-
公开(公告)号:US20220129389A1
公开(公告)日:2022-04-28
申请号:US17485166
申请日:2021-09-24
Applicant: Micron Technology, Inc.
Inventor: Jeffrey Charles Shiner , Lance W. Dover , Olivier Duval
Abstract: A security server to provide security services over a computer network based on security features of memory devices connected to host systems. For example, the security features of a memory device can include a unique device secret, a cryptographic engine, and an access controller to implement access privileges represented by cryptographic keys. After receiving identity data that is generated by the memory device and represented by a cryptographic key, the security server can determine authenticity of the memory device based on its copy of the unique device secret of the memory device. The security server can generate a verification code for a command and cause the command and the verification code to be communicated to the memory device, where the access controller of the memory device validates the verification code in determining whether to block execution of the command in the memory device.
-
公开(公告)号:US20220129259A1
公开(公告)日:2022-04-28
申请号:US17485201
申请日:2021-09-24
Applicant: Micron Technology, Inc.
Inventor: Jeffrey Charles Shiner , Lance W. Dover , Olivier Duval
Abstract: A server system to customize firmware of an endpoint via an online firmware store in connection with validating authenticity of the endpoint. For example, a customized version of firmware can be ordered for the endpoint prior to the use of the endpoint. After receiving a request having identity data generated by a memory device configured in the endpoint, the server system can determine, based on a secret of the memory device, the authenticity of the endpoint having the current firmware. An update to firmware stored in the memory device and executed in the endpoint to generate the request is identified. The server system generates a verification code for a command executable in the memory device to perform the update. After receiving the command and the verification code, the memory device validates the verification code to determine whether to execute the command for firmware update.
-
公开(公告)号:US11294582B2
公开(公告)日:2022-04-05
申请号:US17014203
申请日:2020-09-08
Applicant: Micron Technology, Inc.
Inventor: Lance W. Dover
IPC: G06F3/06
Abstract: The disclosed embodiments are related to securely updating a semiconductor device. In one embodiment, a method comprises receiving a command; generating, by the semiconductor device, a response code in response to the command; returning the response code to a processing device; receiving a command to replace a storage root key of the device; generating a replacement key based on the response code; and replacing an existing key with the replacement key.
-
公开(公告)号:US20210200631A1
公开(公告)日:2021-07-01
申请号:US17014771
申请日:2020-09-08
Applicant: Micron Technology, Inc.
Inventor: David Aaron Palmer , Nadav Grosz , Lance W. Dover , Yoav Weinberg
Abstract: A storage device includes a memory storage region and a controller having a processor. The processor retrieves user data from the memory storage region using a physical block address corresponding to a logical block address (LBA), in response to a read command. The retrieved user data includes a first hash received through a host interface in a prior host data transmission. The processor further performs error correction on the user data to generate error-corrected user data. The processor further causes a cryptographic engine to produce a second hash of the error-corrected user data. The first hash is compared to the second hash associated with the error-corrected user data to determine a match result. A notification is generated in response to the match result.
-
公开(公告)号:US10560263B2
公开(公告)日:2020-02-11
申请号:US15692802
申请日:2017-08-31
Applicant: Micron Technology, Inc.
Inventor: Lance W. Dover
Abstract: Various examples are directed to secure memory arrangements and methods of using the same. A gateway device of the secure computing system may receiving a first message from an external system. The first message may comprise a first message payload data and first asymmetric access data. The gateway device may determine that the first asymmetric access data matches the first message payload data based at least in part on an external system public key. The gateway device may access a first system controller symmetric key associated with a first system controller in communication with the gateway device and generate a first symmetric access data based at least in part on the first system controller symmetric key and the first message payload data. The gateway device may send the first message payload data and the first symmetric access data to the first system controller.
-
Patent Agency Ranking
公开(公告)号:US12256016B2
公开(公告)日:2025-03-18
申请号:US17150840
申请日:2021-01-15
Applicant: Micron Technology, Inc.
Inventor: Lance W. Dover
IPC: H04L9/32 , G06F3/06 , H04L9/08 , H04L67/01 , H04L67/141
Abstract: A system, method and apparatus to control memory devices over computer networks. For example, a server system establishes a secure authenticated connection with a client computer system. Over the connection, the server receives from the client computer system a request identifying a memory device and determine, based on data stored in the server system, that the client computer system is eligible to control the memory device. In response to a request from the client computer system, the server system generates a digital signature for a command using at least a cryptographic key stored in the server system in association with the memory device. The client computer system receives the digital signature from the server system and submits the command with the digital signature to the memory device. The memory device validates the digital signature prior to execution of the command.
-
公开(公告)号:US20240361950A1
公开(公告)日:2024-10-31
申请号:US18660070
申请日:2024-05-09
Applicant: Micron Technology, Inc.
Inventor: Aaron P. Boehm , Steffen Buch , Lance W. Dover
IPC: G06F3/06
CPC classification number: G06F3/0655 , G06F3/0623 , G06F3/0679
Abstract: Methods, systems, and devices for host verification for a memory device are described. A memory device may receive a first value from a host device that is associated with an identification of the host device after an event. The memory device may transmit a second value to the host device that is based on the first value and comprises a random set of bits. The memory device may receive from the host device data or a command that comprises an encrypted third value that is based at least in part on the second value and a secret shared between the host device and the memory device. The memory device may also enable a functionality of the memory device based on the encrypted third value.
-
68.发明授权公开(公告)号:US12088581B2
公开(公告)日:2024-09-10
申请号:US17745699
申请日:2022-05-16
Applicant: Micron Technology, Inc.
Inventor: Jeffrey Charles Shiner , Lance W. Dover
CPC classification number: H04L63/083 , H04L9/14
Abstract: A security server to validate identity data of computing devices having secure memory devices and track activities of components in the computing devices. The server system is configured to store data representative of a unique device secret sealed in the memory device. The server system can generate a first cryptographic key independently from the memory device generating a second cryptographic key. The memory device uses the second cryptographic key to generate identity data including a message and a verification code generated via cryptographic operations combining the message and the second cryptographic key. The server system can use the first cryptographic key to determine whether the verification code is valid for the message. If so, the security server can generate an activity record associating the activity of the computing device with identifications of respective components of the computing device confirmed via validation of the identity data.
-
公开(公告)号:US12075520B2
公开(公告)日:2024-08-27
申请号:US17485188
申请日:2021-09-24
Applicant: Micron Technology, Inc.
Inventor: Jeffrey Charles Shiner , Lance W. Dover , Olivier Duval
Abstract: A server system to onboard an endpoint having a host system connected to a host interface of a memory device for a cloud service without prior customization of the endpoint to identify an account for accessing the cloud service. For example, after receiving a request associated with the service and containing identity data generated by the memory device, the server system determines authenticity of the memory device and the endpoint based on a secret of the memory device and the identity data. In response to the request, the server system further identifies, based on the identity data, a subscriber among a plurality of subscribers based on ownership data of the endpoint. As a result of the identifying of the subscriber based on the identity data, the server system determines an account of the subscriber to provide the service to the endpoint based on the account.
-
公开(公告)号:US20240267208A1
公开(公告)日:2024-08-08
申请号:US18640412
申请日:2024-04-19
Applicant: Micron Technology, Inc.
Inventor: Zhan Liu , Lance W. Dover
IPC: H04L9/08 , H04L61/5007 , H04L101/622
CPC classification number: H04L9/0841 , H04L9/0825 , H04L9/0861 , H04L61/5007 , H04L2101/622
Abstract: Disclosed are methods for encrypting communications with a remote endpoint via a memory device. In one embodiment, a memory device is configured to receive, from the application, a request to establish a communications session with a remote computing device, establish a shared symmetric key, the shared symmetric key shared between the memory device and the remote computing device, receive a message from the application, the message including an identifier of the remote computing device and a payload, generate a ciphertext using the symmetric key and the payload, and return the ciphertext to the application.
-
-
-
-
-
-
-
-
-
Search Results
82
records
(took 0.023 seconds)
