Secured firmware updates
First Claim
1. A computer implemented method for securing information of hardware devices, the method comprising:
- under the control of one or more computer systems configured with executable instructions,storing a public key on at least one hardware peripheral device of a host machine, the hardware peripheral device associated with firmware that is secured from being modified by a user provisioned on the host machine;
receiving a request to update the firmware, the request received from a device that is external with respect to the host machine, the request containing at least some modified firmware that has been encrypted using a private key;
attempting to decrypt the modified firmware by using the public key stored on the at least one hardware peripheral device of the host machine;
applying the modified firmware to the at least one hardware peripheral device of the host machine if the modified firmware is successfully decrypted using the public key stored on the at least one hardware peripheral device; and
rejecting the request to update the firmware if the modified firmware is not successfully decrypted using the public key.
1 Assignment
0 Petitions
Accused Products
Abstract
When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. In some embodiments, an asymmetric keying approach can be used to encrypt or sign the firmware. In other cases access can be controlled by enabling firmware updates only through a channel or port that is not exposed to the customer, or by mapping only those portions of the hardware that are to be accessible to the user. In other embodiments, the user can be prevented from modifying firmware by only provisioning the user on a machine after an initial mutability period wherein firmware can be modified, such that the user never has access to a device when firmware can be updated. Combinations and variations of the above also can be used.
-
Citations
17 Claims
-
1. A computer implemented method for securing information of hardware devices, the method comprising:
-
under the control of one or more computer systems configured with executable instructions, storing a public key on at least one hardware peripheral device of a host machine, the hardware peripheral device associated with firmware that is secured from being modified by a user provisioned on the host machine; receiving a request to update the firmware, the request received from a device that is external with respect to the host machine, the request containing at least some modified firmware that has been encrypted using a private key; attempting to decrypt the modified firmware by using the public key stored on the at least one hardware peripheral device of the host machine; applying the modified firmware to the at least one hardware peripheral device of the host machine if the modified firmware is successfully decrypted using the public key stored on the at least one hardware peripheral device; and rejecting the request to update the firmware if the modified firmware is not successfully decrypted using the public key. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computing device, comprising:
-
at least one processor; and memory including instructions that, when executed by the processor, cause the computing device to; obtain a private key and store the private key in a secured location, the private key capable of encrypting information, the private key being associated with one or more public keys capable of decrypting the information encrypted using the private key; encrypt firmware for at least one hardware peripheral device of a host machine, the encrypting performed at the secured location using the private key; and transmit the encrypted firmware from the secured location to the host machine, the host machine being remotely located with respect to the secured location, the hardware peripheral device of the host machine configured to attempt to use the one or more public keys to decrypt the encrypted firmware, wherein the hardware peripheral device of the host machine is configured to reject an attempt to update the firmware if the attempt to use the one or more public keys to decrypt the firmware is unsuccessful, and the hardware peripheral device of the host machine is configured to apply the firmware if the attempt to use the one or more public keys to decrypt the firmware is successful. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A non-transitory computer readable storage medium storing one or more sequences of instructions executable by one or more processors to perform a set of operations comprising:
-
obtaining a private key and storing the private key in a secured location, the private key capable of encrypting information, the private key being associated with one or more public keys capable of decrypting the information encrypted using the private key; encrypting firmware for at least one hardware peripheral device of a host machine, the encrypting performed at the secured location using the private key; and transmitting the encrypted firmware from the secured location to the host machine, the host machine being remotely located with respect to the secured location, the hardware peripheral device of the host machine configured to attempt to use the one or more public keys to decrypt the encrypted firmware, wherein the hardware peripheral device of the host machine is configured to reject an attempt to update the firmware if the attempt to use the one or more public keys to decrypt the firmware is unsuccessful, and the hardware peripheral device of the host machine is configured to apply the firmware if the attempt to use the one or more public keys to decrypt the firmware is successful. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification