MODULES TO SECURELY PROVISION AN ASSET TO A TARGET DEVICE
First Claim
1. A method comprising:
- receiving, by a Root Authority (RA) device, a command to create a Module, wherein the Module is a first application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device;
in response to the command, executing a Module Template by the RA device to generate the Module, wherein the Module Template is a second application that defines a set of instructions for the Module and the data asset; and
deploying the Module to an Appliance device, wherein the set of instructions of the Module, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision the data asset to the target device, wherein the Appliance device is configured to distribute the data asset to a cryptographic manager core of the target device.
1 Assignment
0 Petitions
Accused Products
Abstract
The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a command to create a Module and executes a Module Template to generate the Module in response to the command. The Module is deployed to an Appliance device. A set of instructions of the Module, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device. The Appliance device is configured to distribute the data asset to a cryptographic manager (CM) core of the target device.
20 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a Root Authority (RA) device, a command to create a Module, wherein the Module is a first application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device; in response to the command, executing a Module Template by the RA device to generate the Module, wherein the Module Template is a second application that defines a set of instructions for the Module and the data asset; and deploying the Module to an Appliance device, wherein the set of instructions of the Module, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision the data asset to the target device, wherein the Appliance device is configured to distribute the data asset to a cryptographic manager core of the target device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
receiving, by an Appliance device, a Module over a network from a Service device; receiving, by the Appliance device, a communication from a cryptographic manager (CM) client library of a tester device, wherein the communication comprises an argument from the CM client library; in response to the communication, invoking the Module by the Appliance device to generate a Module sequence based on the argument; and sending, by the Appliance device, the Module sequence to the CM client library, wherein a tester script of the tester device delivers the Module sequence a CM Core of a target device in an operation phase of a manufacturing lifecycle of the target device. - View Dependent Claims (10, 11)
-
-
12. A Root Authority (RA) device comprising:
-
a processor; and a removable storage device interface configured to connect to a removable storage device, wherein the removable storage device interface is coupled to the processor, wherein the processor is operable to; receive a command to create a Module, wherein the Module is a first application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device; in response to the command, execute a Module Template to generate the Module, wherein the Module Template is a second application that defines a set of instructions for the Module and the data asset; and deploy the Module to an Appliance device, wherein the set of instructions of the Module, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision the data asset to the target device, wherein the Appliance device is configured to distribute the data asset to a cryptographic manager core of the target device. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. An Appliance device comprising:
-
a processor; a network interface coupled to the processor; and a tester device interface coupled to the processor, wherein the processor is operable to; receive a Module over the network interface from a Service device; receive a communication over the tester device interface from a cryptographic manager (CM) client library of a tester device, wherein the communication comprises an argument from the CM client library; in response to the communication, invoke the Module to generate a Module sequence based on the argument; and send the Module sequence to the CM client library to be run by the tester device to deliver the Module sequence to a CM Core of a target device in an operation phase of a manufacturing lifecycle of the target device. - View Dependent Claims (19, 20)
-
Specification