| CPC H04L 9/3265 (2013.01) [H04L 9/0819 (2013.01); H04L 9/3247 (2013.01)] | 20 Claims |
|
1. A method for managing operation of a data processing system, the method comprising:
obtaining, by the data processing system, a key with authority over the data processing system, the key being obtained from an ownership voucher received by the data processing system during a secure onboarding of the data processing system;
obtaining, by the data processing system and after completion of the secure onboarding, a command, the command specifying a change in operation of the data processing system, the command being allegedly signed by an entity with the authority over the data processing system;
making, by the data processing system, a determination regarding whether the command is verifiable using the key and a chain of certificates from the ownership voucher, the chain of certificates defining a chain of trust to a root of trust for the data processing system; and
in a first instance of the determination where the command is verifiable, executing, by the data processing system, the command to conform the operation of the data processing system to the change specified by the command.
|