Trusted updates
First Claim
1. A computing apparatus operable for use as an enterprise client device, comprising:
- a database storage medium; and
one or more logic elements configured as a system management client engine operable for;
designating a first executable object as a trusted installer;
assigning an identification token to the trusted installer;
assigning the identification token to a second executable object, wherein the second executable object is a child of the first executable object; and
granting the second executable object trusted installer status configured to persist across an event that breaks a trust chain between the first executable object and the second executable object.
4 Assignments
0 Petitions
Accused Products
Abstract
In an example, a system and method are described for providing trusted updaters and trusted processes. An updater may be subject to a whitelist of files that it, and any child processes, are allowed to modify. But trust inheritance may break across reboots and over interprocess communication. Thus, it is desirable to provide a system and method to maintain trust across such events. In the case of a trusted installer, inheritance may be maintained by cross referencing a digital certificate to a workflow grid. In the case of updater processes, trust may be maintained by using a combination of digital certificates that are part of a trust chain and a unique identifier for each trust chain workflow.
-
Citations
25 Claims
-
1. A computing apparatus operable for use as an enterprise client device, comprising:
-
a database storage medium; and one or more logic elements configured as a system management client engine operable for; designating a first executable object as a trusted installer; assigning an identification token to the trusted installer; assigning the identification token to a second executable object, wherein the second executable object is a child of the first executable object; and granting the second executable object trusted installer status configured to persist across an event that breaks a trust chain between the first executable object and the second executable object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. One or more non-transitory computer-readable mediums having stored thereon executable instructions for providing a system management client engine operable for:
-
designating a first executable object as a trusted installer; assigning an identification token to the trusted installer; assigning the identification token to a second executable object, wherein the second executable object is a child of the first executable object; and granting the second executable object trusted installer status configured to persist across an event that breaks a trust chain between the first executable object and the second executable object. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method of providing a system management client engine, comprising:
-
designating a first executable object as a trusted installer; assigning an identification token to the trusted installer; assigning the identification token to a second executable object, wherein the second executable object is a child of the first executable object; and granting the second executable object trusted installer status configured to persist across an event that breaks a trust chain between the first executable object and the second executable object. - View Dependent Claims (23, 24, 25)
-
Specification