Trusted management controller firmware

US 9,935,945 B2
Filed: 11/05/2015
Issued: 04/03/2018
Est. Priority Date: 11/05/2015
Status: Active Grant

First Claim

Patent Images

1. A method for ensuring management controller firmware security, by a security manager for a computing device, comprising:

storing, at the security manager, a public key and raw identity data, the raw identity data including one or more of a manufacturer name of the computing device, a product name of the computing device, a device model identification of the computing device, a date, a time, text data or hash data;

receiving, from a management firmware for a management controller of the computing device, encrypted identity data, wherein the encrypted identity data is encrypted using a private key based upon an identical copy of the raw identity data stored on the management controller, the private key being paired with the public key;

decrypting the encrypted identity data into decrypted identity data using the public key;

comparing, by the security manager, the decrypted identity data with the raw identity data to determine whether the management firmware is authentic;

protecting the computing device from harm by the management firmware, in response to determining that the management firmware is not authentic;

replacing the management firmware with a new management firmware for the management controller;

obtaining, from the new management firmware, the encrypted identity data;

decrypting the encrypted identity data with the public key into decrypted identity data;

comparing the decrypted identity data with the raw identity data to determine whether the new management firmware is authentic; and

protecting the computing device from harm by the new management firmware, in response to determining that the new management firmware is not authentic.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for ensuring management controller firmware security, by a security manager of a computing device, includes storing a public key and raw identity data, and obtaining, from a management firmware for a management controller of the computing device, encrypted identity data. The security manager decrypts the encrypted identity data with the public key into decrypted identity data, and compares the decrypted identity data with the raw identity data to determine whether the management firmware is authentic. The security manager protects the computing device from harm by the management firmware, in response to determining that the management firmware is not authentic.

28 Citations

View as Search Results

20 Claims

1. A method for ensuring management controller firmware security, by a security manager for a computing device, comprising:
- storing, at the security manager, a public key and raw identity data, the raw identity data including one or more of a manufacturer name of the computing device, a product name of the computing device, a device model identification of the computing device, a date, a time, text data or hash data;
  
  receiving, from a management firmware for a management controller of the computing device, encrypted identity data, wherein the encrypted identity data is encrypted using a private key based upon an identical copy of the raw identity data stored on the management controller, the private key being paired with the public key;
  
  decrypting the encrypted identity data into decrypted identity data using the public key;
  
  comparing, by the security manager, the decrypted identity data with the raw identity data to determine whether the management firmware is authentic;
  
  protecting the computing device from harm by the management firmware, in response to determining that the management firmware is not authentic;
  
  replacing the management firmware with a new management firmware for the management controller;
  
  obtaining, from the new management firmware, the encrypted identity data;
  
  decrypting the encrypted identity data with the public key into decrypted identity data;
  
  comparing the decrypted identity data with the raw identity data to determine whether the new management firmware is authentic; and
  
  protecting the computing device from harm by the new management firmware, in response to determining that the new management firmware is not authentic.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising:
    - sending a request command to the management controller for the encrypted identity data, wherein the request command uses at least one of Intelligent Platform Management Interface (IPMI) or Representational State Transfer (REST) interface; and
      
      receiving the encrypted identity data from the management controller.
  - 3. The method of claim 1, wherein protecting the computing device comprises at least one of:
    - disabling the management controller;
      
      preventing boot into an operating system of the computing device;
      
      shutting down the computing device;
      
      oroutputting a warning on a display.
  - 4. The method of claim 1, wherein the security manager comprises a basic input/output system (BIOS) of the computing device.
  - 5. The method of claim 4, further comprising requesting for the encrypted identity data stored on a shared memory for the BIOS and the management controller.
  - 6. The method of claim 1, wherein the security manager comprises security software running on an operating system (OS) of the computing device.
  - 7. The method of claim 1, wherein the security manager comprises security software running on a network device in communication with the computing device over a network.
  - 8. The method of claim 1, wherein the security manager comprises a rack management controller (RMC) of a server rack that comprises the computing device.
  - 9. The method of claim 1, wherein the security manager comprises a chassis management controller (CMC) for the computing device.
  - 10. The method of claim 1, wherein the management controller comprises a baseboard management controller (BMC).
  - 11. The method of claim 1, wherein the raw identity data is based upon a customer name.

12. A method for ensuring management controller firmware security, by a manufacturer of a computing device, comprising:
- generating a pair of security keys including a public key and a private key;
  
  encrypting raw identity data using the private key to encrypted identity data, the raw identity data including one or more of a manufacturer name of the computing device, a product name of the computing device, a device model identification of the computing device, a date, a time, text data or hash data;
  
  embedding the encrypted identity data in a management firmware for a management controller of the computing device; and
  
  embedding the public key and the raw identity data in a security manager of the computing device, the security manager configured to;
  
  receive, from the management firmware, the encrypted identity data, wherein the encrypted identity data is encrypted using the private key based upon an identical copy of the raw identity data stored on the management controller, the private key being paired with the public key;
  
  decrypt the encrypted identity data into decrypted identity data using the public key;
  
  compare the decrypted identity data with the raw identity data to determine whether the management firmware is authentic;
  
  protect the computing device from harm by the management firmware, in response to determining that the management firmware is not authentic;
  
  replace the management firmware with a new management firmware for the management controller;
  
  obtain, from the new management firmware, the encrypted identity data;
  
  decrypt the encrypted identity data with the public key into decrypted identity data;
  
  compare the decrypted identity data with the raw identity data to determine whether the new management firmware is authentic; and
  
  protect the computing device from harm by the new management firmware, in response to determining that the new management firmware is not authentic.

13. A computing device, comprising:
- a management controller running a management firmware storing encrypted identity data;
  
  a security manager storing a public key and raw identity data, the raw identity data including one or more of a manufacturer name of the computing device, a product name of the computing device, a device model identification of the computing device, a date, a time, text data or hash data, the security manager configured to;
  
  receive, from the management firmware for the management controller of the computing device, encrypted identity data, wherein the encrypted identity data is encrypted using a private key based upon an identical copy of the raw identity data stored on the management controller, the private key being paired with the public key;
  
  decrypt the encrypted identity data with the public key into decrypted identity data using the public key;
  
  compare the decrypted identity data with the raw identity data to determine whether the management firmware is authentic;
  
  protect the computing device from harm by the management firmware, in response to determining that the management firmware is not authentic;
  
  replace the management firmware with a new management firmware for the management controller;
  
  obtain, from the new management firmware, the encrypted identity data;
  
  decrypt the encrypted identity data with the public key into decrypted identity data;
  
  compare the decrypted identity data with the raw identity data to determine whether the new management firmware is authentic; and
  
  protect the computing device from harm by the new management firmware, in response to determining that the new management firmware is not authentic.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The computing device of claim 13, wherein the security manager comprises a basic input/output system (BIOS).
  - 15. The computing device of claim 14, further comprising a shared memory for the BIOS and the management controller.
  - 16. The computing device of claim 13, wherein the security manager is further configured to:
    - send a request command to the management controller for the encrypted identity data, wherein the request command uses at least one of Intelligent Platform Management Interface (IPMI) or Representational State Transfer (REST) interface; and
      
      receive the encrypted identity data from the management controller.
  - 17. The computing device of claim 13, wherein protect the computing device comprises at least one of:
    - disable the management controller;
      
      prevent boot into an operating system of the computing device;
      
      shut down the computing device;
      
      oroutput a warning on a display.
  - 18. The computing device of claim 13, wherein the security manager comprises security software running on an operating system (OS) of the computing device.
  - 19. The computing device of claim 13, wherein the security manager comprises security software running on a network device in communication with the computing device over a network.
  - 20. The computing device of claim 13, wherein the security manager comprises a rack management controller (RMC) of a server rack that comprises the computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Quanta Computer
Original Assignee
Quanta Computer
Inventors
Li, Yung-Fu
Primary Examiner(s)
Cribbs, Malcolm

Application Number

US14/933,477
Publication Number

US 20170134373A1
Time in Patent Office

880 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/572   Secure firmware programming...

G06F 21/85   interconnection devices, e....

G06F 2221/2107   File encryption

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/123   received data contents, e.g...

Trusted management controller firmware

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted management controller firmware

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links