Secure Field Updates.
Original Publication Date: 2012-Dec-26
Included in the Prior Art Database: 2012-Dec-26
Randall Springfield: INVENTOR [+4]
Today, the direction of the industry is to save important Operating System data onto the system motherboard. An example of this would be to save the authorization value for allowing a particular OS to run. There are many cases where this process must occur not only during the manufacturing process but also after the system has been shipped to a customer. This may happen because the system needs maintenance and rewriting the authorization value is part of the maintenance. What is needed is a secure method to change these valuable authorization data after the manufacturing process.
Page 01 of 1
Secure Field Updates
Today, most solutions handle this by having obscure processes to change these authorization values. Although workable, there are risks with these processes that need to be overcome. Our solution uses TPM 2.0.
TPM 2.0 has the concept of hierarchies where data / keys can be saved securely in the TPM. The data/keys are only available to BIOS and cannot be disabled. Our solution loads a key during the manufacturing process specifically for the purpose of performing these operations. When a system requires maintenance a packet from the system manufacturer is sent to BIOS to be used when BIOS has control of its hierarchy. When BIOS gets this packet, BIOS can utilize the TPM to decrypt the packet, validate the packet is appropriate for this system, and then perform the required function. This method secures the process by having a secure signing service kept at the system manufacturer and these requests can be securely handled after the system is shipped to customers. This removes the need for these obscure methods which are troublesome and error prone. It also allows the system manufacturer to move these packets to a less secure device (HDD) and remove hardware (such as EEPROM) which are used today for secure communication