公开(公告)号：US10380007B2

公开(公告)日：2019-08-13

申请号：US14734467

申请日：2015-06-09

Applicant: Certicom Corp.

Inventor： Keelan Smith ,  Richard Gwynn Jones ,  Chinh Khac Nguyen ,  Thomas Rudolf Stiemerling

IPC: G06F11/36 ,  G06F21/00 ,  G06F21/57 ,  G06Q10/06 ,  G06F8/70 ,  G06F9/54 ,  G06Q50/04

Abstract: An asset management system is provided which comprises one or more controllers, which operate as main servers and can be located at the headquarters of an electronic device manufacturer to remotely control their operations at any global location. The controller can communicate remotely over the Internet or other network to control one or more secondary or remote servers, herein referred to as appliances. The appliances can be situated at different manufacturing, testing or distribution sites. The controller and appliances comprise hardware security modules (HSMs) to perform sensitive and high trust computations, store sensitive information such as private keys, perform other cryptographic operations, and establish secure connections between components. The HSMs are used to create secure end-points between the controller and the appliance and between the appliance and the secure point of trust in an asset control core embedded in a device.

公开(公告)号：US09678896B2

公开(公告)日：2017-06-13

申请号：US14922962

申请日：2015-10-26

Applicant: Certicom Corp.

Inventor： Daniel Francis O'Loughlin ,  Keelan Smith ,  Jay Scott Fuller ,  William Lundy Lattin ,  Marinus Struik ,  Yuri Poeluev ,  Matthew John Campagna ,  Thomas Rudolf Stiemerling ,  Wei Cheng Joseph Ku

IPC: G06F21/00 ,  G06F12/14 ,  G06F21/57 ,  G06F21/72 ,  G06F21/73 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  G06F21/12 ,  G06F21/76 ,  G06F21/60 ,  G06F21/80

CPC classification number: G06F12/1408 ,  G06F21/123 ,  G06F21/57 ,  G06F21/606 ,  G06F21/72 ,  G06F21/73 ,  G06F21/76 ,  G06F21/80 ,  G06F2212/1052 ,  G06F2221/2101 ,  H04L9/0877 ,  H04L9/3066 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/24

Abstract: An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session.

公开(公告)号：US09183158B2

公开(公告)日：2015-11-10

申请号：US14141230

申请日：2013-12-26

Applicant: Certicom Corp.

Inventor： Daniel Francis O'Loughlin ,  Keelan Smith ,  Jay Scott Fuller ,  William Lundy Lattin ,  Marinus Struik ,  Yuri Poeluev ,  Matthew John Campagna ,  Thomas Rudolf Stiemerling ,  Weicheng Joseph Ku

IPC: H04L9/00 ,  G06F21/00 ,  G06F12/14 ,  G06F21/57 ,  G06F21/72 ,  G06F21/73 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  G06F21/12 ,  G06F21/76

CPC classification number: G06F12/1408 ,  G06F21/123 ,  G06F21/57 ,  G06F21/606 ,  G06F21/72 ,  G06F21/73 ,  G06F21/76 ,  G06F21/80 ,  G06F2212/1052 ,  G06F2221/2101 ,  H04L9/0877 ,  H04L9/3066 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/24

Abstract: An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session.

Abstract translation: 提供资产管理系统，其中包括作为资产控制核心运行的硬件模块。 资产控制核心通常包括嵌入在目标片上系统中的小型硬件核心，其在硅芯片上建立基于硬件的信任点。 资产控制核心可以作为消费者设备的信任根源，具有使其难以篡改的特征。 资产控制核心能够为一个设备生成唯一的标识符，并通过与设备的安全通信通道参与设备的跟踪和配置。 该设备通常包括一个安全模块，它将配置数据高速缓存并分配给连接到资产控制核心的许多代理之一，例如， 在生产线上或在售后市场的程序设计会议。

公开(公告)号：US20140108825A1

公开(公告)日：2014-04-17

申请号：US14141230

申请日：2013-12-26

Applicant: Certicom Corp.

Inventor： Daniel Francis O'Loughlin ,  Keelan Smith ,  Jay Scott Fuller ,  William Lundy Lattin ,  Marinus Struik ,  Yuri Poeluev ,  Matthew John Campagna ,  Thomas Rudolf Stiemerling ,  Weicheng Joseph Ku

IPC: G06F12/14

CPC classification number: G06F12/1408 ,  G06F21/123 ,  G06F21/57 ,  G06F21/606 ,  G06F21/72 ,  G06F21/73 ,  G06F21/76 ,  G06F21/80 ,  G06F2212/1052 ,  G06F2221/2101 ,  H04L9/0877 ,  H04L9/3066 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/24

Abstract: An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session.

Abstract translation: 提供资产管理系统，其中包括作为资产控制核心运行的硬件模块。 资产控制核心通常包括嵌入在目标片上系统中的小型硬件核心，其在硅芯片上建立基于硬件的信任点。 资产控制核心可以作为消费者设备的信任根源，具有使其难以篡改的特征。 资产控制核心能够为一个设备生成唯一的标识符，并通过与设备的安全通信通道参与设备的跟踪和配置。 该设备通常包括一个安全模块，它将配置数据高速缓存并分配给连接到资产控制核心的许多代理之一，例如， 在生产线上或在售后市场的程序设计会议。

公开(公告)号：US11119905B2

公开(公告)日：2021-09-14

申请号：US16508073

申请日：2019-07-10

Applicant: Certicom Corp.

Inventor： Keelan Smith ,  Richard Gwynn Jones ,  Chinh Khac Nguyen ,  Thomas Rudolf Stiemerling

IPC: G06F11/36 ,  G06F21/00 ,  G06Q10/06 ,  G06Q50/04 ,  G06F21/57 ,  G06F8/70 ,  G06F9/54

Abstract: An asset management system is provided which comprises one or more controllers, which operate as main servers and can be located at the headquarters of an electronic device manufacturer to remotely control their operations at any global location. The controller can communicate remotely over the Internet or other network to control one or more secondary or remote servers, herein referred to as appliances. The appliances can be situated at different manufacturing, testing or distribution sites. The controller and appliances comprise hardware security modules (HSMs) to perform sensitive and high trust computations, store sensitive information such as private keys, perform other cryptographic operations, and establish secure connections between components. The HSMs are used to create secure end-points between the controller and the appliance and between the appliance and the secure point of trust in an asset control core embedded in a device.

公开(公告)号：US20160048462A1

公开(公告)日：2016-02-18

申请号：US14922962

申请日：2015-10-26

Applicant: CERTICOM CORP.

Inventor： Daniel Francis O'Loughlin ,  Keelan Smith ,  Jay Scott Fuller ,  William Lundy Lattin ,  Marinus Struik ,  Yuri Poeluev ,  Matthew John Campagna ,  Thomas Rudolf Stiemerling ,  Wei Cheng Joseph Ku

IPC: G06F12/14 ,  G06F21/60 ,  H04L9/30 ,  G06F21/72 ,  G06F21/80

CPC classification number: G06F12/1408 ,  G06F21/123 ,  G06F21/57 ,  G06F21/606 ,  G06F21/72 ,  G06F21/73 ,  G06F21/76 ,  G06F21/80 ,  G06F2212/1052 ,  G06F2221/2101 ,  H04L9/0877 ,  H04L9/3066 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/24

Abstract: An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session.

Abstract translation: 提供资产管理系统，其中包括作为资产控制核心运行的硬件模块。 资产控制核心通常包括嵌入在目标片上系统中的小型硬件核心，其在硅芯片上建立基于硬件的信任点。 资产控制核心可以作为消费者设备的信任根源，具有使其难以篡改的特征。 资产控制核心能够为一个设备生成唯一的标识符，并通过与设备的安全通信通道参与设备的跟踪和配置。 该设备通常包括一个安全模块，它将配置数据高速缓存并分配给连接到资产控制核心的许多代理之一，例如， 在生产线上或在售后市场的程序设计会议。