JP7723236B2 - ソフトウェア更新のための認証キーの制御範囲 - Google Patents

ソフトウェア更新のための認証キーの制御範囲

Info

Publication number
JP7723236B2
JP7723236B2 JP2022569070A JP2022569070A JP7723236B2 JP 7723236 B2 JP7723236 B2 JP 7723236B2 JP 2022569070 A JP2022569070 A JP 2022569070A JP 2022569070 A JP2022569070 A JP 2022569070A JP 7723236 B2 JP7723236 B2 JP 7723236B2
Authority
JP
Japan
Prior art keywords
certificate
version
update
software update
comparison
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2022569070A
Other languages
English (en)
Japanese (ja)
Other versions
JP2023525576A (ja
JP2023525576A5 (https=
Inventor
チェルチェス バラク
シエリー ジーン ペーターズ エリック
Original Assignee
テキサス インスツルメンツ インコーポレイテッド
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by テキサス インスツルメンツ インコーポレイテッド filed Critical テキサス インスツルメンツ インコーポレイテッド
Publication of JP2023525576A publication Critical patent/JP2023525576A/ja
Publication of JP2023525576A5 publication Critical patent/JP2023525576A5/ja
Application granted granted Critical
Publication of JP7723236B2 publication Critical patent/JP7723236B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • G06F21/335User authentication using certificates for accessing specific resources, e.g. using Kerberos tickets
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/654Updates using techniques specially adapted for alterable solid state memories, e.g. for EEPROM or flash memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Stored Programmes (AREA)
JP2022569070A 2020-05-14 2021-05-13 ソフトウェア更新のための認証キーの制御範囲 Active JP7723236B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/931,794 2020-05-14
US15/931,794 US11681513B2 (en) 2020-05-14 2020-05-14 Controlled scope of authentication key for software update
PCT/US2021/032175 WO2021231686A1 (en) 2020-05-14 2021-05-13 Controlled scope of authentication key for software update

Publications (3)

Publication Number Publication Date
JP2023525576A JP2023525576A (ja) 2023-06-16
JP2023525576A5 JP2023525576A5 (https=) 2024-05-08
JP7723236B2 true JP7723236B2 (ja) 2025-08-14

Family

ID=78513413

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2022569070A Active JP7723236B2 (ja) 2020-05-14 2021-05-13 ソフトウェア更新のための認証キーの制御範囲

Country Status (5)

Country Link
US (1) US11681513B2 (https=)
EP (1) EP4150444A4 (https=)
JP (1) JP7723236B2 (https=)
CN (1) CN115516420A (https=)
WO (1) WO2021231686A1 (https=)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220058270A1 (en) * 2020-08-21 2022-02-24 Arm Limited System, devices and/or processes for delegation of cryptographic control of firmware authorization management
US12536306B2 (en) 2020-08-21 2026-01-27 Arm Limited System, devices and/or processes for system ownership change event
US20220078033A1 (en) * 2020-09-04 2022-03-10 Cohesity, Inc. Certificate management
US12039318B2 (en) * 2020-10-26 2024-07-16 Micron Technology, Inc. Endpoint customization via online firmware store
US12081537B2 (en) * 2022-01-21 2024-09-03 VMware LLC Secure inter-application communication with unmanaged applications using certificate enrollment
CN115993985B (zh) * 2022-12-27 2025-08-19 知行汽车科技(苏州)股份有限公司 Bootloader更新方法、装置、设备及介质
US20250117209A1 (en) * 2023-10-10 2025-04-10 Micron Technology, Inc. Firmware validation for firmware updates

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008521266A (ja) 2004-11-17 2008-06-19 テレフオンアクチーボラゲット エル エム エリクソン(パブル) モバイル端末内の設定パラメータの更新方法
JP2008181228A (ja) 2007-01-23 2008-08-07 Sony Corp 管理システムおよび管理方法、端末装置、管理サーバ、並びにプログラム
JP2020021270A (ja) 2018-07-31 2020-02-06 日本電信電話株式会社 情報処理装置、検証方法および検証プログラム

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6223291B1 (en) * 1999-03-26 2001-04-24 Motorola, Inc. Secure wireless electronic-commerce system with digital product certificates and digital license certificates
US6976163B1 (en) 2000-07-12 2005-12-13 International Business Machines Corporation Methods, systems and computer program products for rule based firmware updates utilizing certificate extensions and certificates for use therein
US20030196096A1 (en) 2002-04-12 2003-10-16 Sutton James A. Microcode patch authentication
US20050154889A1 (en) * 2004-01-08 2005-07-14 International Business Machines Corporation Method and system for a flexible lightweight public-key-based mechanism for the GSS protocol
JP4227641B2 (ja) * 2006-11-20 2009-02-18 キヤノン株式会社 情報処理装置及び情報処理装置の制御方法
US9280337B2 (en) 2006-12-18 2016-03-08 Adobe Systems Incorporated Secured distribution of software updates
WO2009044533A1 (ja) 2007-10-05 2009-04-09 Panasonic Corporation セキュアブート端末、セキュアブート方法、セキュアブートプログラム、記録媒体及び集積回路
US8484474B2 (en) * 2010-07-01 2013-07-09 Rockwell Automation Technologies, Inc. Methods for firmware signature
US9058504B1 (en) * 2013-05-21 2015-06-16 Malwarebytes Corporation Anti-malware digital-signature verification
JP6595822B2 (ja) * 2015-07-07 2019-10-23 キヤノン株式会社 情報処理装置及びその制御方法
DE102015214696A1 (de) * 2015-07-31 2017-02-02 Siemens Aktiengesellschaft Vorrichtung und Verfahren zum Verwenden eines Kunden-Geräte-Zertifikats auf einem Gerät
GB2543096A (en) * 2015-10-09 2017-04-12 Secure Thingz Ltd Data Processing Device
US10958435B2 (en) * 2015-12-21 2021-03-23 Electro Industries/ Gauge Tech Providing security in an intelligent electronic device
US11061660B2 (en) * 2017-06-07 2021-07-13 Huawei Technologies Co., Ltd. Method for authenticating and updating EUICC firmware version and related apparatus
US20190108009A1 (en) * 2017-10-05 2019-04-11 Harman International Industries, Incorporated Generating checksums on trusted storage devices for accelerated authentication
EP3489853B1 (en) * 2017-11-27 2021-02-24 Schneider Electric Industries SAS A method for providing a firmware update of a device
US11301569B2 (en) * 2019-03-07 2022-04-12 Lookout, Inc. Quarantine of software based on analysis of updated device data
KR20220071182A (ko) * 2019-09-27 2022-05-31 인텔 코포레이션 소프트웨어 정의된 실리콘 구현 및 관리

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008521266A (ja) 2004-11-17 2008-06-19 テレフオンアクチーボラゲット エル エム エリクソン(パブル) モバイル端末内の設定パラメータの更新方法
JP2008181228A (ja) 2007-01-23 2008-08-07 Sony Corp 管理システムおよび管理方法、端末装置、管理サーバ、並びにプログラム
JP2020021270A (ja) 2018-07-31 2020-02-06 日本電信電話株式会社 情報処理装置、検証方法および検証プログラム

Also Published As

Publication number Publication date
CN115516420A (zh) 2022-12-23
WO2021231686A1 (en) 2021-11-18
EP4150444A4 (en) 2023-11-01
US11681513B2 (en) 2023-06-20
US20210357198A1 (en) 2021-11-18
JP2023525576A (ja) 2023-06-16
EP4150444A1 (en) 2023-03-22

Similar Documents

Publication Publication Date Title
JP7723236B2 (ja) ソフトウェア更新のための認証キーの制御範囲
US11388012B2 (en) Application certificate
CN102171652B (zh) 为电子装置提供可信软件的方法
US9542558B2 (en) Secure factory data generation and restoration
US10164963B2 (en) Enforcing server authentication based on a hardware token
CN103166759B (zh) 使用诊断链路连接器(dlc)和onstar系统的用于安全固件下载的方法和装置
JP6371919B2 (ja) セキュアなソフトウェアの認証と検証
US11977637B2 (en) Technique for authentication and prerequisite checks for software updates
US20140075517A1 (en) Authorization scheme to enable special privilege mode in a secure electronic control unit
CN116711264A (zh) 保护边缘设备信任分数的方法
CN114117551B (zh) 一种访问验证方法及装置
KR20170133463A (ko) 피어 투 피어 증명
CN109995712B (zh) 数据加解密方法、装置、设备及介质
CN109862099B (zh) 一种升级校验方法、装置、终端及系统
CN103679005A (zh) 启用安全电子控制单元的开发模式的方法
CN120653284A (zh) 快充设备的固件更新方法、程序、快充设备及存储介质
US9652599B2 (en) Restricted code signing
US10621335B2 (en) Method and device for verifying security of application
CN117579331A (zh) 远程证明方法、装置、电子设备及存储介质
CN114329358A (zh) 应用签名方法、系统、交易终端及服务平台
CN109977662A (zh) 应用程序的处理方法、装置、终端及存储介质
CN112579125A (zh) 一种固件升级方法、装置、电子设备和存储介质
CN107968764B (zh) 一种认证方法及装置
US12547773B2 (en) Utilizing hardware tokens in conjunction with HSM for code signing
CN105790931B (zh) 一种密钥分发方法、网络设备、终端设备及系统

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20240423

A625 Written request for application examination (by other person)

Free format text: JAPANESE INTERMEDIATE CODE: A625

Effective date: 20240423

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20250217

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20250226

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20250512

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20250702

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20250703

R150 Certificate of patent or registration of utility model

Ref document number: 7723236

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150