Abstract: Various embodiments provide methods for validating secure assembly and delivery of an IHS (Information Handling System) by confirming that the detected hardware components of the IHS include only factory installed hardware components. During factory provisioning of an IHS, an inventory certificate is uploaded to the IHS, where the inventory certificate includes an inventory that identifies the hardware components installed during factory assembly of the IHS. An inventory is collected of the detected hardware components of the IHS. The collected inventory is compared against the inventory from the inventory certificate in order to validate the detected hardware components of the IHS as the same hardware components that were installed during factory assembly of the IHS. Embodiments provide a customer receiving an IHS with a capability of validating that a delivered IHS includes only factory installed hardware components.

Abstract: Various embodiments provide methods for validating hardware modifications of an IHS (Information Handling System) by confirming that a hardware modification corresponds to a hardware component supplied for installation in the IHS by a trusted entity. During factory provisioning of an IHS, an inventory certificate that specifies the factory installed IHS hardware is uploaded to the IHS and is also stored for ongoing support of the IHS. Upon a hardware component being supplied for installation in the IHS by a trusted entity, the inventory of the stored inventory certificate is updated to identify the supplied component and the updated certificate is transmitted to the IHS. An inventory of detected hardware components of the IHS is compared against the inventory from the updated inventory certificate in order to validate the detected hardware of the IHS includes the component, supplied by the trusted entity, that is identified in the updated inventory certificate.

Abstract: Embodiments support secure booting of an IHS (Information Handling System) based on validation of the secure assembly and delivery of the IHS. A validation process of the IHS is initialized that delays further booting of the IHS until detected hardware components of the IHS are validated. An inventory certificate is retrieved that was uploaded to the IHS during factory provisioning of the IHS. The inventory certificate includes an inventory that identifies hardware components installed during factory assembly of the IHS. A collected inventory of detected hardware components of the IHS is compared against the inventory from the inventory certificate in order to validate the detected hardware components of the IHS as the same hardware components installed during factory assembly of the IHS. When the comparison validates the detected hardware components of the IHS as only including factory assembled hardware, further booting of the IHS is allowed.

Abstract: Embodiments provide methods for validating secure delivery of an IHS (Information Handling System) by confirming that the packages by which the IHS was delivered include only the packages used to ship the IHS from a factory or other trusted entity. During factory provisioning of the IHS, a shipping certificate is uploaded to the IHS, where the certificate includes shipping identifiers that are each associated with a package used to ship the IHS. Upon receiving packages by which the IHS has been shipped, shipping identifiers, such as bar codes and RFID codes, are collected from the received packages. The shipping identifiers collected from the received packages are compared against the shipping identifiers from the shipping certificate in order to validate the plurality of received packages as the same packages that were used to ship the IHS.

Abstract: Embodiments validate the secure assembly and delivery of IHSs (Information Handling Systems) that are installed in a shared chassis, such as two 1RU (rack unit) servers installed in a shared 2RU chassis. An inventory certificate is retrieved that was uploaded to a first IHS of the IHSs installed in the shared chassis during factory provisioning of the first IHS. The inventory certificate specifies factory installed hardware components installed in each of the IHSs of the shared chassis. A validation process of the first IHS collects an inventory of hardware components detected by each of the IHSs of the shared chassis. The validation process compares the collected inventory of detected hardware components of the IHSs against the factory installed hardware components specified in the inventory certificate in order to validate the detected hardware components as the same hardware components installed during factory assembly of each of the IHSs.

Abstract: Embodiments support remote validation of the secure assembly and delivery of an IHS (Information Handling System). A validation process of the IHS initiates a remote management connection with a remote management console. The remote management console retrieves an inventory certificate generated during factory provisioning of the IHS and stored to the IHS and/or to a remote location. The inventory certificate includes an inventory identifying a plurality of hardware components installed during factory assembly of the IHS. The remote management console retrieves an inventory of detected hardware components of the IHS and compares the inventory of detected hardware components against the inventory from the inventory certificate in order to validate the detected hardware components of the IHS as the same hardware components installed during factory assembly of the IHS.

Abstract: A method for verifying licenses is performed by a legacy management controller (LMC) and a non-legacy management controller (NLMC). The method includes obtaining, by the LMC, a first license installation request and a license, wherein the license comprises license data and a plurality of signatures; in response to the first license installation request: making a first determination, by the LMC, that a first signature of the plurality of signatures is valid; in response to the first determination: installing, by the LMC, the license on the LMC; obtaining, by the NLMC, a second license installation request and the license; in response to the second license installation request: making a second determination, by the NLMC, that a second signature of the plurality of signatures is valid; and in response to the second determination: installing, by the NLMC, the license on the NLMC.

Abstract: A portable information handling system having an NFC device obtains identifier information from information handling systems through NFC and applies the identifier information to obtain license keys for applications stored on the information handling system from a license server through a network interface. NFC transfer of license keys in a secure environment, such as to server information handling system management controller in a data center, provides the convenience of public license servers without the security risk of an open public network access to the management controller.

Abstract: A system for distributing firmware, comprising a group controller operating on a processor and configured to perform an algorithmic process of sending an update task with a download host to one of two or more group members. A group member operating on a processor and configured to perform an algorithmic process of receiving the update task with the download host and to request a payload file from the download host.

Abstract: Methods and systems for access in a management controller group hierarchy may involve receiving a request for a user at an information handling system, determining whether a link of trust is established, and validating the single sign-on request. The request may be to authenticate the user for access using a single sign-on token. Determination of whether the link of trust is established may be based on an initial login location stored in the single sign-on token. Validation of the single sign-on token may be based on a determination that the link of trust is established.

Abstract: A system for transmitting data is disclosed that includes a file distribution system operating on a processor that is configured to identify one or more files for distribution to a device, forward error correction data for the one or more files, and a cryptographic key associated with the device. A Merkle tree system operating on the processor is configured to receive the forward error correction data and to generate an encrypted root hash. A data transmission system operating on the processor is configured to transmit the one or more files and the encrypted root hash to a predetermined device.

Abstract: A method may include, in a chassis configured to provide a common hardware infrastructure to one or more modular information handling systems inserted into the chassis: determining if a save operation is occurring at a time when one or more power supply units are capable of delivering power to the chassis; and delaying power sequencing of the one or more power supply units until the save operation has completed.

Abstract: In one or more embodiments, one or more systems, methods, and/or process may allow a customer to install and boot their own firmware securely, without compromising secure boot. A baseboard management controller (BMC) may include a BMC firmware stored via a BMC partition of a non-volatile storage, a customer firmware image including a customer firmware and a signed customer boot block (CBB) file including a CBB, a hidden root key (HRK) hash of the CBB based on a HRK, and a manufacturer signature. The BMC firmware may, when an alternate path to boot the CBB is detected, verify the manufacturer signature on the CBB and the HRK hash, verify the HRK hash based on the unique HRK, and when the manufacturer signature and the HRK hash have been verified, hardware lock the BMC partition, disable the HRK, and transfer control to the CBB.

Abstract: A system for distributing firmware, comprising a group controller operating on a processor and configured to perform an algorithmic process of sending an update task with a download host to one of two or more group members. A group member operating on a processor and configured to perform an algorithmic process of receiving the update task with the download host and to request a payload file from the download host.

Abstract: A method includes generating a secure management mode public-private key pair; generating a certificate signing request, the certificate signing request including the secure management mode public key of the secure management mode public-private key pair, the certificate signing request including a common name associated with a trusted root certificate authority; sending the secure management mode certificate signing request to a signing server; receiving a signed certificate signed by a factory certificate authority, a public key certificate for the factory certificate authority, and a trust chain signed by the trusted root certificate authority; validating the signed certificate; and enabling a secure management mode.

Abstract: A method includes generating a secure management mode public-private key pair; generating a certificate signing request, the certificate signing request including the secure management mode public key of the secure management mode public-private key pair, the certificate signing request including a common name associated with a trusted root certificate authority; sending the secure management mode certificate signing request to a signing server; receiving a signed certificate signed by a factory certificate authority, a public key certificate for the factory certificate authority, and a trust chain signed by the trusted root certificate authority; validating the signed certificate; and enabling a secure management mode.

Abstract: Methods, systems, and computer programs encoded on computer storage medium, for verifying, by a mask ROM of a CPU of a first computing device and with fused keys included by the CPU, a boot loader that is included by a flash memory of the first computing device, in response to verifying the boot loader, verifying, by the boot loader and with boot loader keys included by the flash memory, a kernel included by the a memory device of the first computing device, in response to verifying the kernel, decrypting, by the kernel using a hidden root key (HRK) included by the CPU of the first computing device, a device unique certification (DUC) included by the flash memory, in response to decrypting the DUC, generating, by the first computing device, a proof-of-possession of the DUC.

Abstract: A system for distributing firmware, comprising a group controller operating on a processor and configured to perform an algorithmic process of sending an update task with a download host to one of two or more group members. A group member operating on a processor and configured to perform an algorithmic process of receiving the update task with the download host and to request a payload file from the download host.

Abstract: A method may include determining if both of two redundant operating system images for executing functionality of a chassis management controller were found during one or more previous boot sessions of the chassis management controller to be unsecure, wherein each operating system image comprises an integrated kernel and initial file root system stored in a respective first partition of a memory of the chassis management controller, verity hashes of a root file system of such operating system image, the verity hashes stored in a respective second partition of the memory, and the root file system of such operating system image stored in a respective third partition of the memory. The method may also include, in response to determining that one of the two redundant operating system images is secure, initiate verification of such operating system image to determine if such operating system image has indicia of tampering.

Abstract: A server receives an event notification indicating an opening of a drive drawer, and retrieves a timing parameter associated with a timer that counts a time from the receiving of the event notification by the server indicating the opening of the drive drawer. The server may generate a visual alert that alerts of the opening of the drive drawer, and display a current value indicating the time since the receiving of the event notification.