Dynamic platform reconfiguration by multi-tenant service providers
First Claim
Patent Images
1. A method comprising:
- receiving a request at a manageability engine in a platform from a service provider'"'"'s remote server to activate a feature of the platform coupled to said manageability engine;
in response to said request, requesting in a secure fashion, proof of the service provider'"'"'s authority to modify the platform including a certificate from a permit server that this service provider is authorized by a manufacturer of the manageability engine to use the platform feature;
checking the certificate to prevent another service provider from using the platform feature;
sending a request for verification of the service provider'"'"'s authority to use the feature of the platform coupled to a processor;
verifying that the service provider is authorized by a manufacturer of the processor to use the feature;
activating the feature only for use by the service provider; and
requesting, said proof using a cryptographic scheme enabling remote authentication of hardware devices, while preserving a privacy of a device owner, and using an embedded private key within said manageability engine to indicate that the service provider is certified by the manufacturer of the manageability engine.
1 Assignment
0 Petitions
Accused Products
Abstract
A manageability engine or adjunct processor on a computer platform may receive a request for activation and use of features embedded within that platform from a service provider authorized by the manageability engine'"'"'s manufacturer. The manageability engine may initiate a request for authority through the service provider to a permit server. The permit server may provide, through the service provider, proof of the service provider'"'"'s authority, together with a certificate identifying the service provider. Then the manageability engine may enable activation of the features on the platform coupled to the manageability engine, but only by the one particular service provider who has been authorized.
-
Citations
26 Claims
-
1. A method comprising:
-
receiving a request at a manageability engine in a platform from a service provider'"'"'s remote server to activate a feature of the platform coupled to said manageability engine; in response to said request, requesting in a secure fashion, proof of the service provider'"'"'s authority to modify the platform including a certificate from a permit server that this service provider is authorized by a manufacturer of the manageability engine to use the platform feature; checking the certificate to prevent another service provider from using the platform feature; sending a request for verification of the service provider'"'"'s authority to use the feature of the platform coupled to a processor; verifying that the service provider is authorized by a manufacturer of the processor to use the feature; activating the feature only for use by the service provider; and requesting, said proof using a cryptographic scheme enabling remote authentication of hardware devices, while preserving a privacy of a device owner, and using an embedded private key within said manageability engine to indicate that the service provider is certified by the manufacturer of the manageability engine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more non-transitory computer readable medium storing instructions to enable a processor to perform a sequence comprising:
-
receiving a request at a manageability engine in a platform from a service provider'"'"'s remote server to activate a feature of the platform coupled to said manageability engine; in response to said request, requesting in a secure fashion, proof of the service provider'"'"'s authority to modify the platform including a certificate from a permit server that this service provider is authorized by a manufacturer of the manageability engine to use the platform feature; checking the certificate to prevent another service provider from using the platform feature; sending a request for verification of the service provider'"'"'s authority to use the feature of the platform coupled to a processor; verifying that the service provider is authorized by a manufacturer of the processor to use the feature; activating the feature only for use by the service provider; and requesting said proof using a cryptographic scheme enabling remote authentication of hardware devices, while preserving a privacy of a device owner, and using an embedded private key within said manageability engine to indicate that the service provider is certified by the manufacturer of the manageability engine. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An apparatus comprising:
-
a hardware processor to receive a request at a manageability engine in a platform from a service provider'"'"'s remote server to activate a feature of the platform coupled to said manageability engine; in response to said request, request in a secure fashion, proof of the service provider'"'"'s authority to modify the platform including a certificate from a permit server that this service provider is authorized by a manufacturer of the manageability engine to use the platform feature; check the certificate to prevent another service provider from using the platform feature; send a request for verification of the service provider'"'"'s authority to use the feature of the platform coupled to a processor; verify that the service provider is authorized by a manufacturer of the processor to use the feature; activate the feature only for use by the service provider; and request said proof using a cryptographic scheme enabling remote authentication of hardware devices, while preserving a privacy of a device owner, and use an embedded private key within said manageability engine to indicate that the service provider is certified by the manufacturer of the manageability engine; and a memory coupled to said hardware processor. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
Specification