Secure factory data generation and restoration
First Claim
1. An electronic device comprising:
- one or more sensor modules, each sensor module associated with an identifier unique to each sensor module;
a secure storage device to store a factory data service trust object; and
a processor to send a request with the factory data service trust object to a server coupled to storage containing updated factory data associated with the unique identifier for one or more sensor modules and to store updated factory data from the server in the secure storage device if the factory data service trust object is validated based on the request and a signature of a sealing manifest related to the updated factory data is verified using the factory data service trust object.
0 Assignments
0 Petitions
Accused Products
Abstract
In various embodiments, methods, devices and systems for securely generating, sealing, and restoring factory-generated calibration and provisioning data for an electronic device are described, in which calibration and provisioning data for an electronic device are generated in a distributed manner and stored on a storage system. The calibration data can be retrieved from the storage system during device assembly and finalized calibration and provisioning data for each electronic device can be stored to the storage system. In one embodiment, a sealing server, to attest to the authenticity of the factory generated data, seals the finalized calibration data. In one embodiment, an electronic device can access a data store containing the factory-generated data and can update or restore calibration or provisioning data for the device from the data store.
-
Citations
31 Claims
-
1. An electronic device comprising:
-
one or more sensor modules, each sensor module associated with an identifier unique to each sensor module; a secure storage device to store a factory data service trust object; and a processor to send a request with the factory data service trust object to a server coupled to storage containing updated factory data associated with the unique identifier for one or more sensor modules and to store updated factory data from the server in the secure storage device if the factory data service trust object is validated based on the request and a signature of a sealing manifest related to the updated factory data is verified using the factory data service trust object. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for an electronic device comprising:
-
sending a request to a server coupled to storage containing updated factory data associated with a the unique identifier to one or more sensor modules of the electronic device, wherein the request includes a factory data service trust object; and storing the updated factory data from the server related to one or more sensor modules if the server validates the factory data service trust object based on the request and a signature of a sealing manifest related to the updated factory data is verified using the factory data service trust object. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A computing device comprising:
-
means for sending a request to a server coupled to storage containing updated factory data associated with a unique identifier to one or more sensor modules of the electronic device, wherein the request includes a factory data service trust object; and means for storing the updated factory data related to one or more sensor modules if the server validates the fact data service trust object based on the request and a signature of a sealing manifest related to the updated factory data is verified using the factory data service trust object. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A non-transitory machine readable medium, including instructions, which if executed by a computing device, causes the computing device to perform a method comprising:
-
sending a request to a server coupled to storage contained updated factory data associated with a unique identifier to one or more sensor modules of the computing, wherein the request includes a factory data service trust object; and storing the updated factory data from the server related to one or more sensor modules if the server validates the fact data service trust object based on the request and a signature of a sealing manifest related to the updated factory data is verified using the factory data service trust object. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
-
Specification