Unified extensible firmware interface (UEFI) credential-based access of hardware resources
First Claim
1. An Information Handling System (IHS), comprising:
- a processor; and
a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to;
receive a credential provided by a given user of a plurality of users of the IHS, wherein the credential indicates whether the user has access to a given device among a plurality of devices coupled to the IHS;
receive a request by the given user to access the given device; and
at least one of;
(a) allow the user to access the given device by determining that a hardware Unified Extensible Firmware Interface (UEFI) Device Path corresponding to the request carries an authentication parameter indicating that the given user has provided the credential;
or(b) prevent the user from accessing the given device by determining that the hardware UEFI Device Path does not carry the authentication parameter.
14 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for Unified Extensible Firmware Interface (UEFI) credential-based access of hardware resources. In an illustrative, non-limiting embodiment, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: receive a credential for a given one of a plurality of users; and store the credential, where the credential is retrievable via a UEFI Device Path Protocol as part of a determination of whether the given user has access to a given one of a plurality of devices within the IHS, and where the given device is accessible via a UEFI Device Path.
-
Citations
18 Claims
-
1. An Information Handling System (IHS), comprising:
-
a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to; receive a credential provided by a given user of a plurality of users of the IHS, wherein the credential indicates whether the user has access to a given device among a plurality of devices coupled to the IHS; receive a request by the given user to access the given device; and at least one of; (a) allow the user to access the given device by determining that a hardware Unified Extensible Firmware Interface (UEFI) Device Path corresponding to the request carries an authentication parameter indicating that the given user has provided the credential;
or(b) prevent the user from accessing the given device by determining that the hardware UEFI Device Path does not carry the authentication parameter. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. In an Information Handling System (IHS), a method comprising:
-
receiving a credential provided by a given user of a plurality of users of the IHS, wherein the credential indicates whether the user has access to a given device among a plurality of devices coupled to the IHS; receiving a request by the given user to access the given device; and at least one of; (a) allowing the user to access the given device by determining that a hardware Unified Extensible Firmware Interface (UEFI) Device Path corresponding to the request carries an authentication parameter indicating that the given user has provided the credential;
or(b) preventing the user from accessing the given device by determining that the hardware UEFI Device Path does not carry the authentication parameter. - View Dependent Claims (13, 14, 15)
-
-
16. A memory device having program instructions stored thereon that, upon execution by a processor of an Information Handling System (IHS), cause the IHS to:
-
receive a credential provided by a given user of a plurality of users of the IHS, wherein the credential indicates whether the user has access to a given device among a plurality of devices coupled to the IHS; receive a request by the given user to access the given device; and at least one of; (a) allow the user to access the given device by determining that a hardware Unified Extensible Firmware Interface (UEFI) Device Path corresponding to the request carries an authentication parameter indicating that the given user has provided the credential;
or(b) prevent the user from accessing the given device by determining that the hardware UEFI Device Path does not carry the authentication parameter. - View Dependent Claims (17, 18)
-
Specification