What technology area does this patent fall under?

Primary CPC classification G06F21/602. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Feb 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Fast identity online (FIDO) device onboarding (FDO) protocol computing device hardware attestation system

US12223097B2 · US · B2

Patent metadata
Field	Value
Publication number	US-12223097-B2
Application number	US-202217717820-A
Country	US
Kind code	B2
Filing date	Apr 11, 2022
Priority date	Apr 11, 2022
Publication date	Feb 11, 2025
Grant date	Feb 11, 2025

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A voucher management system receives, from a computing device manufacturer system, an ownership voucher that transfers ownership of a computing device from the computing device manufacturer system to the voucher management system, and a hardware attestation certificate for the computing device, and associates them with the computing device in a voucher management database. When the voucher management system determines that the ownership of the computing device should be transferred to an end user system, it automatically generates second ownership transfer data by signing an end user system public key with a voucher management system private key, provides the second ownership transfer data in the ownership voucher in order to transfer ownership of the computing device from the voucher management system to the end user system, and provides the ownership voucher and the hardware attestation certificate to the end user system.

First claim

Opening claim text (preview).

What is claimed is: 1. A networked system, comprising: a computing device manufacturer system; an end user system; and a voucher management system that is coupled to the computing device manufacturer system and the end user system via a network, wherein the voucher management system is configured to: receive, from the computing device manufacturer system: an ownership voucher having first ownership transfer data including a voucher management system public key that has been signed by a computing device manufacturer system private key in order to transfer ownership of a computing device from the computing device manufacturer system to the voucher management system; and a hardware attestation certificate for the computing device that identifies a hardware inventory of the computing device and that is configured to verify that the computing device has not been altered subsequent to its manufacture; associate the ownership voucher and the hardware attestation certificate with the computing device in a voucher management database; and determine that the ownership of the computing device should be transferred to the end user system and, in response: automatically generate, in response to determining that ownership of the computing device should be transferred to the end user system, second ownership transfer data by signing an end user system public key with a voucher management system private key; provide the second ownership transfer data in the ownership voucher in order to transfer ownership of the computing device from the voucher management system to the end user system; and provide the ownership voucher and the hardware attestation certificate to the end user system. 2. The system of claim 1 , wherein the voucher management system is configured to: retrieve the end user system public key that is signed by the voucher management system private key from the end user system. 3. The system of claim 1 , wherein the voucher management system is configured to: receive, from the computing device manufacturer system along with the ownership voucher, an end user system identifier identifying the end user system; and associate the end user system identifier with the ownership voucher and the hardware attestation certificate in the voucher management database. 4. The system of claim 1 , wherein the voucher management system is configured to: receive, from the end user system, authentication information; authenticate, using the end user information, the end user system; and display, in response to authenticating the end user system and use the end user system identifier included in the authentication information, the ownership voucher and the hardware attestation certificate associated with the end user system identifier in the voucher management database. 5. The system of claim 1 , wherein the hardware inventory of the computing device identified by the hardware attestation certificate is an inventory of the computing device ordered by an end user associated with the end user system. 6. The system of claim 1 , wherein the hardware attestation certificate is signed with the computing device manufacturer system private key. 7. The system of claim 1 , wherein the end user system is configured to: use the hardware attestation certificate to verify that the computing device has not been altered subsequent to its manufacture; and use, in response to verifying that the computing device has not been altered subsequent to its manufacture, the ownership voucher to onboard the computing device. 8. An Information Handling System (IHS), comprising: a processing system; and a memory system that is coupled to the processing system and that includes instructions that, when executed by the processing system, cause the processing system to provide a voucher management engine that is configured to: receive, from a computing device manufacturer system: an ownership voucher having first ownership transfer data including a voucher management system public key that has been signed by a computing device manufacturer system private key in order to transfer ownership of a computing device from the computing device manufacturer system to the voucher management system; and a hardware attestation certificate for the computing device that identifies a hardware inventory of the computing device and that is configured to verify that the computing device has not been altered subsequent to its manufacture; associate the ownership voucher and the hardware attestation certificate with the computing device in a voucher management database; and determine that the ownership of the computing device should be transferred to the end user system and, in response: automatically generate, in response to determining that ownership of the computing device should be transferred to the end user system, second ownership transfer data by signing an end user system public key with a voucher management system private key; provide the second ownership transfer data in the ownership voucher in order to transfer ownership of the computing device from the voucher management system to the end user system; and provide the ownership voucher and the hardware attestation certificate to the end user system. 9. The IHS of claim 8 , wherein the voucher management engine is configured to: retrieve the end user system public key that is signed by the voucher management system private key from the end user system. 10. The IHS of claim 8 , wherein the voucher management engine is configured to: receive, from the computing device manufacturer system along with the ownership voucher, an end user system identifier identifying the end user system; and associate the end user system identifier with the ownership voucher and the hardware attestation certificate in the voucher management database. 11. The IHS of claim 8 , wherein the voucher management engine is configured to: receive, from the end user system, authentication information; authenticate, using the end user information, the end user system; and display, in response to authenticating the end user system and use the end user system identifier included in the authentication information, the ownership voucher and the hardware attestation certificate associated with the end user system identifier in the voucher management database. 12. The IHS of claim 8 , wherein the hardware inventory of the computing device identified by the hardware attestation certificate is an inventory of the computing device ordered by an end user associated with the end user system. 13. The IHS of claim 8 , wherein the hardware attestation certificate is signed with the computing device manufacturer system private key. 14. A method for Fast IDentity Online (FIDO) Device Onboarding (FDO) protocol computing device hardware attestation, comprising: receiving, by a voucher management system from a computing device manufacturer system: an ownership voucher having first ownership transfer data including a voucher management system public key that has been signed by a computing device manufacturer system private key in order to transfer ownership of a computing device from the computing device manufacturer system to the voucher management system; and a hardware attestation certificate for the computing device that identifies a hardware inventory of the computing device and that is configured to verify that the computing device has not been altered subsequent to its manufacture; associating, by the voucher management system, the ownership voucher and the hardware attestation certificate with the computing device in a voucher management d

Assignees

Dell Products Lp

Inventors

Classifications

G06F21/107
License processing; Key processing · CPC title
G06F21/602Primary
Providing cryptographic facilities or services · CPC title
G06F21/33
using certificates · CPC title
G06F21/73Primary
by creating or determining hardware identification, e.g. serial numbers · CPC title

Patent family

Related publications grouped by family.

View patent family 88239403

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US12223097B2 cover?: A voucher management system receives, from a computing device manufacturer system, an ownership voucher that transfers ownership of a computing device from the computing device manufacturer system to the voucher management system, and a hardware attestation certificate for the computing device, and associates them with the computing device in a voucher management database. When the voucher mana…
Who is the assignee on this patent?: Dell Products Lp
What technology area does this patent fall under?: Primary CPC classification G06F21/602. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Feb 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).