Device management proxy for secure devices
First Claim
Patent Images
1. A system comprising:
- a first device comprising;
at least one first hardware processor;
first memory storing a first software module executable by the at least one first hardware processor, wherein the first device is configured to;
send a digitally signed request to a second device to change the hardware settings of the first device; and
a second device comprising;
at least one second hardware processor; and
second memory storing a second software module executable by the at least one second hardware processor, wherein the second device is configured to;
receive, from the first device, the digitally signed request to change the hardware settings of the first device;
determine the validity of the digitally signed request; and
change the hardware settings of the first device in accordance with the request if the validity of the digitally signed request is determined.
1 Assignment
0 Petitions
Accused Products
Abstract
A hardware device architecture is described that improves security and flexibility in access to hardware device settings. A device management proxy service is digitally signed and granted access to device settings. Applications are then digitally provisioned by the proxy service and only validated signed requests from applications are permitted to change hardware device settings. Further granularity over hardware device settings is achieved through user accounts and groups established by the applications.
425 Citations
20 Claims
-
1. A system comprising:
-
a first device comprising; at least one first hardware processor; first memory storing a first software module executable by the at least one first hardware processor, wherein the first device is configured to; send a digitally signed request to a second device to change the hardware settings of the first device; and a second device comprising; at least one second hardware processor; and second memory storing a second software module executable by the at least one second hardware processor, wherein the second device is configured to; receive, from the first device, the digitally signed request to change the hardware settings of the first device; determine the validity of the digitally signed request; and change the hardware settings of the first device in accordance with the request if the validity of the digitally signed request is determined. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
-
a first device comprising; at least one first hardware processor; first memory storing a first software module executable by the at least one first hardware processor, wherein the first device is configured to; send a request to a third device to authenticate a login for an account and retrieve access privileges for the account; send a digitally signed request to a second device to change the hardware settings of the first device, wherein the request is sent based upon the access privileges for the account; and a second device comprising; at least one second hardware processor; and second memory storing a second software module executable by the at least one second hardware processor, wherein the second device is configured to; receive, from the first device, the digitally signed request to change the hardware settings of the first device; determine the validity of the digitally signed request; and change the hardware settings of the first device in accordance with the request if the validity of the digitally signed request is determined; and a third device comprising; at least one third hardware processor; third memory storing a third software module executable by the at least one third hardware processor, wherein the third device is configured to; receive, from the first device, a request to authenticate a login for the account and retrieve access privileges for the account; determine the validity of the login; and send the access privileges for the account.
-
-
11. A method comprising:
-
sending a digitally signed request from a first device to a second device, the digitally signed request configured to change the hardware settings of the first device, the first device comprising at least one first hardware processor and first memory storing a first software module executable by the at least one first hardware processor, and the second device comprising at least one second hardware processor and second memory storing a second software module executable by the at least one second hardware processor; receiving an indication from the second device, the indication confirming that the second device has determined the validity of the digitally signed request; and changing the hardware settings of the first device in accordance with the digitally signed request if the indication confirms that the digitally signed request is valid. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
sending a request from a first device to a third device, the request configured to authenticate a login for an account and to retrieve access privileges for the account, the first device comprising at least one first hardware processor and first memory storing a first software module executable by the at least one first hardware processor, and the third device comprising at least one third hardware processor and third memory storing a third software module executable by the at least one third hardware processor; receiving access privileges for the account from the third device, the third device having received the request to authenticate the login for the account, authenticated the login for the account, and retrieved the access privileges for the account; sending a digitally signed request from the first device to a second device, the digitally signed request configured to change the hardware settings of the first device, wherein the digitally signed request is sent based upon the access privileges for the account, the second device comprising at least one second hardware processor and second memory storing a second software module executable by the at least one second hardware processor; receiving an indication from the second device, the indication confirming that the second device has determined the validity of the digitally signed request; and changing the hardware settings of the first device in accordance with the digitally signed request if the indication confirms that the digitally signed request is valid.
-
Specification