Abstract: According to embodiments of the present disclosure, systems and methods to manage Security Protocol and Data Model (SPDM) secure communication sessions are provided. According to one embodiment, an Information Handling System (IHS) includes a Security Protocol and Data Model (SPDM)-enabled device conforming to a SPDM specification in which the SPDM-enabled device has a specified quantity of supported private communication sessions. The IHS also includes computer-executable instructions to, when an application requests use of one of the private communication sessions, determine whether one of the private communication sessions is available, and enable the application to communicate with the SPDM-enabled device through the one private communication session based on the determination.

Abstract: A method for managing a storage system includes initiating, by a hardware resource manager, a boot-up of a storage controller managing the storage system comprising a plurality of storage devices, making a determination, by the storage controller, that the storage controller is in a secured mode, based on the determination: identifying a security state of each of the plurality of storage devices, determining that a storage device of the plurality of storage devices is in an unsecured state, and based on the unsecured state, sending, by the storage controller, a security operation request for securing the storage device, obtaining a secure state response from the hardware resource manager corresponding to securing the storage device, and based on the secure state response, resuming operation of the storage controller based on the secure mode.

Abstract: In general, embodiments of the invention relate to a method and system for managing a storage system. In many traditional implementations host bus adapter (HBA) manages the storage device, however frequently the HBA cannot implement the necessary methods to secure a self-encrypting drive (SED). One or more embodiments of the invention use a baseboard management controller (BMC) to manage the security of the SEDs as well as the security life cycle of the SEDs, while the HBA acts as a passthrough conduit between the SED and BMC.

Abstract: A node for a VSAN includes a BMC, a processor, and a plurality of VSAN objects. The processor instantiates a Cluster Membership, Monitoring, and Directory Service (CMMDS) and a BMC Service Module (SM). The CMMDS implements a Security Policy and Data Model (SPDM) architecture. The CMMDS determines an inventory list of the VSAN objects and a SPDM authentication state for each of the objects, and provides the inventory list and the SPDM authentication states to the BMC SM. The BMC SM provides the inventory list and the SPDM authentication state to the BMC. The BMC determines that a first VSAN object is not authenticated based upon the SPDM authentication state of the first VSAN object, and directs the CMMDS to halt input/output (I/O) operations on the VSAN to the first VSAN object.

Abstract: A node for a VSAN includes a BMC, a processor, and a plurality of VSAN objects. The processor instantiates a Cluster Membership, Monitoring, and Directory Service (CMMDS) and a BMC Service Module (SM). The CMMDS implements a Security Policy and Data Model (SPDM) architecture. The CMMDS determines an inventory list of the VSAN objects and a SPDM authentication state for each of the objects, and provides the inventory list and the SPDM authentication states to the BMC SM. The BMC SM provides the inventory list and the SPDM authentication state to the BMC. The BMC determines that a first VSAN object is not authenticated based upon the SPDM authentication state of the first VSAN object, and directs the CMMDS to halt input/output (I/O) operations on the VSAN to the first VSAN object.

Abstract: Systems and methods provide for SPDM-enabled devices that conform to an SPDM specification. An SPDM-enabled device receives a request to provision a certificate chain on the device and sends an event notification message to a baseboard management controller. The event notification message indicates receipt of a request to provision a certificate chain in a slot on the SPDM-enabled device. The baseboard management controller evaluates the certificate chain against the device manufacturer's certificate profile policy. If the certificate chain is valid, then a validation successful message is sent to the SPDM-enabled device, which in turn sends a certificate provision response to a requesting device. If the certificate chain is not valid, then a validation failure message is sent to the SPDM-enabled device, which causes the SPDM-enabled device to enter a quarantine state.

Abstract: Embodiments of systems and methods to determine all of the Functions that are associated with a multi-Function Peripheral Component Interconnect/Compute Express Link (PCIe/CXL) Field Replaceable Unit (FRU) for use in SPDM authentication of a PCIe/CXL FRU are disclosed. According to one embodiment, a multi-Function PCIe/CXL FRU includes multiple Functions that each are represented by a unique Device/Function path. A PCIe/CXL FRU includes computer-executable program instructions that cause it to receive a request from a Security Protocol and Data Model (SPDM) requester to obtain information about a plurality of Functions associated with the PCIe/CXL FRU, and respond to the request by sending a list of Device/Function paths to the SPDM requester. Each Device/Function path indicates the Function and the path to the Function associated with the PCIe/CXL FRU.

Abstract: According to embodiments of the present disclosure, systems and methods to manage Security Protocol and Data Model (SPDM) secure communication sessions are provided. According to one embodiment, an Information Handling System (IHS) includes a Security Protocol and Data Model (SPDM)-enabled device conforming to a SPDM specification in which the SPDM-enabled device has a specified quantity of supported private communication sessions. The IHS also includes computer-executable instructions to, when an application requests use of one of the private communication sessions, determine whether one of the private communication sessions is available, and enable the application to communicate with the SPDM-enabled device through the one private communication session based on the determination.

Abstract: According to embodiments of the present disclosure, systems and methods to advertise Security Protocol and Data Model (SPDM) command timing requirements are provided. According to one embodiment, an Information Handling System (IHS) includes a requester and a responder conforming to a SPDM specification in which the responder is configured with computer-executable logic to, in response to a request from a requester, generate an estimated amount of time to process a SPDM command, and send the estimated amount of time to the requester in response to the request. The requester may then wait the estimated amount of time between sending each of multiple ensuing commands to the responder.

Abstract: According to embodiments of the present disclosure, an Information Handling System (IHS) including multiple Security Protocol and Data Model (SPDM)-enabled devices is configured to perform collective attestation. The collective attestation is provided by computer-executable instructions that, when executed by a processor of the IHS, receive an attestation request from a requesting device and a device identity certificate from each of the devices. Using the device identity certificates, the instructions perform a cryptographic hash over the received device identity certificates, and send the cryptographic hash to the requesting device in response to the request.

Abstract: A system for data processing, comprising a management controller operating on a processor and configured to load and execute one or more algorithms that provide the function of transmitting a request to a managed device using a Security Protocol and Data Model (SPDM) protocol and to receive a response from the managed device. A system management bus and security policy system operating on the processor is configured to execute one or more algorithms to process the response from the managed device to apply an SPDM security policy to the response.

Abstract: An Information Handling System (IHS) includes multiple hardware devices, and a baseboard Management Controller (BMC) in communication with the plurality of hardware devices. The BMC includes executable instructions for causing the one hardware device to be inhibited from functioning with the IHS when at least one of the hardware devices is powered on, and performing an authentication procedure with that hardware device. After that hardware device has been successfully authenticated, the instructions then enable the one hardware device to function with the IHS.

Abstract: A method for managing a storage system includes initiating, by a hardware resource manager, a boot-up of a storage controller managing the storage system comprising a plurality of storage devices, making a determination, by the storage controller, that the storage controller is in a secured mode, based on the determination: identifying a security state of each of the plurality of storage devices, determining that a storage device of the plurality of storage devices is in an unsecured state, and based on the unsecured state, sending, by the storage controller, a security operation request for securing the storage device, obtaining a secure state response from the hardware resource manager corresponding to securing the storage device, and based on the secure state response, resuming operation of the storage controller based on the secure mode.

Abstract: A storage enclosure of an information handling system includes multiple storage drives, and an expander device. The storage drives include one or more self-encrypting drives (SEDs). The expander device determines whether a SED enables a power disable capability. In response to detection that the SED enables the power disable capability, the expander device monitors a link status between the information handling system and the storage enclosure. In response to a link status change being detected, the expander device waits a period of time and determines the link status after the period of time. If the link status is link down, the expander device implements a power cycle in the storage drives. After the power cycle of the storage drives, the expander device sets the drives to a locked state.

Abstract: Systems and methods provide validation of hardware components of an IHS (Information Handling System). An attestation certificate stored to the IHS specifies authenticated instructions for operation of a hardware component of the IHS. This attestation certificate is endorsed by a self-signed root attestation certificate. An identity certificate, also stored to the IHS, specifies an identity of the hardware component and is endorsed using an embedded keypair of the hardware component. The root attestation certificate is validated to ensure it corresponds to the hardware component specified in the identity certificate, where this validation confirms that a public key included in the identity certificate is identical to a public key included in the attestation certificate.

Abstract: A system and method are disclosed for delegating, by a resource-constrained device, a privilege to a basic input/output system, wherein the privilege allows the basic input/output system to authenticate an endpoint device on behalf of the resource-constrained device. The system and method also includes generating an asymmetric security key that includes a private key and a public key and transmitting the public key to the basic input/output system, wherein the public key is included in a proxy certificate generated by the basic input/output system. In addition, the system and method includes establishing a secure session between the basic input/output system and the endpoint device using the private key and the proxy certificate, wherein the secure session is used by the basic input/output system to authenticate and verify that the endpoint device is authorized to perform an operation.

Abstract: An information handling system includes a device capable of sending and receiving security protocol and data model messages. A management controller with an authorization role as a designated leader is configured to verify authenticity of the device, discover authorization capabilities of the device, and set the authorization role of the device as a follower.

Abstract: A method for managing a resource system includes obtaining, by a hardware resource manager, a firmware update lockdown request for a lockdown for a firmware device of the resource system, in response to the firmware update lockdown request: identifying a firmware protocol corresponding to the firmware device, generating a firmware lockdown command corresponding to the firmware device based on the firmware protocol, and initiating updating of a lockdown policy based on the firmware lockdown command.

Abstract: In general, embodiments of the invention relate to a method and system for managing a storage system. In many traditional implementations host bus adapter (HBA) manages the storage device, however frequently the HBA cannot implement the necessary methods to secure a self-encrypting drive (SED). One or more embodiments of the invention use a baseboard management controller (BMC) to manage the security of the SEDs as well as the security life cycle of the SEDs, while the HBA acts as a passthrough conduit between the SED and BMC.

Abstract: An Information Handling System (IHS) includes at least one hardware device in communication with a Baseboard Management Controller (BMC). The hardware device includes executable instructions for establishing a secure communication channel with the BMC, and subsequently receiving a list of allowed commands from the BMC. When a command is received by the hardware device, it determines whether the command is included in the list such that when the command is in the list and the command is received within the secure communication channel, the hardware device performs the command. However, when the command is in the list and the command is received outside of the secure communication channel, the hardware device ignores the command.