System and Method for Secure Provisioning of an Information Handling System

US 20100100733A1
Filed: 10/17/2008
Published: 04/22/2010
Est. Priority Date: 10/17/2008
Status: Active Grant

First Claim

Patent Images

1. An information handling system comprising:

a processor;

a memory communicatively coupled to the processor; and

an access controller communicatively coupled to the processor, the access controller having stored thereon an enterprise public key associated with an enterprise private key and a platform private key associated with the information handling system, the access controller configured to;

authenticate communications received from a provisioning server communicatively coupled to the access controller based at least on an enterprise public certificate associated with the provisioning server; and

establish an asymmetrically cryptographic communications channel between the access controller and the provisioning server based at least on a platform public key associated with the platform private key, the platform private key, the enterprise public key, and the enterprise private key.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for reducing problems and disadvantages associated with provisioning of information handling systems, including without limitation those associated with bare metal provisioning of information handling systems, are disclosed. A system may include a processor, and a memory and an access controller each communicatively coupled to the processor. The access controller may store an enterprise public key associated with an enterprise private key and a platform private key associated with the system. The access controller may be configured to: (i) authenticate communications received from a provisioning server communicatively coupled to the access controller based at least on an enterprise public certificate associated with the provisioning server and (ii) establish an asymmetrically cryptographic communications channel between the access controller and the provisioning server based at least on a platform public key associated with the platform private key, the platform private key, the enterprise public key, and the enterprise private key.

Citations

20 Claims

1. An information handling system comprising:
- a processor;
  
  a memory communicatively coupled to the processor; and
  
  an access controller communicatively coupled to the processor, the access controller having stored thereon an enterprise public key associated with an enterprise private key and a platform private key associated with the information handling system, the access controller configured to;
  
  authenticate communications received from a provisioning server communicatively coupled to the access controller based at least on an enterprise public certificate associated with the provisioning server; and
  
  establish an asymmetrically cryptographic communications channel between the access controller and the provisioning server based at least on a platform public key associated with the platform private key, the platform private key, the enterprise public key, and the enterprise private key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. An information handling system according to claim 1, the access controller further configured to encrypt communications to the provisioning server using the enterprise public key.
  - 3. An information handling system according to claim 1, the access controller further configured to decrypt communications from the provisioning server using the platform private key.
  - 4. An information handling system according to claim 1, the access controller further configured to provision the information handling system via communications received via the asymmetrically cryptographic communications channel.
  - 5. An information handling system according to claim 1, the access controller further configured to establish a second asymmetrically cryptographic communications channel between the access controller and the provisioning server based at least on enterprise-provided credentials other than the enterprise public key and the enterprise private key.
  - 6. An information handling system according to claim 5, the access controller further configured to provision the information handling system via communications received via the second asymmetrically cryptographic communications channel.
  - 7. An information handling system according to claim 1, wherein the enterprise public key is communicated to the supplier by an enterprise.

8. A method for secure provisioning of an information handling system, comprising:
- storing an enterprise public key associated with an enterprise private key and a platform private key on an access controller associated with an information handling system;
  
  communicating a platform public key associated with the platform private key to an enterprise; and
  
  storing a program of instructions on the access controller, the program of instructions configured to, when executed;
  
  authenticate communications received from a provisioning server communicatively coupled to the access controller based at least on an enterprise public certificate associated with the provisioning server; and
  
  establish an asymmetrically cryptographic communications channel between the access controller and the provisioning server based at least on the platform public key, the platform private key, the enterprise public key, and the enterprise private key.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. A method according to claim 8, the program of instructions further configured to encrypt communications to the provisioning server using the enterprise public key.
  - 10. A method according to claim 8, the program of instructions further configured to decrypt communications from the provisioning server using the platform private key.
  - 11. A method according to claim 8, the program of instructions further configured to provision the information handling system via communications received via the asymmetrically cryptographic communications channel.
  - 12. A method according to claim 8, the program of instructions further configured to establish a second asymmetrically cryptographic communications channel between the access controller and the provisioning server based at least on enterprise-provided credentials other than the enterprise public key and the enterprise private key.
  - 13. A method according to claim 12, the program of instructions further configured to provision the information handling system via communications received via the second asymmetrically cryptographic communications channel.
  - 14. A method according to claim 8, further comprising receiving the enterprise public key from the enterprise.

15. A method for secure provisioning of an information handling system, comprising:
- providing a supplier of an information handling system with an enterprise public key associated with an enterprise private key;
  
  receiving from the supplier a platform public key associated with a platform private key;
  
  storing the enterprise public key and the platform public key on computer-readable media associated with a provisioning server; and
  
  storing a program of instructions on the computer-readable media associated with the provisioning server, the program of instructions configured to, when executed;
  
  authenticate communications received from an access controller associated with the information handling system and communicatively coupled to the provisioning server based at least on a platform public certificate associated with the information handling system; and
  
  establish an asymmetrically cryptographic communications channel between the provisioning server and the access controller based at least on the platform public key, the platform private key, the enterprise public key, and the enterprise private key.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. A method according to claim 15, the program of instructions further configured to encrypt communications to the information handling system using the enterprise public key.
  - 17. A method according to claim 15, the program of instructions further configured to decrypt communications from the information handling system using the platform private key.
  - 18. A method according to claim 15, the program of instructions further configured to provision the information handling system via communications received via the asymmetrically cryptographic communications channel.
  - 19. A method according to claim 15, the program of instructions further configured to:
    - generate credentials other than the enterprise public key and the enterprise private key; and
      
      establish a second asymmetrically cryptographic communications channel between the access controller and the provisioning server based at least on the enterprise-provided credentials.
  - 20. A method according to claim 19, the program of instructions further configured to provision the information handling system via communications received via the second asymmetrically cryptographic communications channel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dell Products LP (Dell Technologies Inc.)
Original Assignee
Dell Products LP (Dell Technologies Inc.)
Inventors
Wilson, John, Webb, Theodore III, Jaber, Muhammed, Shetty, Sudhir

Granted Patent

US 8,589,682 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3215   using a plurality of channe...

H04L 9/3263   involving certificates, e.g...

System and Method for Secure Provisioning of an Information Handling System

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Secure Provisioning of an Information Handling System

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links