US 12,457,098 B2
SPDM-based firmware protection system and method
Shinose Abdul Rahiman, Bangalore (IN); Rama Rao Bisa, Bangalore (IN); Dharma Bhushan Ramaiah, Bangalore (IN); Vineeth Radhakrishnan, Palakkad (IN); and Mini Thottunkal Thankappan, Bangalore (IN)
Assigned to Dell Products, L.P., Round Rock, TX (US)
Filed by Dell Products, L.P., Round Rock, TX (US)
Filed on Feb. 24, 2023, as Appl. No. 18/174,137.
Prior Publication US 2024/0291636 A1, Aug. 29, 2024
Int. Cl. H04L 9/08 (2006.01); H04L 9/32 (2006.01)
CPC H04L 9/0825 (2013.01) [H04L 9/0869 (2013.01); H04L 9/3263 (2013.01)] 19 Claims
OG exemplary drawing
 
1. An Information Handling System (IHS) comprising:
a Security Protocol and Data Model (SPDM)-enabled device conforming to a SPDM specification; and
at least one memory coupled to at least one processor, the at least one memory having
program instructions stored thereon that, upon execution by the at least one processor, cause the IHS to:
receive, from a requesting device, a request to update the SPDM-enabled device
with a software package;
obtain the software package from an online portal;
encrypt the software package with an encryption key;
encrypt the encryption key with a device identity certificate of the requesting device; and
send the encrypted software package and encrypted encryption key to the requesting device;
wherein the request includes the device identity certificate, and wherein the device identity certificate conforms to a data structure as specified by the SPDM specification.