmware update image associated with the firmware device, determine that the firmware update image possesses a critical sub-image portion, and schedule a firmware update to be performed in the future on the firmware device using the one firmware update image. The firmware update image conforms to a Platform Level Data Model (PLDM) protocol that is configured to perform rebootless firmware updates.
-
公开(公告)号:US20240103825A1
公开(公告)日:2024-03-28
申请号:US17934653
申请日:2022-09-23
申请人: Dell Products, L.P.
发明人: Vineeth Radhakrishnan , Dharma Bhushan Ramaiah , Mini Thottunkal Thankappan , Rama Rao Bisa , Shinose Abdul Rahiman
IPC分类号: G06F8/65
CPC分类号: G06F8/65
摘要: Embodiments of the present disclosure provide a firmware update to multiple, similar hardware devices in an Information Handling System (IHS). In an illustrative, non-limiting embodiment, an IHS may include computer-executable instructions to receive a request to perform a firmware update to a plurality of devices, update a first of the plurality of devices with the requested firmware update, and calculate a health score for the first device as a result of the first device being updated. Based upon the health score, the system and method may determine whether to update the other devices based at least in part, on the determined health score, and update the other devices based on the determination.
-
公开(公告)号:US20230071552A1
公开(公告)日:2023-03-09
申请号:US17985484
申请日:2022-11-11
申请人: DELL PRODUCTS L.P.
发明人: Viswanath Ponnuru , Rama Rao Bisa , Chandrashekar Nelogal , Chandrasekhar Mugunda , Lee Eric Ballard
摘要: A system for data processing, comprising a management controller operating on a processor and configured to load and execute one or more algorithms that provide the function of transmitting a request to a managed device using a Security Protocol and Data Model (SPDM) protocol and to receive a response from the managed device. A system management bus and security policy system operating on the processor is configured to execute one or more algorithms to process the response from the managed device to apply an SPDM security policy to the response.
-
公开(公告)号:US11095445B2
公开(公告)日:2021-08-17
申请号:US16262302
申请日:2019-01-30
申请人: Dell Products L.P.
发明人: Chitrak Gupta , Rama Rao Bisa , Sushma Basavarajaiah , Kala Sampathkumar , Shekar Babu Suryanarayana , Mukund P. Khatri , Ajay Shenoy
摘要: A system includes a management system, a managed system that is coupled to the management system through a network. The managed system comprises a managed device, a key identifier storage, a first managed device locking system coupled to the managed device and the key identifier storage, and a second managed device locking system coupled to the managed device, the key identifier storage, and the first managed device locking system. The first managed device locking system is configured to store a key identifier of the managed device in the key identifier storage and to provide access to a locking key of the managed device based upon the key identifier of the managed device, stored in a management system. The second managed device locking system is configured to monitor the managed device for an event that triggers unlocking the managed device, monitor operating status of the first managed device locking system. In some embodiments, where the first managed device locking system is unavailable, the second managed device locking system is configured to provide access to the locking key of the managed device based upon the key identifier of the managed device, stored in the management system.
-
-
-
-
-
-
-
-
-
搜索结果
98 条记录 (耗时 0.027 秒)
