Abstract: A BMC firmware security system includes a BMC coupled to a programmable circuit device and a first storage subsystem. In response to BMC initialization, the BMC uses a system identifier to verify that a license in the first storage subsystem authorizes the BMC to use BMC firmware in the BMC, uses branding identity information in the BMC to verify that the BMC is branded for the BMC firmware, determines that the programmable circuit device identifies the BMC firmware and, in response, the performs BMC initialization operations using the BMC firmware. A BIOS is coupled to the programmable circuit device and a second storage system. In response to BIOS initialization, the BIOS uses the branding identity information in the second storage subsystem to identify the BMC firmware, determines that the programmable circuit device identifies the BMC firmware and, in response, performs BIOS initialization operations.

Abstract: A workload compliance governor system includes a management system coupled to a computing system. A workload compliance governor subsystem in the computing system receives a workload performance request associated with a workload, exchanges hardware compose communications with the management system to compose hardware components for the workload, and receives back an identification of hardware components. The workload compliance governor subsystem then determines that the identified hardware components satisfy hardware compliance requirements for the workload, and configures the identified hardware components in the computing system based on the software compliance requirements for the workload in order to cause those identified hardware components to provide an operating system and at least one application that operate to perform the workload.

Abstract: A communication system personality provisioning system includes a communication system included in a computing system and coupled to a management system. The communication system stores authentication information in a UEFI database of a UEFI system in the communication system. The communication system receives a first operating software image and application/service from the management system, authenticates the first operating software image and application/service via first secure initialization operations performed by the UEFI system using the authentication information and, in response, installs the first operating software image and application/service on the communication system.

Abstract: Systems and procedures are provided for transferring a service identifier for use by an IHS (Information Handling System), where technical support is provided to the IHS based on the service identifier. During factory provisioning of the IHS, a signed inventory certificate is uploaded to the IHS that includes an inventory identifying factory installed components of the IHS. Upon deployment of the IHS, a hardware component is removed, where the service identifier of the IHS is associated to the removed component. Upon installing a replacement hardware component, a request is initiated to transfer the association of the service identifier from the removed hardware component to the replacement hardware component.

Abstract: Embodiments of systems and methods for automatically evicting an owner of a security processor are described. In some embodiments, a security processor may include: a core and a memory coupled to the core, the memory having program instructions stored thereon that, upon execution by the core, cause the security processor to: determine that a secure boot public key last used by a first entity to bootstrap an Information Handling System (IHS) fails to bootstrap the IHS; in response to the determination, identify another secure boot public key usable by a second entity to bootstrap the IHS; and in response to the security processor being in a factory environment, increment a counter associated with the first entity to evict the first entity in favor of the second entity.

Abstract: Embodiments of systems and methods for managing control of a security processor in a supply chain are described. In some embodiments, a security processor may include: a core; and a memory coupled to the core, the memory having program instructions stored thereon that, upon execution by the core, cause the security processor to: store a first public key usable to initiate a first secure boot process and unusable to initiate a second secure boot process; store a second public key usable to initiate the second secure boot process and unusable to initiate the first secure boot process; and in response to a first change of control or ownership of the security processor, render the first public key unusable to initiate the first secure boot process.

Abstract: Embodiments of systems and methods for deriving dependent symmetric encryption keys based upon a type of secure boot using a security processor are described. In some embodiments, a security processor may include: a core; and a memory coupled to the core, the memory having program instructions stored thereon that, upon execution by the core, cause the security processor to: retrieve a first symmetric key based, at least in part, upon a type of secure boot performed to bootstrap an Information Handling System (IHS); and derive a second symmetric key based, at least in part, upon the first symmetric key.

Abstract: Embodiments of systems and methods for indicating a type of secure boot to endpoint devices by a security processor are described. In some embodiments, a security processor may include: a core and a memory coupled to the core, the memory having program instructions stored thereon that, upon execution by the core, cause the security processor to: identify a type of secure boot last performed to bootstrap an Information Handling System (IHS); and make an indication of the type of secure boot available to a host processor or Baseboard Management Controller (BMC) of the IHS.

Abstract: As part of a factory provisioning of an Information Handling System (IHS), a signed replaceable hardware certificate is stored that identifies any replaceable hardware components coupled to the IHS during the factory provisioning. Upon a transfer of control or ownership of the IHS, replaceable hardware components that are coupled to the IHS are detected, and the replaceable hardware certificate is utilized to validate that the identified replaceable hardware components detected as coupled to the IHS are the same replaceable hardware components coupled to the IHS during the factory provisioning. A security processor of the IHS may support boot code operations for generating additional replaceable hardware certificates that can be used to validate the integrity of any changes the replaceable hardware of the IHS, such as upon its next power cycle.

Abstract: As part of a factory provisioning of an Information Handling System (IHS), a configuration certificate is stored that identifies a pre-boot configuration of the IHS resulting from the factory provisioning. Upon a transfer of control or ownership of the IHS, a pre-boot configuration of the IHS is identified and the configuration certificate is utilized to validate that the identified pre-boot configuration is the same as the pre-boot configuration of the IHS resulting from the factory provisioning. A security processor of the IHS may support boot code operations for generating additional configuration certificates that can be used to validate the integrity of any changes the IHS configuration, such as upon its next power cycle.

Abstract: During factory provisioning of an Information Handling System (IHS), a key injection authorization certificate is stored that authorizes key injection by a renter of the IHS. An IHS owner retains capabilities for specifying the use of boot code of successive renters of the IHS. Upon a transfer of control or ownership of the IHS, a key injection request certificate provided by the renter is validated and use of the key injection request certificate is authorized for transferring cryptographic credentials to the IHS. The key injection authorization certificate specifies an identity of the IHS that is authorized for key injection by the renter and the key injection request certificate specifies an identity of the IHS that is requested for key injection by the renter. Transfer of credentials is authorized when the two certificates are both valid and the identity of the IHS specified in the two certificates is the same.

Abstract: Embodiments of systems and methods for deriving independent symmetric encryption keys based upon a type of secure boot using a security processor are described. In some embodiments, a security processor may include: a core; and a memory coupled to the core, the memory having program instructions stored thereon that, upon execution by the core, cause the security processor to: identify a type of secure boot performed to bootstrap an Information Handling System (IHS); and derive a symmetric encryption key based upon the type of secure boot.

Abstract: Systems and methods are provided for validating components of an Information Handling System (IHS). During factory provisioning of the IHS, an owner certificate is stored that specifies an identity of a motherboard installed during manufacture of the IHS. The owner certificate is signed by a certificate authority of an owner of the IHS that retains capabilities for specifying the use of boot code provided by successive renters of the IHS. A renter certificate is also stored that specifies an identity of a chassis to which the motherboard is installed during manufacture of the IHS. Upon a transfer of control or ownership of the IHS, boot code operations by the security processor identify a motherboard and chassis in use by the IHS and utilize the motherboard and chassis certificates to validate that the identified motherboard and chassis are the same motherboard and chassis installed during manufacture of the IHS.

Abstract: A device access control system includes a first computing system that is coupled to a second computing system via a network, and that includes a device access controller subsystem coupled to devices, a central processing subsystem, and a device access control manager subsystem. The device access control manager subsystem identifies first application(s) configured for provisioning by the central processing subsystem and second application(s) configured for provisioning by the second computing system, configures the device access controller subsystem to provide the central processing subsystem access to a first subset of the devices to allow the central processing subsystem to provide the first application(s), and configures the device access controller subsystem to provide the second computing system access via the device access control manager subsystem to a second subset of the devices to allow the second computing device to provide the second application(s) using the second subset of the devices.

Abstract: Embodiments validate the secure assembly and delivery of IHSs (Information Handling Systems) that are installed in a shared chassis, such as two 1RU (rack unit) servers installed in a shared 2RU chassis. An inventory certificate is retrieved that was uploaded to a first IHS of the IHSs installed in the shared chassis during factory provisioning of the first IHS. The inventory certificate specifies factory installed hardware components installed in each of the IHSs of the shared chassis. A validation process of the first IHS collects an inventory of hardware components detected by each of the IHSs of the shared chassis. The validation process compares the collected inventory of detected hardware components of the IHSs against the factory installed hardware components specified in the inventory certificate in order to validate the detected hardware components as the same hardware components installed during factory assembly of each of the IHSs.

Abstract: A communication system personality provisioning system includes a communication system included in a computing system and coupled to a management system. The communication system stores authentication information in a UEFI database of a UEFI system in the communication system. The communication system receives a first operating software image and application/service from the management system, authenticates the first operating software image and application/service via first secure initialization operations performed by the UEFI system using the authentication information and, in response, installs the first operating software image and application/service on the communication system.

Abstract: A workload compliance governor system includes a management system coupled to a computing system. A workload compliance governor subsystem in the computing system receives a workload performance request associated with a workload, exchanges hardware compose communications with the management system to compose hardware components for the workload, and receives back an identification of hardware components. The workload compliance governor subsystem then determines that the identified hardware components satisfy hardware compliance requirements for the workload, and configures the identified hardware components in the computing system based on the software compliance requirements for the workload in order to cause those identified hardware components to provide an operating system and at least one application that operate to perform the workload.

Abstract: Binary translation may be performed by a field programmable gate array (FPGA) integrated with a processor as a single integrated circuit. The FPGA contains multiple blocks of logic for performing different binary translations. The processor may offload the binary translation to the FPGA. The FPGA may use historical logging to skip the binary translation of source instructions that have been previously translated into target instructions.

Abstract: A BMC firmware security system includes a BMC coupled to a programmable circuit device and a first storage subsystem. In response to BMC initialization, the BMC uses a system identifier to verify that a license in the first storage subsystem authorizes the BMC to use BMC firmware in the BMC, uses branding identity information in the BMC to verify that the BMC is branded for the BMC firmware, determines that the programmable circuit device identifies the BMC firmware and, in response, the performs BMC initialization operations using the BMC firmware. A BIOS is coupled to the programmable circuit device and a second storage system. In response to BIOS initialization, the BIOS uses the branding identity information in the second storage subsystem to identify the BMC firmware, determines that the programmable circuit device identifies the BMC firmware and, in response, performs BIOS initialization operations.

Abstract: A composed system manager for managing operation of composed information handling systems includes storage for storing telemetry models for the composed information handling systems and a telemetry manager. The telemetry manager makes a determination that a composed information handling system of the composed information handling systems has been instantiated; in response to the determination, identifies resource set components allocated to the composed information handling system; generates a telemetry model of the telemetry models for the composed information handling system based on the resource set components; and configures the resource set components based on the telemetry model to aggregate operation data generated by the resource set components.