Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor coupled to secure non-volatile storage; and at least one storage medium having firmware instructions stored thereon for causing, during runtime and after an operating system for the apparatus has booted, the cryptoprocessor to (a) store a key within the secure non-volatile storage, (b) sign an object with the key, while the key is within the cryptoprocessor, to produce a signature, and (c) verify the signature. Other embodiments are described herein.

Abstract: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.

Abstract: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.

Abstract: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.

Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor coupled to secure non-volatile storage; and at least one storage medium having firmware instructions stored thereon for causing, during runtime and after an operating system for the apparatus has booted, the cryptoprocessor to (a) store a key within the secure non-volatile storage, (b) sign an object with the key, while the key is within the cryptoprocessor, to produce a signature, and (c) verify the signature. Other embodiments are described herein.

Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor coupled to secure non-volatile storage; and at least one storage medium having firmware instructions stored thereon for causing, during runtime and after an operating system for the apparatus has booted, the cryptoprocessor to (a) store a key within the secure non-volatile storage, (b) sign an object with the key, while the key is within the cryptoprocessor, to produce a signature, and (c) verify the signature. Other embodiments are described herein.

Abstract: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.

Abstract: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.

Abstract: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.

Abstract: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.

Abstract: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.

Abstract: An embodiment includes an apparatus comprising: an out-of-band cryptoprocessor coupled to secure non-volatile storage; and at least one storage medium having firmware instructions stored thereon for causing, during runtime and after an operating system for the apparatus has booted, the cryptoprocessor to (a) store a key within the secure non-volatile storage, (b) sign an object with the key, while the key is within the cryptoprocessor, to produce a signature, and (c) verify the signature. Other embodiments are described herein.

Abstract: Service processors within a system are self-clustered. The system can also include an operating system or other software code, a management console, or both. The operating system communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, such as through a memory shared by at least all the service processors. The operating system therefore need not be aware which of the service processors performs a given function. The console communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, through any service processor of the cluster. The console therefore also need not be aware that the service processors have been clustered to perform functionality for the console.

Abstract: Service processors within a system are self-clustered. The system can also include an operating system or other software code, a management console, or both. The operating system communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, such as through a memory shared by at least all the service processors. The operating system therefore need not be aware which of the service processors performs a given function. The console communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, through any service processor of the cluster. The console therefore also need not be aware that the service processors have been clustered to perform functionality for the console.

Abstract: The self-clustering of service processors within a system is disclosed. The system can also include an operating system or other software code, a management console, or both. The operating system communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, such as through a memory shared by at least all the service processors. The operating system therefore need not be aware which of the service processors performs a given function. The console communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, through any service processor of the cluster. The console therefore also need not be aware that the service processors have been clustered to perform functionality for the console.

Abstract: The self-clustering of entities within a system is disclosed. The system can also include a host. Each entity self-discovers all the other entities, such that the entities are aggregated as a cluster. The host communicates with the cluster of entities, where the entities are self-clustered or otherwise, such as through a memory shared by all the entities. The host therefore need not be aware which of the entities performs a given function.

Abstract: The self-clustering of entities within a system is disclosed. The system can also include a host. Each entity self-discovers all the other entities, such that the entities are aggregated as a cluster. The host communicates with the cluster of entities, where the entities are self-clustered or otherwise, such as through a memory shared by all the entities. The host therefore need not be aware which of the entities performs a given function.

Abstract: The self-clustering of service processors within a system is disclosed. The system can also include an operating system or other software code, a management console, or both. The operating system communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, such as through a memory shared by at least all the service processors. The operating system therefore need not be aware which of the service processors performs a given function. The console communicates with the cluster of service processors, where the service processors are self-clustered or otherwise, through any service processor of the cluster. The console therefore also need not be aware that the service processors have been clustered to perform functionality for the console.