×

Generating and distributing pre-computed data (PCD) assets to a target device

  • US 9,923,890 B2
  • Filed: 11/06/2014
  • Issued: 03/20/2018
  • Est. Priority Date: 05/07/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving, by a Root Authority (RA) device, data signed by a provisioning device of a cryptographic manager (CM) system, wherein the data comprises definition files that specify an identity and credentials for a Service device of the CM system and an identity and credentials of an Appliance device of the CM system, wherein the RA device is a trusted, offline device that authorizes the Service device and the Appliance device and does not have a persistent connection to the Service device or the Appliance device;

    receiving, by the RA device, a first command to create a Module with a placeholder for a pre-computed data (PCD) asset for a target device;

    in response to the first command, generating by the RA device, the Module with the placeholder for the PCD asset for the target device;

    deploying the Module with the placeholder in the CM system, wherein the deploying of the Module with the placeholder comprises storing, by the RA device, the Module with the placeholder in a removable storage device to transfer the Module with the placeholder to the Service device, wherein the Service device is configured to distribute the Module with the placeholder over a network to the Appliance device;

    receiving, by the RA device, a second command to package the PCD asset for the target device, wherein the PCD asset is unique for the target device;

    in response to the second command, generating, by the RA device, the PCD asset and packaging, by the RA device, the PCD asset for secure deployment of the PCD asset to the target device and to be used exclusively by the target device; and

    deploying the packaged PCD asset in the CM system for identification and tracking of the target device, wherein the deploying of the packaged PCD comprises storing, by the RA device, the packaged PCD asset in an authorization file in the removable storage device to transfer the PCD asset to the Service device, wherein the authorization file is separate from the Module stored in the removable storage device, wherein the Service device is configured to distribute the PCD asset over the network to the Appliance device, wherein the PCD asset is input into the Module at the Appliance device, wherein the Module is an application that, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision the PCD asset to the target device in an operation phase of a manufacturing lifecycle of the target device.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×