| CPC G06F 21/44 (2013.01) [H04L 9/3268 (2013.01)] | 18 Claims |
|
1. A method for validating secure assembly and delivery of an IHS (Information Handling System), the method comprising:
initiating, by the IHS, a pre-boot operating environment comprising a validation process that operates prior to booting an operating system of the IHS;
retrieving, by the validation process of the IHS, an inventory certificate uploaded to the IHS during factory provisioning of the IHS, wherein the inventory certificate includes a signed inventory identifying a plurality of hardware components installed during factory assembly of the IHS, wherein the inventory certificate is uploaded to a non-removeable, persistent memory of the IHS during the factory provisioning of the IHS, and wherein the inventory certificate is a public key identity certificate generated in response to a CSR (Certificate Signing Request) generated by the IHS during the factory provisioning of the IHS;
utilizing, by the validation process of the IHS, a public key included in the inventory certificate to validate the signed inventory was cryptographically signed by the IHS;
collecting, by the validation process of the IHS, an inventory of detected hardware components of the IHS; and
comparing, by the validation process of the IHS, the collected inventory of detected hardware components against the signed inventory from the inventory certificate uploaded to the IHS during factory provisioning of the IHS in order to validate the detected hardware components of the IHS as the same hardware components installed during factory assembly of the IHS.
|