System and method for secure provisioning of an information handling system
First Claim
1. An information handling system comprising:
- a processor device; and
an access controller device communicatively coupled to the processor device and configured to establish an asymmetrically cryptographic communications channel between the access controller device and a provisioning server device based on;
an enterprise private key;
an enterprise public key associated with the enterprise private key and stored on the access controller device prior to shipment of the information handling system;
a platform private key associated with the information handling system; and
a platform public key associated with the platform private key and encrypted using the enterprise public key by a supplier information handling system associated with a supplier different than the information handling system, the platform public key provided by the supplier of the information handling system to an enterprise associated with the enterprise public key, the access controller device is further configured to decrypt communications from the provisioning server device using the platform private key.
14 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for reducing problems and disadvantages associated with provisioning of information handling systems, including without limitation those associated with bare metal provisioning of information handling systems, are disclosed. A system may include a processor, and a memory and an access controller each communicatively coupled to the processor. The access controller may store an enterprise public key associated with an enterprise private key and a platform private key associated with the system. The access controller may be configured to: (i) authenticate communications received from a provisioning server communicatively coupled to the access controller based at least on an enterprise public certificate associated with the provisioning server and (ii) establish an asymmetrically cryptographic communications channel between the access controller and the provisioning server based at least on a platform public key associated with the platform private key, the platform private key, the enterprise public key, and the enterprise private key.
-
Citations
18 Claims
-
1. An information handling system comprising:
-
a processor device; and an access controller device communicatively coupled to the processor device and configured to establish an asymmetrically cryptographic communications channel between the access controller device and a provisioning server device based on; an enterprise private key; an enterprise public key associated with the enterprise private key and stored on the access controller device prior to shipment of the information handling system; a platform private key associated with the information handling system; and a platform public key associated with the platform private key and encrypted using the enterprise public key by a supplier information handling system associated with a supplier different than the information handling system, the platform public key provided by the supplier of the information handling system to an enterprise associated with the enterprise public key, the access controller device is further configured to decrypt communications from the provisioning server device using the platform private key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium, comprising instructions that, when executed by a processor device, are configured to establish an asymmetrically cryptographic communications channel between an access controller device associated with an information handling system and a provisioning server device based on:
-
an enterprise private key; an enterprise public key associated with the enterprise private key and stored on the access controller device prior to shipment of the information handling system; a platform private key associated with the information handling system; and a platform public key associated with the platform private key and encrypted using the enterprise public key by a supplier information handling system associated with a supplier different than the information handling system, the platform public key provided by the supplier of the information handling system to an enterprise associated with the enterprise public key, wherein the processor device is further configured to decrypt communications from the provisioning server device using the platform private key. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
receiving from an enterprise, by a supplier of an information handling system, an enterprise public key associated with an enterprise private key; storing, by the supplier on an access controller device associated with the information handling system, the enterprise public key prior to shipment of the information handling system; configuring, by the supplier, the information handling system to establish an asymmetrically cryptographic communications channel between the access controller device and a provisioning server device based on; the enterprise private key; the enterprise public key; a platform private key associated with the information handling system; and a platform public key associated with the platform private key and encrypted using the enterprise public key and a supplier information handling system associated with the supplier different than the information handling system; and a platform public key associated with the platform private key and encrypted using the enterprise public key; configuring, by the supplier, the information handling system to decrypt communications from the provisioning server device using the platform private key; and providing, by the supplier to the enterprise, the information handling system. - View Dependent Claims (16, 17, 18)
-
Specification