Auditing and permission provisioning mechanisms in a distributed secure asset-management infrastructure
First Claim
1. A method comprising:
- receiving, by an Appliance device of a cryptographic manager (CM) system, a Module over a network from a Service device of the CM system, the Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device;
receiving, by the Appliance device, a ticket over the network from the Service device, wherein the ticket is digital data that grants permission to the Appliance device to execute the Module;
verifying, by the Appliance device, the ticket; and
executing, by the Appliance device, the Module when the ticket is verified, wherein executing the Module results in a secure construction of a sequence of operations to securely provision the data asset to the target device, wherein the Appliance device comprises a hardware security module (HSM);
maintaining, by the HSM, a list of current tickets for each of ticket names known to the Appliance device;
maintaining, by the HSM, a counter that is used to prevent replay attacks; and
receiving, by the Appliance device, a ticket-related message to grant a new ticket to the HSM.
2 Assignments
0 Petitions
Accused Products
Abstract
The embodiments described herein describe technologies for ticketing systems used in consumption and provisioning of data assets, such as a pre-computed (PCD) asset. A ticket may be a digital file or data that enables enforcement of usage count limits and uniqueness issuance ore sequential issuance of target device parameters. On implementation includes an Appliance device of a cryptographic manager (CM) system that receives a Module and a ticket over a network from a Service device. The Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device. The ticket is digital data that grants permission to the Appliance device to execute the Module. The Appliance device verifies the ticket to execute the Module. The Module, when executed, results in a secure construction of a sequence of operations to securely provision the data asset to the target device.
20 Citations
20 Claims
-
1. A method comprising:
-
receiving, by an Appliance device of a cryptographic manager (CM) system, a Module over a network from a Service device of the CM system, the Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device; receiving, by the Appliance device, a ticket over the network from the Service device, wherein the ticket is digital data that grants permission to the Appliance device to execute the Module; verifying, by the Appliance device, the ticket; and executing, by the Appliance device, the Module when the ticket is verified, wherein executing the Module results in a secure construction of a sequence of operations to securely provision the data asset to the target device, wherein the Appliance device comprises a hardware security module (HSM); maintaining, by the HSM, a list of current tickets for each of ticket names known to the Appliance device; maintaining, by the HSM, a counter that is used to prevent replay attacks; and receiving, by the Appliance device, a ticket-related message to grant a new ticket to the HSM. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An Appliance device comprising:
-
a processor; and a network interface coupled to the processor and communicatively coupled to a Service device of a cryptographic manager (CM) system, wherein the processor is operable to; receive a Module over a network from the Service device, the Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device; receive a ticket over the network from the Service device, wherein the ticket is digital data that grants permission to the device to execute the Module; verify the ticket; and execute the Module when the ticket is verified, wherein the Module, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision the data asset to the target device; and a hardware security module (HSM), and wherein the HSM is operable to; maintain a list of current tickets for each of ticket names known to the Appliance device; maintain a counter that is used to prevent replay attacks; and receive a second ticket-related message to grant a new ticket to the HSM. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A Service device comprising:
-
a processor; and a network interface coupled to the processor and communicatively coupled over a network to an Appliance device of a cryptographic manager (CM) system, wherein the processor is operable to; associate a ticket type with a pre-computed data (PCD) asset for a target device; send a Module, the PCD and a ticket over the network to the Appliance device in the CM system, wherein the ticket is a digital data that grants permission to the Appliance device to execute the Module, wherein the ticket specifies a current ticket type, wherein the Module is an application that securely provisions the PCD to the target device in an operation phase of a manufacturing lifecycle of the target device, wherein the Appliance device is to verify that the current ticket type in the ticket matches the ticket type specified in the PCD asset; and send a ticket-related message over the network to the Appliance to grant a new ticket for a hardware security module (HSM) of the Appliance device, the HSM maintains a list of current tickets for each of ticket names known to the Appliance device and maintains a counter that is used to prevent replay attacks. - View Dependent Claims (19, 20)
-
Specification