Apparatus and method for a multi-entity secure software transfer
First Claim
1. A method for a multi-entity secure software transfer, comprising:
- configuring a first communication interface controller at a first hardware entity and a second communication interface controller at a second hardware entity to disallow all external access to the respective first hardware entity and the second hardware entity except a communication link configuration access;
establishing a communication link between the first hardware entity and the second hardware entity subsequent to the configuring;
receiving the secure software at the first hardware entity from the second hardware entity via the communication link;
writing the secure software to a temporary storage at the first hardware entity;
copying the secure software from the temporary storage to a secure storage at the first hardware entity;
retrieving from a non-volatile storage at the first hardware entity a public key; and
authenticating the secure software in the secure storage using the public key.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and a system embodying the method for a multi-entity secure software transfer are disclosed, the method operating by: configuring a communication interface controller at each trusted hardware entity of a first hardware entity and a second hardware entity to disallow all external access except a communication link configuration access; establishing the communication link between the first hardware entity and the second hardware entity; configuring write access from the second hardware entity to only a first storage at the first hardware entity; and writing the secure software received from the second hardware entity via the communication link to the first storage at the first hardware entity.
-
Citations
21 Claims
-
1. A method for a multi-entity secure software transfer, comprising:
-
configuring a first communication interface controller at a first hardware entity and a second communication interface controller at a second hardware entity to disallow all external access to the respective first hardware entity and the second hardware entity except a communication link configuration access; establishing a communication link between the first hardware entity and the second hardware entity subsequent to the configuring; receiving the secure software at the first hardware entity from the second hardware entity via the communication link; writing the secure software to a temporary storage at the first hardware entity; copying the secure software from the temporary storage to a secure storage at the first hardware entity; retrieving from a non-volatile storage at the first hardware entity a public key; and authenticating the secure software in the secure storage using the public key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus for a multi-entity secure software transfer, comprising:
-
a first hardware entity, comprising a first communication interface controller, a first hardware entity secure storage comprising the secure software, and a first hardware entity controller communicatively coupled to the first communication interface controller and the first hardware entity secure storage; and a second hardware entity, comprising a second communication interface controller, a second hardware entity temporary storage, a second hardware entity secure storage, a second hardware entity non-volatile storage, and a second hardware entity controller communicatively coupled to the second communication interface controller and the second hardware entity temporary storage;
wherein;the first hardware entity controller and the second hardware entity controller are configured to cause the respective entity'"'"'s communication interface controller to;
disallow all external access to the respective first hardware entity and the second hardware entity except a communication link configuration access and subsequently establish a communication link;the first hardware entity controller is configured to cause transmission of the secure software over the communication link; and the second hardware entity controller is further configured to allow write access from the first hardware entity to only the second hardware entity temporary storage, to write to the second hardware entity temporary storage the secure software received over the communication link from the first hardware entity, to copy the secure software from the second hardware entity temporary storage to the second hardware entity secure storage, to retrieve from the second hardware entity non-volatile storage a public key, and to authenticate the secure software in the second hardware entity secure storage using the public key. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification