US 12,189,542 B2
Technologies for secure device configuration and management
Reshma Lal, Portland, OR (US); Pradeep M. Pappachan, Tualatin, OR (US); Luis Kida, Beaverton, OR (US); Krystof Zmudzinski, Forest Grove, OR (US); Siddhartha Chhabra, Portland, OR (US); Abhishek Basak, Bothell, WA (US); Alpa Narendra Trivedi, Hillsboro, OR (US); Anna Trikalinou, Hillsboro, OR (US); David M. Lee, Portland, OR (US); Vedvyas Shanbhogue, Austin, TX (US); and Utkarsh Y. Kakaiya, Folsom, CA (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Dec. 6, 2021, as Appl. No. 17/543,267.
Application 17/543,267 is a continuation of application No. 16/444,053, filed on Jun. 18, 2019, granted, now 11,416,415.
Claims priority of provisional application 62/687,403, filed on Jun. 20, 2018.
Prior Publication US 2022/0091998 A1, Mar. 24, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 12/14 (2006.01); G06F 9/38 (2018.01); G06F 9/455 (2018.01); G06F 12/0802 (2016.01); G06F 21/57 (2013.01); G06F 21/60 (2013.01); G06F 21/64 (2013.01); G06F 21/76 (2013.01); G06F 21/79 (2013.01); H04L 9/06 (2006.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01); H04L 41/046 (2022.01); H04L 41/28 (2022.01)
CPC G06F 12/1408 (2013.01) [G06F 9/3877 (2013.01); G06F 9/45558 (2013.01); G06F 12/0802 (2013.01); G06F 21/57 (2013.01); G06F 21/602 (2013.01); G06F 21/606 (2013.01); G06F 21/64 (2013.01); G06F 21/76 (2013.01); G06F 21/79 (2013.01); H04L 9/0631 (2013.01); H04L 9/0637 (2013.01); H04L 9/083 (2013.01); H04L 9/0838 (2013.01); H04L 9/0844 (2013.01); H04L 9/085 (2013.01); H04L 9/0891 (2013.01); H04L 9/321 (2013.01); H04L 9/3215 (2013.01); H04L 9/3226 (2013.01); H04L 9/3268 (2013.01); H04L 9/3278 (2013.01); H04L 41/046 (2013.01); H04L 41/28 (2013.01); G06F 2009/45591 (2013.01); G06F 2009/45595 (2013.01)] 14 Claims
OG exemplary drawing
 
1. A computing device comprising:
processor circuitry coupled to a memory;
an input/output (I/O) device coupled to the processor circuitry; and
a trusted agent coupled to or hosted by the processor circuitry, the trusted agent to:
authenticate the I/O device;
perform an authenticated key exchange protocol with the I/O device in response to authentication of the I/O device;
verify a device configuration report in response to performance of the authenticated key exchange protocol, wherein the device configuration report is indicative of configuration registers of the I/O device; and
send the device configuration report to a trusted execution environment of the computing device in response to verification of the device configuration report, wherein the trusted execution environment includes a predetermined identify that is known to a trusted firmware component of the computing device.