| 发明名称 | Firmware security | ||
| 摘要 | One embodiment provides an apparatus adapted to perform a secure firmware upgrade. The apparatus includes a first memory and a second memory. The first memory stores a private key for use in decrypting content and a unique identifier corresponding to the apparatus. The second memory includes a first version of firmware for the apparatus. The apparatus further includes a controller configured to perform an operation that includes receiving a first request to perform a firmware update operation for the apparatus. The operation also includes transmitting a second request for a second version of firmware to a remote server, the second request specifying the unique identifier corresponding to the apparatus. Additionally, in response to transmitting the second request, an encrypted firmware package is received from the remote server. The operation further includes decrypting the encrypted firmware package using the private key and installing the decrypted firmware package on the apparatus. | ||
| 申请公布号 | US9418229(B2) | 申请公布日期 | 2016.08.16 |
| 申请号 | US201414525318 | 申请日期 | 2014.10.28 |
| 申请人 | Disney Enterprises, Inc. | 发明人 | Lau Gary K.;Strange Gregory J.;Simkowiak Derek |
| 分类号 | G06F21/57;H04L29/06;G06F9/445 | 主分类号 | G06F21/57 |
| 代理机构 | Patterson + Sheridan, LLP | 代理人 | Patterson + Sheridan, LLP |
| 主权项 | 1. An apparatus, comprising: a first memory comprising: a device-specific token;a private key for use in decrypting content; anda unique identifier corresponding to the apparatus; a second memory comprising a first version of firmware for the apparatus; and a controller configured to perform an operation, comprising: receiving a first request to perform a firmware update operation for the apparatus;transmitting a second request for a second version of firmware to a remote server, the second request specifying the unique identifier corresponding to the apparatus;in response to transmitting the second request, receiving an encrypted firmware package from the remote server;further in response to transmitting the second request, receiving a second token from the remote server;decrypting the encrypted firmware package using the private key; andinstalling the decrypted firmware package on the apparatus, comprising: initiating an installation of the decrypted firmware package on the apparatus;during the installation of the decrypted firmware package, restarting the apparatus;comparing, by a bootloader of the apparatus, the device-specific token with second token received from the remote server; andupon determining that the device-specific token and the second token do not match, aborting the installation of the decrypted firmware package on the apparatus. | ||
| 地址 | Burbank CA US | ||