Patents by Inventor Marshal F. Savage

Marshal F. Savage has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210288821
    Abstract: A method includes generating a secure management mode public-private key pair; generating a certificate signing request, the certificate signing request including the secure management mode public key of the secure management mode public-private key pair, the certificate signing request including a common name associated with a trusted root certificate authority; sending the secure management mode certificate signing request to a signing server; receiving a signed certificate signed by a factory certificate authority, a public key certificate for the factory certificate authority, and a trust chain signed by the trusted root certificate authority; validating the signed certificate; and enabling a secure management mode.
    Type: Application
    Filed: March 16, 2020
    Publication date: September 16, 2021
    Inventors: Jason M. Young, Marshal F. Savage
  • Patent number: 11068598
    Abstract: Methods, systems, and computer programs encoded on computer storage medium, for verifying, by a mask ROM of a CPU of a first computing device and with fused keys included by the CPU, a boot loader that is included by a flash memory of the first computing device, in response to verifying the boot loader, verifying, by the boot loader and with boot loader keys included by the flash memory, a kernel included by the a memory device of the first computing device, in response to verifying the kernel, decrypting, by the kernel using a hidden root key (HRK) included by the CPU of the first computing device, a device unique certification (DUC) included by the flash memory, in response to decrypting the DUC, generating, by the first computing device, a proof-of-possession of the DUC.
    Type: Grant
    Filed: November 1, 2018
    Date of Patent: July 20, 2021
    Assignee: Dell Products L.P.
    Inventors: Michael Emery Brown, Josh M. Pennell, Jacob R. Hutcheson, Marshal F. Savage, Nikhil Swarnakumar, Rhushabh Bhandari
  • Publication number: 20210135931
    Abstract: A system for distributing firmware, comprising a group controller operating on a processor and configured to perform an algorithmic process of sending an update task with a download host to one of two or more group members. A group member operating on a processor and configured to perform an algorithmic process of receiving the update task with the download host and to request a payload file from the download host.
    Type: Application
    Filed: November 6, 2019
    Publication date: May 6, 2021
    Applicant: DELL PRODUCTS L.P.
    Inventors: Cyril Jose, Yee Ja, Marshal F. Savage, Chandrasekhar Puthillathe, Choudary Akkiah Maddukuri
  • Patent number: 10949539
    Abstract: A method may include determining if both of two redundant operating system images for executing functionality of a chassis management controller were found during one or more previous boot sessions of the chassis management controller to be unsecure, wherein each operating system image comprises an integrated kernel and initial file root system stored in a respective first partition of a memory of the chassis management controller, verity hashes of a root file system of such operating system image, the verity hashes stored in a respective second partition of the memory, and the root file system of such operating system image stored in a respective third partition of the memory. The method may also include, in response to determining that one of the two redundant operating system images is secure, initiate verification of such operating system image to determine if such operating system image has indicia of tampering.
    Type: Grant
    Filed: May 3, 2019
    Date of Patent: March 16, 2021
    Assignee: Dell Products L.P.
    Inventors: Prakash Nara, Wei Liu, Charles E. Rose, Santosh Kumar, Sudhir Vittal Shetty, Marshal F. Savage, Rhushabh Bhandari, Madhav Karri
  • Patent number: 10936381
    Abstract: A server receives an event notification indicating an opening of a drive drawer, and retrieves a timing parameter associated with a timer that counts a time from the receiving of the event notification by the server indicating the opening of the drive drawer. The server may generate a visual alert that alerts of the opening of the drive drawer, and display a current value indicating the time since the receiving of the event notification.
    Type: Grant
    Filed: December 11, 2019
    Date of Patent: March 2, 2021
    Assignee: Dell Products, L.P
    Inventors: Christopher Abella Poblete, Santosh Kumar Bidaralli, Marshal F. Savage
  • Patent number: 10922385
    Abstract: A method, an information handling system (IHS) and a license file generating system for generating a license file. The method includes receiving, via a processor of a first information handling system (IHS), a plurality of input parameters associated with a product and generating license data at least partially based on the input parameters. The license data is transmitted to a hardware security module (HSM). The method further includes triggering the HSM to retrieve a certificate containing allowable use data. The allowable use data at least partially identifies a permitted installation of a license for the product. The HSM is triggered to embed a signer identifier within the certificate and the HSM is triggered to sign the certificate. The method further includes receiving a signed certificate from the HSM and generating a license file including the license data and the signed certificate. The license file is transmitted to a second IHS.
    Type: Grant
    Filed: August 2, 2017
    Date of Patent: February 16, 2021
    Assignee: Dell Products, L.P.
    Inventors: Jason M. Young, Wayne R. Weilnau, Marshal F. Savage
  • Patent number: 10855463
    Abstract: Methods and systems for providing quality of service to an information handling system may involve generating a new transport encryption key for a management controller group, notifying nodes in the management controller group to negotiate for the new transport encryption key, and encrypting a first message to be sent to a first node in the management controller group using a current transport encryption key. The new transport encryption key for encrypted communications in the management controller group and to replace a current transport encryption key. The first message encrypted after notifying the nodes in the management controller group to negotiate for the new transport encryption key. The nodes of the management controller group including the first node.
    Type: Grant
    Filed: February 8, 2018
    Date of Patent: December 1, 2020
    Assignee: Dell Products L.P.
    Inventors: Yee Ja, Marshal F. Savage, Cyril Jose
  • Patent number: 10798074
    Abstract: Methods and systems for account authentication in a distributed computing node group may involve sending a message to a member, the message having a first timestamp, increasing an authentication failure count, receiving a first key-exchange message from the member, the first key-exchange message having a second timestamp, evaluating the second timestamp, and determining whether to ignore the first key-exchange message based on an evaluation of the second timestamp. The first timestamp may be associated with a message received from the member prior to sending the message with the first timestamp to the member. The first key-exchange message may include a value computed by the member based on a group passcode shared with the member. The evaluation of the second timestamp may be based on at least one of a default value, the authentication failure count, or a timestamp associated with the group passcode.
    Type: Grant
    Filed: February 6, 2020
    Date of Patent: October 6, 2020
    Assignee: Dell Products L.P.
    Inventors: Yee Ja, Marshal F. Savage, Cyril Jose
  • Patent number: 10747882
    Abstract: A verification for a secure boot process may include determining a determined signature for a compendium stored in a memory where the compendium includes a bootloader and an operating system, accessing a verification signature corresponding to the compendium, and comparing the verification signature with the determined signature where if the verification signature is the same as the determined signature, the compendium is verified as secure and a secure boot process is performed with the bootloader and operating system. The compendium may include one or more applications such that the applications may be verified as secure with the verification signature.
    Type: Grant
    Filed: March 23, 2017
    Date of Patent: August 18, 2020
    Assignee: Dell Products, L.P.
    Inventors: Wei Liu, Prakash Nara, Sudhir V. Shetty, Marshal F. Savage, Charles E. Rose, Mukund P. Khatri, Madhav Karri, Santosh Kumar
  • Publication number: 20200252388
    Abstract: An information handling system for providing comprehensive remote authorized access to multiple equipment in a datacenter. A mobile device security credential is first authenticated before access information is configured in the mobile device using a short-range wireless interface. The configured access information is mapped to the equipment and the corresponding access token and encryption keys from the equipment are received by the mobile device. The mobile device uses the access token and the encryption keys to simultaneously access the equipment through a long-range wireless interface. The simultaneous access includes parallel accessing of the equipment at a next accessing instance without requiring re-authentication. With the accessed equipment, the mobile device manages the accessed equipment based on the configured access information.
    Type: Application
    Filed: January 31, 2019
    Publication date: August 6, 2020
    Inventors: My Tran, Sudhir Vittal Shetty, Michael Emery Brown, Marshal F. Savage, Jeffrey M. Lairsey, Joshua M Pennell
  • Patent number: 10713363
    Abstract: In one or more embodiments, one or more systems, methods, and/or processes may receive a digital signature, signed by a signing authority, for a request for utilization of an information handling system firmware application programming interface (API) of the information handling system firmware, signed based at least on information associated with a certificate signed by a certificate authority; may determine that the signing authority is authorized for the request for utilization of the information handling system firmware API; may determine that the signing authority is authorized for the request for utilization of the information handling system firmware API on a platform model of the information handling system; may determine that the certificate is not on a certificate revocation list; and may permit utilization of the information handling system firmware API.
    Type: Grant
    Filed: April 27, 2018
    Date of Patent: July 14, 2020
    Assignee: Dell Products L.P.
    Inventors: Marshal F. Savage, Jason Matthew Young
  • Patent number: 10684666
    Abstract: Methods, systems, and computer programs encoded on computer storage medium, for identifying a power event of a chassis system; in response to identifying the power event, negotiating between a first and a second enclosure controller (EC) to place the one of the ECs in an active state, wherein the first and the second EC are redundant; in response to placing one of the ECs in the active state, performing, by a chassis orchestration engine, a sequence of actions, including: determining, by coordinating with a first daemon, whether a condition is present that would prevent safe activation of a power supply unit, activating, by coordinating with a second daemon, the power supply unit of the chassis system, activating, by coordinating with a third daemon, a cooling system of the chassis system after performing the sequence of actions, providing a signal to components indicating the active state of the first EC.
    Type: Grant
    Filed: September 11, 2018
    Date of Patent: June 16, 2020
    Assignee: Dell Products L.P.
    Inventors: Michael Emery Brown, Jitendra Gul Jagasia, Marshal F. Savage
  • Publication number: 20200177567
    Abstract: Methods and systems for account authentication in a distributed computing node group may involve sending a message to a member, the message having a first timestamp, increasing an authentication failure count, receiving a first key-exchange message from the member, the first key-exchange message having a second timestamp, evaluating the second timestamp, and determining whether to ignore the first key-exchange message based on an evaluation of the second timestamp. The first timestamp may be associated with a message received from the member prior to sending the message with the first timestamp to the member. The first key-exchange message may include a value computed by the member based on a group passcode shared with the member. The evaluation of the second timestamp may be based on at least one of a default value, the authentication failure count, or a timestamp associated with the group passcode.
    Type: Application
    Filed: February 6, 2020
    Publication date: June 4, 2020
    Inventors: YEE JA, MARSHAL F. SAVAGE, CYRIL JOSE
  • Publication number: 20200143059
    Abstract: Methods, systems, and computer programs encoded on computer storage medium, for verifying, by a mask ROM of a CPU of a first computing device and with fused keys included by the CPU, a boot loader that is included by a flash memory of the first computing device, in response to verifying the boot loader, verifying, by the boot loader and with boot loader keys included by the flash memory, a kernel included by the a memory device of the first computing device, in response to verifying the kernel, decrypting, by the kernel using a hidden root key (HRK) included by the CPU of the first computing device, a device unique certification (DUC) included by the flash memory, in response to decrypting the DUC, generating, by the first computing device, a proof-of-possession of the DUC.
    Type: Application
    Filed: November 1, 2018
    Publication date: May 7, 2020
    Inventors: Michael Emery Brown, Josh M. Pennell, Jacob R. Hutcheson, Marshal F. Savage, Nikhil Swarnakumar, Rhushabh Bhandari
  • Publication number: 20200134185
    Abstract: In one or more embodiments, one or more systems, methods, and/or process may allow a customer to install and boot their own firmware securely, without compromising secure boot. A baseboard management controller (BMC) may include a BMC firmware stored via a BMC partition of a non-volatile storage, a customer firmware image including a customer firmware and a signed customer boot block (CBB) file including a CBB, a hidden root key (HRK) hash of the CBB based on a HRK, and a manufacturer signature. The BMC firmware may, when an alternate path to boot the CBB is detected, verify the manufacturer signature on the CBB and the HRK hash, verify the HRK hash based on the unique HRK, and when the manufacturer signature and the HRK hash have been verified, hardware lock the BMC partition, disable the HRK, and transfer control to the CBB.
    Type: Application
    Filed: October 26, 2018
    Publication date: April 30, 2020
    Inventors: Eugene David Cho, Michael Emery Brown, Marshal F. Savage
  • Patent number: 10623178
    Abstract: Methods and systems for secure messaging may involve receiving an encrypted message from a node, decrypting the message using a default key, sending a message, rotating a group key, and distributing a key rotation message. The message received may be to discover a master of a group. The message sent may welcome the node into the group as a member. The welcome message may be encrypted with the default key and may include information to determine the group key. The group key may be rotated based on an expiration of a group key rotation window. The group key may become a prior group key and the rotated group key may be a current group key. The key rotation message may be encrypted with one of the default key or the prior group key and may include information to determine the current group key.
    Type: Grant
    Filed: July 15, 2016
    Date of Patent: April 14, 2020
    Assignee: Dell Products L.P.
    Inventors: Marshal F. Savage, Cyril Jose
  • Patent number: 10594671
    Abstract: Methods and systems for account authentication in a distributed computing node group may involve sending a message to a member, the message having a first timestamp, increasing an authentication failure count, receiving a first key-exchange message from the member, the first key-exchange message having a second timestamp, evaluating the second timestamp, and determining whether to ignore the first key-exchange message based on an evaluation of the second timestamp. The first timestamp may be associated with a message received from the member prior to sending the message with the first timestamp to the member. The first key-exchange message may include a value computed by the member based on a group passcode shared with the member. The evaluation of the second timestamp may be based on at least one of a default value, the authentication failure count, or a timestamp associated with the group passcode.
    Type: Grant
    Filed: February 8, 2018
    Date of Patent: March 17, 2020
    Assignee: Dell Products L.P.
    Inventors: Yee Ja, Marshal F. Savage, Cyril Jose
  • Publication number: 20200081514
    Abstract: A method may include, in a chassis configured to provide a common hardware infrastructure to one or more modular information handling systems inserted into the chassis: determining if a save operation is occurring at a time when one or more power supply units are capable of delivering power to the chassis; and delaying power sequencing of the one or more power supply units until the save operation has completed.
    Type: Application
    Filed: September 11, 2018
    Publication date: March 12, 2020
    Applicant: Dell Products L.P.
    Inventors: Michael E. BROWN, Marshal F. SAVAGE, Aaron M. RHINEHART, Kyle E. CROSS, Michael W. DANIELE, Jitendra G. JAGASIA
  • Publication number: 20200081511
    Abstract: Methods, systems, and computer programs encoded on computer storage medium, for identifying a power event of a chassis system; in response to identifying the power event, negotiating between a first and a second enclosure controller (EC) to place the one of the ECs in an active state, wherein the first and the second EC are redundant; in response to placing one of the ECs in the active state, performing, by a chassis orchestration engine, a sequence of actions, including: determining, by coordinating with a first daemon, whether a condition is present that would prevent safe activation of a power supply unit, activating, by coordinating with a second daemon, the power supply unit of the chassis system, activating, by coordinating with a third daemon, a cooling system of the chassis system after performing the sequence of actions, providing a signal to components indicating the active state of the first EC.
    Type: Application
    Filed: September 11, 2018
    Publication date: March 12, 2020
    Inventors: Michael Emery Brown, Jitendra Gul Jagasia, Marshal F. Savage
  • Patent number: 10534936
    Abstract: An information handling system includes a processor and a baseboard management controller (BMC). The BMC receives a secure copy protocol (SCP) file including configuration information for the processor, determines whether the BMC is in a lockdown mode in response to receiving the SCP file, and applies the configuration information to change a configuration of the processor in response to determining that the information handling system is not in the lockdown mode.
    Type: Grant
    Filed: August 30, 2017
    Date of Patent: January 14, 2020
    Assignee: Dell Products, LP
    Inventors: Jason M. Young, Marshal F. Savage