公开(公告)号：US20240313983A1

公开(公告)日：2024-09-19

申请号：US18184412

申请日：2023-03-15

申请人： Dell Products, L.P.

发明人： Viswanath Ponnuru ,  Chandrashekar Nelogal ,  Dharma Bhushan Ramaiah ,  Vineeth Radhakrishnan ,  Mini Thottunkal Thankappan ,  Rama Rao Bisa ,  Shinose Abdul Rahiman

IPC分类号： H04L9/32

CPC分类号： H04L9/3265 ,  H04L9/3268

摘要： Systems and methods provide for SPDM-enabled devices that conform to an SPDM specification. An SPDM-enabled device receives a request to provision a certificate chain on the device and sends an event notification message to a baseboard management controller. The event notification message indicates receipt of a request to provision a certificate chain in a slot on the SPDM-enabled device. The baseboard management controller evaluates the certificate chain against the device manufacturer's certificate profile policy. If the certificate chain is valid, then a validation successful message is sent to the SPDM-enabled device, which in turn sends a certificate provision response to a requesting device. If the certificate chain is not valid, then a validation failure message is sent to the SPDM-enabled device, which causes the SPDM-enabled device to enter a quarantine state.

公开(公告)号：US20240297902A1

公开(公告)日：2024-09-05

申请号：US18177153

申请日：2023-03-02

申请人： Dell Products, L.P.

发明人： Vineeth Radhakrishnan ,  Mini Thottunkal Thankappan ,  Shinose Abdul Rahiman ,  Rama Rao Bisa ,  Dharma Bhushan Ramaiah

IPC分类号： H04L9/40

CPC分类号： H04L63/20 ,  H04L63/0428

摘要： According to embodiments of the present disclosure, an Information Handling System (IHS), systems and methods for dynamic policy assignment of secure communication using Security Protocol and Data Model (SPDM) are disclosed. An Information Handling System (IHS) includes a first SPDM-enabled device conforming to a SPDM specification, receives a request to transmit data to a second SPDM-enabled device, obtain one or more policies associated with a corresponding one or more transmission criteria of the first SPDM-enabled device relative to the second SPDM-enabled device, and determine whether the data is to be encrypted based upon whether a transmission of the data meets the transmission criteria. Based upon the determination, encrypt the data prior to transmitting the data to the second SPDM-enabled device.

公开(公告)号：US20240281299A1

公开(公告)日：2024-08-22

申请号：US18172994

申请日：2023-02-22

申请人： Dell Products, L.P.

发明人： Dharma Bhushan Ramaiah ,  Vineeth Radhakrishnan ,  Mini Thottunkal Thankappan ,  Shinose Abdul Rahiman ,  Rama Rao Bisa

IPC分类号： G06F9/50

CPC分类号： G06F9/5083

摘要： In one embodiment, an Information Handling System (IHS) includes multiple Security Protocol and Data Model (SPDM)-enabled devices in communication with multiple Baseboard Management Controllers (BMCs). Each of the BMCs includes executable code to negotiate with the other BMCs, management of a subset of the SPDM-enabled devices based on a hardware capability or a software capability of the SPDM-enabled device relative to the hardware capability or the software capability of the BMC, and manage the subset of devices by the BMC.

公开(公告)号：US20240311482A1

公开(公告)日：2024-09-19

申请号：US18183687

申请日：2023-03-14

申请人： Dell Products, L.P.

发明人： Deepaganesh Paulraj ,  Mini Thottunkal Thankappan ,  Rama Rao Bisa

IPC分类号： G06F21/57 ,  G06F21/44

CPC分类号： G06F21/57 ,  G06F21/44 ,  G06F2221/034

摘要： Systems and methods provide one or more host processor modules configured to host SPDM-enabled hardware devices, and a secure control module configured to host two or more baseboard management controllers. Each of the baseboard management controllers are configured to discover the SPDM-enabled hardware devices using SPDM messages, negotiate with at least one other baseboard management controller for access to individual ones of the SPDM-enabled hardware devices, and manage selected ones of the SPDM-enabled hardware devices.

公开(公告)号：US20240303317A1

公开(公告)日：2024-09-12

申请号：US18180963

申请日：2023-03-09

申请人： Dell Products, L.P.

发明人： A Anis Ahmed ,  Mini Thottunkal Thankappan ,  Vineeth Radhakrishnan ,  Dharma Bhushan Ramaiah

IPC分类号： G06F21/44

CPC分类号： G06F21/44

摘要： According to embodiments of the present disclosure, systems and methods for SPDM device and BMC pairing are provided. According to one embodiment, an Information Handling System (IHS) includes a Security Protocol and Data Model (SPDM)-enabled device conforming to a SPDM specification, and a Baseboard Management Controller (BMC) configured with computer executable instructions to provision a SPDM identity certificate of the BMC in the SPDM-enabled device, verify that the BMC has been paired with the SPDM-enabled device using the SPDM identity certificate, and when the authentication of the SPDM-enabled device fails, inhibit operation of the SPDM-enabled device in the IHS.

公开(公告)号：US20240296256A1

公开(公告)日：2024-09-05

申请号：US18177145

申请日：2023-03-02

申请人： Dell Products, L.P.

发明人： Dharma Bhushan Ramaiah ,  Vineeth Radhakrishnan ,  Mini Thottunkal Thankappan ,  Shinose Abdul Rahiman ,  Rama Rao Bisa

IPC分类号： G06F21/85 ,  G06F21/57

CPC分类号： G06F21/85 ,  G06F21/57

摘要： According to embodiments of the present disclosure, trust scores and related recommendations may be generated for an Information Handling System (IHS) with multiple Security Protocol and Data Model (SPDM)-enabled devices. The trust scores and recommendations may be provided by computer-executable instructions that, when executed by a processor, receive a plurality of trust-based data elements from a plurality of Security Protocol and Data Model (SPDM)-enabled devices conforming to a SPDM specification, and derive an overall trust based score for the IHS based upon the received trust-based data elements. The SPDM-enabled devices are configured in a computing device. The trust-based data element are associated with a plurality of SPDM-based measurements performed on the SPDM-enabled devices.

公开(公告)号：US20240296214A1

公开(公告)日：2024-09-05

申请号：US18177226

申请日：2023-03-02

申请人： Dell Products, L.P.

发明人： Rama Rao Bisa ,  Dharma Bhushan Ramaiah ,  Vineeth Radhakrishnan ,  Mini Thottunkal Thankappan ,  Shinose Abdul Rahiman

IPC分类号： G06F21/33 ,  G06F12/0875

CPC分类号： G06F21/33 ,  G06F12/0875 ,  G06F2212/1052 ,  G06F2212/45

摘要： According to embodiments of the present disclosure, a certificate caching system and method is provided using Security Protocol and Data Model (SPDM)-enabled Baseboard Management Controller (BMC). The system time verification system and method include program instructions that may be executed on an Information Handling System (HIS) to obtain a certificate from a SPDM-enabled device configured in a target computing device, identify a cache associated with the target computing device, determine whether the certificate is a hardware bound certificate, and store the certificate in the cache based upon the determination.

公开(公告)号：US20240305460A1

公开(公告)日：2024-09-12

申请号：US18181686

申请日：2023-03-10

申请人： Dell Products, L.P.

发明人： Viswanath Ponnuru ,  Chandrashekar Nelogal ,  Vineeth Radhakrishnan ,  Dharma Bhushan Ramaiah ,  Mini Thottunkal Thankappan ,  Rama Rao Bisa ,  Shinose Abdul Rahiman

IPC分类号： H04L9/32 ,  G06F9/445

CPC分类号： H04L9/32 ,  G06F9/44536

摘要： According to embodiments of the present disclosure, systems and methods to advertise Security Protocol and Data Model (SPDM) command timing requirements are provided. According to one embodiment, an Information Handling System (IHS) includes a requester and a responder conforming to a SPDM specification in which the responder is configured with computer-executable logic to, in response to a request from a requester, generate an estimated amount of time to process a SPDM command, and send the estimated amount of time to the requester in response to the request. The requester may then wait the estimated amount of time between sending each of multiple ensuing commands to the responder.

公开(公告)号：US20240297871A1

公开(公告)日：2024-09-05

申请号：US18177249

申请日：2023-03-02

申请人： Dell Products, L.P.

发明人： Mini Thottunkal Thankappan ,  Shinose Abdul Rahiman ,  Rama Rao Bisa ,  Dharma Bhushan Ramaiah ,  Vineeth Radhakrishnan

IPC分类号： H04L9/40

CPC分类号： H04L63/0428 ,  H04L63/102 ,  H04L63/166

摘要： According to embodiments of the present disclosure, a firmware cloning system and method provided using Security Protocol and Data Model (SPDM)-enabled devices. The firmware cloning system and method include program instructions that may be executed on a processing system to mutually authenticate with a source IHS to generate shared security keys, and end a request to the source IHS to generate a server profile comprising information associated with a configuration of the source HIS. A source HIS is configured to generate the server profile in response to the request, encrypt the server profile using one of the security keys, and send the encrypted server profile to the target HIS. The target HIS then is configured to receive the encrypted server profile, decrypt the encrypted server profile using a source of the shared security keys, and configure the target IHS according to the decrypted server profile.

公开(公告)号：US20240281515A1

公开(公告)日：2024-08-22

申请号：US18171893

申请日：2023-02-21

申请人： Dell Products, L.P.

发明人： Mini Thottunkal Thankappan ,  Shinose Abdul Rahiman ,  Rama Rao Bisa ,  Dharma Bhushan Ramaiah ,  Vineeth Radhakrishnan

IPC分类号： G06F21/44 ,  G06F21/57 ,  G06F21/64

CPC分类号： G06F21/44 ,  G06F21/575 ,  G06F21/64

摘要： According to embodiments of the present disclosure, an Information Handling System (IHS) includes a Security Protocol and Data Model (SPDM)-enabled device, and executable instructions that may be executed to obtain a SPDM-based measurement of a license associated with the SPDM-enabled device, compare the measurement against a Reference Integrity Measurement (RIM) initially generated for the SPDM-enabled device, and when the measurement and the RIM do not match, generate an alert message indicating that the license is invalid.