Method and system for securely installing software over a network
First Claim
1. A method for installing an image on a client comprising:
- obtaining a wanboot binary from the boot server;
determining whether the wanboot binary is valid;
obtaining a security payload from the boot server using the wanboot binary if the wanboot binary is valid;
establishing a first secure connection between the client and boot server;
obtaining a boot file system from the boot server using the first secure connection;
installing the boot file system on the client to obtain a kernel;
establishing a second secure connection between the client and an installation server using the security payload and the kernel;
obtaining an installation image from the installation server using the kernel and the second secure connection; and
installing the installation image on the client.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for installing an image on a client including obtaining a wanboot binary from the boot server, determining whether the wanboot binary is valid, obtaining a security payload from the boot server using the wanboot binary if the wanboot binary is valid, establishing a first secure connection between the client and boot server, obtaining a boot file system from the boot server using the first secure connection, installing the boot file system on the client to obtain a kernel, establishing a second secure connection between the client and an installation server using the security payload and the kernel, obtaining an installation image from the installation server using the kernel and the second secure connection, and installing the installation image on the client.
115 Citations
53 Claims
-
1. A method for installing an image on a client comprising:
-
obtaining a wanboot binary from the boot server;
determining whether the wanboot binary is valid;
obtaining a security payload from the boot server using the wanboot binary if the wanboot binary is valid;
establishing a first secure connection between the client and boot server;
obtaining a boot file system from the boot server using the first secure connection;
installing the boot file system on the client to obtain a kernel;
establishing a second secure connection between the client and an installation server using the security payload and the kernel;
obtaining an installation image from the installation server using the kernel and the second secure connection; and
installing the installation image on the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
11. The method 8, wherein the wanboot binary is valid if the wanboot binary is signed using the shared authentication key associated with the client.
-
27. A system, comprising:
-
a DHCP server configured to store client configuration information;
a boot server configured to store a wanboot binary and a boot file system;
an installation server configured to store an installation image; and
a client configured to;
connect to the DHCP server to obtain the client configuration information, connect to boot server using the client configuration information to obtain the wanboot binary, connect to the boot server using the wanboot binary to obtain the boot file system, install the boot file system to obtain a kernel, connect to the installation server using the kernel to obtain the installation image, and install the installation image using the kernel. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
-
-
53. A plurality of nodes, comprising:
-
a DHCP server configured to store client configuration information;
a boot server configured to store a wanboot binary and a boot file system;
an installation server configured to store an installation image; and
a client configured to;
connect to the DHCP server to obtain the client configuration information, connect to boot server using the client configuration information to obtain the wanboot binary, connect to the boot server using the wanboot binary to obtain the boot file system, install the boot file system to obtain a kernel, connect to the installation server using the kernel to obtain the installation image, and install the installation image using the kernel, wherein the DHCP server is located on any one of the plurality of nodes, wherein the boot server is located on any one of the plurality of nodes, wherein the installation server is located on any one of the plurality of nodes, and wherein the client server is located on any one of the plurality of nodes.
-
Specification