Agent presence monitor configured to execute in a secure environment
First Claim
1. A method for confirming an agent presence, the method comprising:
- executing a presence verifier from a secure execution environment, wherein the secure execution environment comprises at least one of a service processor, a virtual partition, an embedded microcontroller, and a system management mode;
using the presence verifier to monitor a signal communicated from the agent, wherein the agent is outside the secure execution environment; and
analyzing the signal to determine an operational state of the agent.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of a method and system for detecting and confirming an agent presence are disclosed herein. The agent presence can be confirmed by a secure management engine configured to execute in a secure execution environment. In various embodiments, a secure execution environment includes a service processor, a virtual partition, and an embedded microcontroller. The management engine is configured to monitor a signal communicated from the agent. Based on the monitored signal, an analysis determines an operational state of the agent. Embodiments include remote management applicability for monitoring a host agent.
-
Citations
25 Claims
-
1. A method for confirming an agent presence, the method comprising:
-
executing a presence verifier from a secure execution environment, wherein the secure execution environment comprises at least one of a service processor, a virtual partition, an embedded microcontroller, and a system management mode;
using the presence verifier to monitor a signal communicated from the agent, wherein the agent is outside the secure execution environment; and
analyzing the signal to determine an operational state of the agent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-readable medium having stored thereon instructions, which when executed in a system confirm an agent presence, wherein the confirmation comprises:
-
executing a management engine from a secure execution setting, wherein the secure execution setting comprises at least one of a service processor, a virtual partition, an embedded microcontroller, and a system management mode;
using the management engine to monitor a signal communicated from the agent, wherein the agent is outside the secure execution setting; and
analyzing the signal to determine a condition of the agent. - View Dependent Claims (18)
-
-
12. The medium of the 11, wherein the confirmation further comprises registering the host agent with the management engine.
-
13. The medium of the 11, wherein the confirmation further comprises communicating the signal from the agent to the management engine through a network interface controller.
-
14. The medium of the 11, wherein the confirmation further comprises communicating the signal from the agent to the management engine through a hardware driver interfacing at least one register associated with the secure execution setting.
- 15. The medium of the 11, wherein the confirmation further comprises configuring the agent to issue an encrypted signal to the management engine.
-
17. The medium of the 11, wherein the confirmation further comprises registering the agent by using a one-way cryptographic hash associated with an identification property of the agent.
-
19. A system configured to validate an agent presence, the system comprising:
-
a secure operating environment that comprises at least one of a service processor, a virtual partition, an embedded microcontroller, and a system management partition; and
a management engine configured to execute from the secure operating environment, the management engine further configured to, monitor a signal issued from an agent associated with a host, wherein the agent is outside the secure operating environment; and
determine an operational condition of the agent based on an analysis of the monitored signal. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification