US 12,277,228 B2
Computing devices with secure boot operations
Yeluri Raghuram, Sunnyvale, CA (US); Susanne M. Balle, Hudson, NH (US); Nigel Thomas Cook, Boulder, CO (US); and Kapil Sood, Portland, OR (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Jul. 18, 2023, as Appl. No. 18/223,399.
Application 16/433,709 is a division of application No. 15/060,844, filed on Mar. 4, 2016, granted, now 10,339,317, issued on Jul. 2, 2019.
Application 18/223,399 is a continuation of application No. 17/496,146, filed on Oct. 7, 2021, granted, now 11,748,486.
Application 17/496,146 is a continuation of application No. 16/433,709, filed on Jun. 6, 2019, granted, now 11,604,882, issued on Mar. 4, 2023.
Claims priority of provisional application 62/269,666, filed on Dec. 18, 2015.
Prior Publication US 2023/0359743 A1, Nov. 9, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/57 (2013.01); G06F 21/00 (2013.01); G06F 21/53 (2013.01); G06F 21/71 (2013.01); H04L 9/08 (2006.01)
CPC G06F 21/575 (2013.01) [G06F 21/53 (2013.01); G06F 21/71 (2013.01); H04L 9/0822 (2013.01); H04L 9/0894 (2013.01); G06F 21/00 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A server system configured to be used with at least one remote cloud-based computer system and management-related circuitry, the server system comprising:
storage hardware associated with at least one encryption key (EK) that is encrypted with at least one key encryption key (KEK), the storage hardware configured to store data, encrypted based upon the at least one EK;
a hardware circuit configured to decrypt/encrypt, based upon the at least one EK, one or more respective portions of the data as the one or more respective portions of the data are read from and written to, respectively, the storage hardware, the one or more respective portions of the data comprising at least one portion of operating system code; and
computing hardware configured to execute at least one boot operation based upon the at least one portion of the operating system code read from the storage hardware;
wherein:
the server system and/or the at least one remote cloud-based computer system are configured to enable, via at least one application programming interface, monitoring and/or managing of the server system and/or the at least one remote cloud-based computer system via the management-related circuitry; and
the management-related circuitry is remote, at least in part, from the server system.