Digitally sealing equipment for authentication of components
First Claim
1. A method of authenticating rack components, comprising:
- reading device identifiers for hardware components within a rack;
generating a digital seal representing a configuration of the rack using the device identifiers, wherein the digital seal includes a unique identifier that is a combination of the device identifiers;
storing the digital seal in non-volatile storage within the rack during shipment of the rack;
after shipment of the rack, re-reading the device identifiers and generating a current measurement; and
authenticating the components within the rack by verifying that the digital seal matches the current measurement.
1 Assignment
0 Petitions
Accused Products
Abstract
A digital seal of a current configuration of a rack can be generated to authenticate that rack components within the rack remain unchanged during transport. At a manufacturing site, an agent can be executed so as to capture a plurality of device identifiers, which indicate what hardware or software components are present in the rack. A digital seal representing a current configuration of the rack can be generated using the device identifiers and stored at a secure location within the rack. When the rack is transported from one location to another, the digital seal of the rack travels with the rack. At a data center, the rack can be re-tested and a new measurement can be captured. The stored digital seal can be compared to the new measurement to ensure that the rack components have not been compromised during shipping.
75 Citations
18 Claims
-
1. A method of authenticating rack components, comprising:
-
reading device identifiers for hardware components within a rack; generating a digital seal representing a configuration of the rack using the device identifiers, wherein the digital seal includes a unique identifier that is a combination of the device identifiers; storing the digital seal in non-volatile storage within the rack during shipment of the rack; after shipment of the rack, re-reading the device identifiers and generating a current measurement; and authenticating the components within the rack by verifying that the digital seal matches the current measurement. - View Dependent Claims (2, 3, 4)
-
-
5. A method, comprising:
-
interrogating rack hardware components within a rack to obtain identifiers associated therewith; generating, using a processor coupled to or in the rack, a digital seal of a current configuration of the rack using the obtained identifiers; storing the digital seal using the processor within a Trusted Platform Module (TPM), the processor and the TPM being separate components within the rack; and validating the rack by generating a digital measurement using the identifiers and comparing the digital measurement to the digital seal. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system, comprising:
-
a rack of components including a server computer, the server computers including a motherboard having a processor; and an agent for execution on the rack of components to determine hardware components included in the rack of components after shipment of the rack of components, the agent for generating a first unique identifier for the determined components and for storing the unique identifier within the rack of components, wherein the first unique identifier is a concatenation of identifiers of the hardware components, and is configured to re-determine the hardware components included in the rack of components to generate a second unique identifier and to authenticate the rack of components by determining whether the second unique identifier and the first unique identifier match. - View Dependent Claims (15, 16, 17, 18)
-
Specification