DEVICE COMPONENT ROLL BACK PROTECTION SCHEME
First Claim
Patent Images
1. A computer readable storage medium including computer readable instructions for enforcing a policy, the computer readable instructions comprising:
- instructions for determining whether a subcomponent currently attached to a device is listed in a subcomponent list, wherein the subcomponent list includes identification information for a subcomponent attached to the device during a manufacturing process; and
instructions for performing an action in accordance with a security policy in response to the determination.
2 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the present disclosure describe techniques for enforcing a subcomponent related security policy for closed computing systems. A closed computing system can include a list of subcomponents that identify the subcomponents it was manufactured with. The list can be used to determine if any currently attached subcomponents are different than the original ones. If a new subcomponent is detected, the device can perform a predetermined action in accordance with a security policy.
26 Citations
20 Claims
-
1. A computer readable storage medium including computer readable instructions for enforcing a policy, the computer readable instructions comprising:
-
instructions for determining whether a subcomponent currently attached to a device is listed in a subcomponent list, wherein the subcomponent list includes identification information for a subcomponent attached to the device during a manufacturing process; and instructions for performing an action in accordance with a security policy in response to the determination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A closed computing device comprising:
-
at least one subcomponent operatively coupled to a main board of the device; and a protected memory location integrated with the main board that includes a subcomponent list and an encrypted hash of information in the subcomponent list, wherein the information in the subcomponent list includes identification information for a subcomponent attached to the main board during a manufacturing process. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method for enabling the enforcement of a hardware based policy, the method comprising:
-
receiving, from a device, information related to a plurality of subcomponents in the device; generating a hash of the information related to the plurality of subcomponents in the device and a device identifier associated with the device; encrypting the hash using a private encryption key; and transmitting, to the device, the encrypted hash. - View Dependent Claims (18, 19, 20)
-
Specification