Security Profiling of System Firmware and Applications from an OOB Appliance at a Differentiated Trust Boundary
First Claim
1. A computer-implementable method for performing a security vulnerability detection operation, comprising:
- configuring a firmware security profiling environment with a trusted host and a trusted service processor;
receiving a firmware update file via the trusted service processor;
using the trusted service processor to identify a security vulnerability within the firmware update file; and
,installing the firmware update file to the information handling system only when no security vulnerability is identified by the trusted service processor, the installing being performed by the trusted host.
5 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer-readable medium for a security vulnerability detection operation. The security vulnerability operation includes configuring a firmware security profiling environment with a trusted host and a trusted service processor; receiving a firmware update file via the trusted service processor; using the trusted service processor to identify a security vulnerability within the firmware update file; and, installing the firmware update file to the information handling system only when no security vulnerability is identified by the trusted service processor, the installing being performed by the trusted host.
10 Citations
20 Claims
-
1. A computer-implementable method for performing a security vulnerability detection operation, comprising:
-
configuring a firmware security profiling environment with a trusted host and a trusted service processor; receiving a firmware update file via the trusted service processor; using the trusted service processor to identify a security vulnerability within the firmware update file; and
,installing the firmware update file to the information handling system only when no security vulnerability is identified by the trusted service processor, the installing being performed by the trusted host. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
-
a processor; a data bus coupled to the processor; and a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for; configuring a firmware security profiling environment with a trusted host and a trusted service processor; receiving a firmware update file via the trusted service processor; using the trusted service processor to identify a security vulnerability within the firmware update file; and
,installing the firmware update file to the information handling system only when no security vulnerability is identified by the trusted service processor, the installing being performed by the trusted host. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for:
-
configuring a firmware security profiling environment with a trusted host and a trusted service processor; receiving a firmware update file via the trusted service processor; using the trusted service processor to identify a security vulnerability within the firmware update file; and
,installing the firmware update file to the information handling system only when no security vulnerability is identified by the trusted service processor, the installing being performed by the trusted host. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification