| CPC G06F 21/572 (2013.01) [G06F 21/44 (2013.01); H04L 9/3247 (2013.01); H04L 9/3265 (2013.01); H04L 9/3268 (2013.01); G06F 2221/033 (2013.01); H04L 9/50 (2022.05)] | 20 Claims |
|
1. A system, comprising:
a computing device comprising a processor and a memory; and
machine-readable instructions stored in the memory which, when executed by the processor, cause the computing device to at least:
send a request to a client device for a status of firmware installed on the client device;
receive, from the client device, a response to the request, the response comprising a status response file generated by a device manufacturer and provided to a firmware utility on the client device and a first exit code generated by the firmware utility on the client device, the status response file comprising at least a certificate, a signature associated with the certificate, and a second exit code generated by the device manufacturer, the first exit code and the second exit code corresponding to a given status of the firmware installed on the client device;
perform a certificate verification based at least in part on the certificate included in the status response file;
perform a signature verification based at least in part on the signature included in the status response file, at least if the certificate verification does not indicate that the status response file has been compromised;
perform an exit code verification based at least in part on at least one of the first exit code generated by the firmware utility or the second exit code included in the status response file, at least if the signature verification does not indicate that the status response file has been compromised;
determine whether the response is untrustworthy, based at least in part on one or more of the certificate verification, the signature verification, and the exit code verification; and
perform a compliance action if the response is determined to be untrustworthy.
|