公开(公告)号：US11868474B2

公开(公告)日：2024-01-09

申请号：US17280507

申请日：2019-01-08

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Nigel Edwards ,  Michael R. Krause ,  Melvin Benedict ,  Ludovic Emmanuel Paul Noel Jacquin ,  Luis Luciani ,  Thomas Laffey ,  Theofrastos Koulouris ,  Shiva Dasari

IPC: G06F21/00 ,  G06F21/57 ,  G06F21/32 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/57 ,  G06F21/32 ,  H04L9/0816 ,  H04L9/3226

Abstract: A method for securing a plurality of compute nodes includes authenticating a hardware architecture of each of a plurality of components of the compute nodes. The method also includes authenticating a firmware of each of the plurality of components. Further, the method includes generating an authentication database comprising a plurality of authentication descriptions that are based on the authenticated hardware architecture and the authenticated firmware. Additionally, a policy for securing a specified subset of the plurality of compute nodes is implemented by using the authentication database.

公开(公告)号：US20220188468A1

公开(公告)日：2022-06-16

申请号：US17123279

申请日：2020-12-16

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Luis Luciani

IPC: G06F21/79 ,  G06F12/14 ,  H04L9/32 ,  H04L9/08

Abstract: In some examples, a controller includes a secure memory to store a key, and a processor to access a system memory that is external of the controller and that is accessible by a main processor separate from the controller, protect information retrieved from the system memory using the key to produce protected information, and store the protected information in the system memory.

公开(公告)号：US20240104213A1

公开(公告)日：2024-03-28

申请号：US18528893

申请日：2023-12-05

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Nigel Edwards ,  Michael R. Krause ,  Melvin Benedict ,  Ludovic Emmanuel Paul Noel Jacquin ,  Luis Luciani ,  Thomas Laffey ,  Theofrastos Koulouris ,  Shiva Dasari

IPC: G06F21/57 ,  G06F21/32 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/57 ,  G06F21/32 ,  H04L9/0816 ,  H04L9/3226

Abstract: A method for securing a plurality of compute nodes includes authenticating a hardware architecture of each of a plurality of components of the compute nodes. The method also includes authenticating a firmware of each of the plurality of components. Further, the method includes generating an authentication database comprising a plurality of authentication descriptions that are based on the authenticated hardware architecture and the authenticated firmware. Additionally, a policy for securing a specified subset of the plurality of compute nodes is implemented by using the authentication database.

公开(公告)号：US20210056191A1

公开(公告)日：2021-02-25

申请号：US16546862

申请日：2019-08-21

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Theodore F. Emerson ,  Luis Luciani ,  Kevin Boyum ,  Christopher Wesneski

IPC: G06F21/44 ,  G06F3/14 ,  G06T1/00

Abstract: A method for assembling a computing device including initiating a board management controller of the computing device, the board management controller having at least one fuse, forming data to control a video display operatively connected to the computing device to show an image of a watermark, and modifying the computing device. The method also includes blowing the at least one fuse in response to modifying the computing device and adjusting the watermark in response to blowing the at least one fuse.

公开(公告)号：US11720717B2

公开(公告)日：2023-08-08

申请号：US17123279

申请日：2020-12-16

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Luis Luciani

IPC: G06F21/79 ,  G06F12/14 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/79 ,  G06F12/1458 ,  H04L9/0894 ,  H04L9/3247 ,  G06F2212/1052

Abstract: In some examples, a controller includes a secure memory to store a key, and a processor to access a system memory that is external of the controller and that is accessible by a main processor separate from the controller, protect information retrieved from the system memory using the key to produce protected information, and store the protected information in the system memory.

公开(公告)号：US20210232688A1

公开(公告)日：2021-07-29

申请号：US16775823

申请日：2020-01-29

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Luis Luciani ,  Darrell R. Haskell

IPC: G06F21/57 ,  G06F9/4401 ,  G06F21/12 ,  G06F1/3206 ,  G06F9/38

Abstract: Examples disclosed herein relate to a computing device that includes a central processing unit, a management controller separate from the central processing unit, and a security co-processor. The management controller is powered using an auxiliary power rail that provides power to the management controller while the computing device is in an auxiliary power state. The security co-processor includes device unique data. The management controller receives the device unique data and stores a representation at a secure location. At a later time, the management controller receives endorsement information from an expected location of the security co-processor. The management controller determines whether to perform an action on the computing device based on an analysis of the endorsement information and the stored representation of the device unique data.