Secure configuration of computing device

US 8,631,241 B2
Filed: 06/22/2012
Issued: 01/14/2014
Est. Priority Date: 07/26/2005
Status: Active Grant

First Claim

Patent Images

1. A method of securely configuring a computing device, the method comprising:

receiving a configuration indication into the computing device, the configuration indication including a configuration file and an encrypted digest of the configuration file, the encrypted digest being formed by producing a first digest of the configuration file and encrypting the first digest, the configuration file including a unique identifier associated with the computing device;

verifying, at the computing device, that the received configuration indication is authentic, the verifying including;

generating a second digest of the received configuration file;

decrypting the received encrypted digest to produce a decrypted digest; and

comparing the second digest with the decrypted digest;

operating or interoperating with the computing device in accordance with the received configuration file when the second digest and the decrypted digest match, and with another configuration file when there is no match,wherein the configuration indication is a collection of data indicating a configuration for at least a plurality of operations of the computing device,the collection of data includes a collection of key/value pairs, andthe collection of key/value pairs is defined by a markup language.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with a broad aspect, a method is provided to securely configure a computing device. A configuration indication is received into the computing device, including receiving a digital signature generated based on the configuration indication. Generation of the digital signature accounts for a unique identifier nominally associated with the computing device. The received configuration indication may be verified to be authentic including processing the unique identifier, the received configuration indication and the received digital signature. The computing device may be operated or interoperated with in accordance with the received configuration indication. In one example, a service interoperates with the computing device. For example, the computing device may be a portable media player, and the service may provide media to the computing device based on a capacity indication of the configuration indication.

38 Citations

18 Claims

1. A method of securely configuring a computing device, the method comprising:
- receiving a configuration indication into the computing device, the configuration indication including a configuration file and an encrypted digest of the configuration file, the encrypted digest being formed by producing a first digest of the configuration file and encrypting the first digest, the configuration file including a unique identifier associated with the computing device;
  
  verifying, at the computing device, that the received configuration indication is authentic, the verifying including;
  
  generating a second digest of the received configuration file;
  
  decrypting the received encrypted digest to produce a decrypted digest; and
  
  comparing the second digest with the decrypted digest;
  
  operating or interoperating with the computing device in accordance with the received configuration file when the second digest and the decrypted digest match, and with another configuration file when there is no match,wherein the configuration indication is a collection of data indicating a configuration for at least a plurality of operations of the computing device,the collection of data includes a collection of key/value pairs, andthe collection of key/value pairs is defined by a markup language.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the markup language is an extensible markup language.
  - 3. The method of claim 2, wherein the extensible markup language is XML.
  - 4. The method of claim 3, wherein the collection of data includes a binary encoding of XML.
  - 5. The method of claim 1, wherein the received encrypted digest is created in association with a provider of the configuration indication based on a private key of a public/private key pair;
    - and wherein the decrypting of the encrypted digest uses a public key of the public/private key pair.
  - 6. The method of claim 5, wherein the verifying comprises comparing the unique identifier provided in the configuration file to a unique identifier previously assigned to the computing device.

7. A non-transitory computer readable medium including at least computer program code stored therein for securely configuring a computing device, the non-transitory computer readable medium comprising:
- computer program code for receiving a configuration indication at the computing device, the configuration indication including a configuration file and an encrypted digest of the configuration file, the encrypted digest being formed by producing a first digest of the configuration file and encrypting the first digest, the configuration file including a unique identifier associated with the computing device;
  
  computer program code for verifying that the received configuration indication is authentic, the verifying including at least generating a second digest of the received configuration file, decrypting the received encrypted digest to produce a decrypted digest, and comparing the second digest with the decrypted digest;
  
  computer program code for causing the computing device to operate in accordance with the received configuration file when the second digest and the decrypted digest match, and with another configuration file when there is no match,wherein the configuration indication is a collection of data indicating a configuration for at least a plurality of operations of the computing device,The collection of data includes a collection of key/value pairs, andthe collection of key/value pairs is defined by a markup language.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The non-transitory computer readable medium of claim 7, wherein the markup language is an extensible markup language.
  - 9. The non-transitory computer readable medium of claim 8, wherein the extensible markup language is XML.
  - 10. The non-transitory computer readable medium of claim 9, wherein the collection of data includes a binary encoding of XML.
  - 11. The non-transitory computer readable medium of claim 7, wherein the received encrypted digest is created in association with a provider of the configuration indication based on a private key of a public/private key pair;
    - and wherein the decrypting of the encrypted digest uses a public key of the public/private key pair.
  - 12. The non-transitory computer readable medium of claim 11, wherein the verifying comprises comparing the unique identifier provided in the configuration file to a unique identifier previously assigned to the computing device.

13. A system comprising:
- a memory; and
  
  a processor configured to retrieve and execute instructions from the memory to;
  
  receive a configuration indication into the computing device, the configuration indication including a configuration file and an encrypted digest of the configuration file, the encrypted digest being formed by producing a first digest of the configuration file and encrypting the first digest, the configuration file including a unique identifier associated with the computing device;
  
  verify, at the computing device, that the received configuration indication is authentic including, wherein to verify, the processor is further configured to;
  
  generate a second digest of the received configuration file;
  
  decrypt the received encrypted digest to produce a decrypted digest; and
  
  compare the second digest with the decrypted digest;
  
  operate or interoperate with the computing device in accordance with the received configuration file when the second digest and the decrypted digest match, and with another configuration file when there is no match,wherein the configuration indication is a collection of data indicating a configuration for at least a plurality of operations of the computing device,the collection of data includes a collection of key/value pairs, andthe collection of key/value pairs is defined by a markup language.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The system of claim 13, wherein the markup language is an extensible markup language.
  - 15. The system of claim 14, wherein the extensible markup language is XML.
  - 16. The system of claim 15, wherein the collection of data includes a binary encoding of XML.
  - 17. The system of claim 13, wherein the received encrypted digest is created in association with a provider of the configuration indication based on a private key of a public/private key pair;
    - and wherein the decrypting of the encrypted digest uses a public key of the public/private key pair.
  - 18. The system of claim 17, wherein the verifying comprises comparing the unique identifier provided in the configuration file to a unique identifier previously assigned to the computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Wysocki, Christopher R., Ward, Alan
Primary Examiner(s)
Rahman, Mahfuzur

Application Number

US13/531,357
Publication Number

US 20120297199A1
Time in Patent Office

571 Days
Field of Search

713/180
US Class Current

713/180
CPC Class Codes

G06Q 20/3678   e-cash details, e.g. blinde...

H04L 63/10   for controlling access to d...

H04L 63/123   received data contents, e.g...

Secure configuration of computing device

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Secure configuration of computing device

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links