METHODS AND SYSTEMS FOR INFORMATION ASSURANCE AND SUPPLY CHAIN SECURITY

US 20130191879A1
Filed: 01/23/2012
Published: 07/25/2013
Est. Priority Date: 01/23/2012
Status: Abandoned Application

First Claim

Patent Images

1. An information handling system comprising:

a processor; and

a basic input/output system (BIOS) having stored thereon;

a database comprising information regarding one or more components of the information handling system, including one or more policies associated with the one or more components; and

a security agent embodied as one or more instructions on the BIOS and configured to, when read and executed by the processor;

interface with an authorized user of the security agent to allow the authorized user to access the information regarding the one or more components;

log events associated with the one or more components and store information associated with the events in the database; and

control execution of the one or more components in accordance with the one or more policies.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with additional embodiments of the present disclosure, a method may include storing information regarding one or more components of the information handling system to a database, the database stored on a basic input/output system (BIOS) of the information handling system prior to shipment of an information handling system. The method may also include, between the time of shipment of the information handling system to receipt of the information handling system by an intended customer of the information handling system: logging events associated with one or more components of the information handling system, and storing information associated with the events in the database. The method may further include interfacing with an authorized user of the information associated with the events to allow the authorized user to access the information associated with the events.

7 Citations

20 Claims

1. An information handling system comprising:
- a processor; and
  
  a basic input/output system (BIOS) having stored thereon;
  
  a database comprising information regarding one or more components of the information handling system, including one or more policies associated with the one or more components; and
  
  a security agent embodied as one or more instructions on the BIOS and configured to, when read and executed by the processor;
  
  interface with an authorized user of the security agent to allow the authorized user to access the information regarding the one or more components;
  
  log events associated with the one or more components and store information associated with the events in the database; and
  
  control execution of the one or more components in accordance with the one or more policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. An information handling system according to claim 1, wherein allowing the authorized user to access the information comprises accepting one or modifications to the one or more policies from the authorized user.
  - 3. An information handling system according to claim 1, the security agent configured to store information associated with the events by encrypting the information associated with the events.
  - 4. An information handling system according to claim 3, the information associated with the events encrypted with a private key corresponding to a public key accessible to the authorized user.
  - 5. An information handling system according to claim 1, further comprising a service processor communicatively coupled to the processor, and the security agent further configured to interface with the authorized user via the service processor.
  - 6. An information handling system according to claim 1, the security agent configured to log events associated with the one or more components and store information associated with the events in the database between the time the information handling system is delivered from the vendor and the time the information handling system is received by the customer.
  - 7. An information handling system according to claim 1, wherein the BIOS comprises a Unified Extensible Firmware Interface.

8. A method comprising:
- prior to shipment of an information handling system, storing information regarding one or more components of the information handling system to a database, the database stored on a basic input/output system (BIOS) of the information handling system;
  
  between the time of shipment of the information handling system to receipt of the information handling system by an intended customer of the information handling system;
  
  logging events associated with one or more components of the information handling system; and
  
  storing information associated with the events in the database; and
  
  interfacing with an authorized user of the information associated with the events to allow the authorized user to access the information associated with the events.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. A method according to claim 8, the information regarding the one or more components including one or more policies associated with the one or more components and the method further comprising interfacing with the authorized user to modify the one or more policies.
  - 10. A method according to claim 9, further comprising logging events associated with the one or more events in accordance with the one or more policies.
  - 11. A method according to claim 9, further comprising controlling execution of the one or more components in accordance with the one or more policies.
  - 12. A method according to claim 8, wherein storing information associated with the events in the database comprises encrypting the information associated with the events.
  - 13. A method according to claim 12, the information associated with the events encrypted with a private key corresponding to a public key accessible to the authorized user.
  - 14. A method according to claim 8, wherein the BIOS comprises a Unified Extensible Firmware Interface.

15. An article of manufacture, comprising:
- a computer readable medium; and
  
  computer-executable instructions carried on the computer readable medium, the instructions readable by a processor, the instructions, when read and executed, for causing the processor to;
  
  prior to shipment of an information handling system, store information regarding one or more components of the information handling system to a database, the database stored on a basic input/output system (BIOS) of the information handling system;
  
  between the time of shipment of the information handling system to receipt of the information handling system by an intended customer of the information handling system;
  
  log events associated with one or more components of the information handling system; and
  
  store information associated with the events in the database; and
  
  interface with an authorized user of the information associated with the events to allow the authorized user to access the information associated with the events.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. An article of manufacture according to claim 15, the information regarding the one or more components including one or more policies associated with the one or more components and the instructions further for causing the processor to comprising interface with the authorized user to modify the one or more policies.
  - 17. An article of manufacture according to claim 16, the instructions further for causing the processor to log events associated with the one or more events in accordance with the one or more policies.
  - 18. An article of manufacture according to claim 16, the instructions further for causing the processor to control execution of the one or more components in accordance with the one or more policies.
  - 19. An article of manufacture according to claim 15, wherein storing information associated with the events in the database comprises encrypting the information associated with the events with a private key corresponding to a public key accessible to the authorized user.
  - 20. An article of manufacture according to claim 15, wherein the BIOS comprises a Unified Extensible Firmware Interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dell Products LP (Dell Technologies Inc.)
Original Assignee
Dell Products LP (Dell Technologies Inc.)
Inventors
Jaber, Muhammed, Khatri, Mukund Purshottam, Holmberg, Richard

Application Number

US13/355,788
Publication Number

US 20130191879A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/57   Certifying or maintaining t...

G06F 2221/2101   Auditing as a secondary aspect

METHODS AND SYSTEMS FOR INFORMATION ASSURANCE AND SUPPLY CHAIN SECURITY

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

7 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS AND SYSTEMS FOR INFORMATION ASSURANCE AND SUPPLY CHAIN SECURITY

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links