SYSTEMS AND METHODS FOR MULTI-LAYERED AUTHENTICATION/VERIFICATION OF TRUSTED PLATFORM UPDATES
First Claim
1. A system incorporating multilayered authentication of trusted platform updates, comprising:
- a processor;
at least one firmware component coupled to the processor; and
a personality module coupled to the processor, wherein the personality module is operable to store first cryptographic data, wherein the first cryptographic data corresponds to a previously verified firmware component;
wherein the processor is operable to;
retrieve the first cryptographic data,determine second cryptographic data, wherein the second cryptographic data corresponds to an unverified firmware component,determine if the first cryptographic data matches the second cryptographic data, andallow an update of the at least one firmware component with the unverified firmware component if;
the first cryptographic data matches the second cryptographic data, andthe unverified firmware component includes a digital signature of a manufacturer.
14 Assignments
0 Petitions
Accused Products
Abstract
In accordance with the present disclosure, a system and method for multilayered authentication of trusted platform updates is described. The method may include storing first cryptographic data in a personality module of an information handling system, with the first cryptographic data corresponding to a verified firmware component. A second cryptographic data may also be determined, with the second cryptographic data corresponding to an unverified firmware component. The unverified firmware component may be stored in a memory element of the information handling system, and the second cryptographic data may be determined using a processor of the information handling system. The method may further include determining if the first cryptographic data matches the second cryptographic data and updating firmware in the information handling system with the unverified firmware component if the first cryptographic data matches the second cryptographic data, and the unverified firmware component includes a digital signature of a manufacturer.
32 Citations
20 Claims
-
1. A system incorporating multilayered authentication of trusted platform updates, comprising:
-
a processor; at least one firmware component coupled to the processor; and a personality module coupled to the processor, wherein the personality module is operable to store first cryptographic data, wherein the first cryptographic data corresponds to a previously verified firmware component; wherein the processor is operable to; retrieve the first cryptographic data, determine second cryptographic data, wherein the second cryptographic data corresponds to an unverified firmware component, determine if the first cryptographic data matches the second cryptographic data, and allow an update of the at least one firmware component with the unverified firmware component if; the first cryptographic data matches the second cryptographic data, and the unverified firmware component includes a digital signature of a manufacturer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for multilayered authentication of trusted platform updates, comprising:
-
storing first cryptographic data in a personality module of an information handling system, wherein the first cryptographic data corresponds to a previously verified firmware component; determining second cryptographic data, wherein the second cryptographic data corresponds to an unverified firmware component, wherein the unverified firmware component is stored in a memory element of the information handling system, and wherein the second cryptographic data is determined using a processor of the information handling system; determining if the first cryptographic data matches the second cryptographic data; and updating firmware in the information handling system with the unverified firmware component if; the first cryptographic data matches the second cryptographic data, and the unverified firmware component includes a digital signature of a manufacturer. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for multilayered authentication of trusted platform updates, comprising:
-
determining first cryptographic data, wherein the first cryptographic data comprises a digital signature value corresponding to a verified firmware component; storing the first cryptographic data and an update policy in a personality module of an information handling system; determining second cryptographic data using a processor in the information handling system, wherein the second cryptographic data comprises a hash value corresponding to an unverified firmware component, wherein the unverified firmware component comprises a firmware version; determining if the first cryptographic data matches the second cryptographic data, wherein determining if the first cryptographic data matches the second cryptographic data comprises the steps of; decrypting the digital signal value using a public key to obtain a hash value corresponding to the verified firmware component, and comparing the hash value corresponding to the verified firmware component to the hash value corresponding to the unverified firmware component; and updating firmware in the information handling system with the unverified firmware component if; the first cryptographic data matches the second cryptographic data, the unverified firmware component includes a digital signature of a manufacturer, and the update policy allows an update to the firmware version of the unverified firmware component. - View Dependent Claims (19, 20)
-
Specification