Information processing system, installation device, and computer program product
US-2023116684-A1 · Apr 13, 2023 · US
Data center asset onboarding authentication for a data center asset via an onboarding operation
US12225124B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12225124-B2 |
| Application number | US-202318209436-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 13, 2023 |
| Priority date | Jun 13, 2023 |
| Publication date | Feb 11, 2025 |
| Grant date | Feb 11, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system, method, and computer-readable medium for performing a data center monitoring and management operation. The data center monitoring and management operation includes: providing the data center asset to a data center asset purchaser; establishing a communication channel between an onboarding system and the data center asset; generating a request to a rendezvous service to generate a shared data center asset secret key for the data center asset; associating the shared data center asset secret key with the data center asset; and, providing authorization for the data center asset to be onboarded when the shared data center asset secret key generated by the rendezvous service matches the shared data center asset secret key associated with the data center asset.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implementable method for performing a data center monitoring and management operation, comprising: providing the data center asset to a data center asset purchaser; establishing a first communication channel between an onboarding system and the data center asset; establishing a second communication channel between a rendezvous server and the data center asset, the rendezvous server functioning as a rendezvous point between a newly powered-on data center asset and an onboarding service, the rendezvous server executing a trusted rendezvous service, the trusted rendezvous service being implemented to validate and register data center assets; generating a request to the trusted rendezvous service to generate a shared data center asset secret key for the data center asset; associating the shared data center asset secret key with the data center asset; sharing the shared data center asset secret key with the trusted rendezvous service upon receiving a request from the trusted rendezvous service that is encrypted by a public key of the data center asset purchaser; and, providing authorization for the data center asset to be onboarded when the shared data center asset secret key returned by the trusted rendezvous service matches the shared data center asset secret key associated with the data center asset. 2. The method of claim 1 , wherein: the establishing the first communication channel between the onboarding system and the data center asset conforms to a Fast Identity Online (FIDO) Alliance FIDO Device Onboard (FDO) specification. 3. The method of claim 1 , wherein: the shared data center asset secret key is derived from a public key of the data center asset purchaser. 4. The method of claim 1 , further comprising: generating an onboarding request; and, using the shared data center asset secret key to encrypt the onboarding request. 5. The method of claim 4 , further comprising: submitting the encrypted onboarding request to the trusted rendezvous service; and, using the encrypted onboarding request when providing authorization for the data center asset to be onboarded. 6. The method of claim 1 , wherein: a rendezvous support service communicates with the trusted rendezvous service via a third communication channel between the rendezvous server and the onboarding system. 7. A system comprising: a processor; a data bus coupled to the processor; and, a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for: providing the data center asset to a data center asset purchaser; establishing a first communication channel between an onboarding system and the data center asset; establishing a second communication channel between a rendezvous server and the data center asset, the rendezvous server functioning as a rendezvous point between a newly powered-on data center asset and an onboarding service, the rendezvous server executing a trusted rendezvous service, the trusted rendezvous service being implemented to validate and register data center assets; generating a request to the trusted rendezvous service to generate a shared data center asset secret key for the data center asset; associating the shared data center asset secret key with the data center asset; sharing the shared data center asset secret key with the trusted rendezvous service upon receiving a request from the trusted rendezvous service that is encrypted by a public key of the data center asset purchaser; and, providing authorization for the data center asset to be onboarded when the shared data center asset secret key returned by the trusted rendezvous service matches the shared data center asset secret key associated with the data center asset. 8. The system of claim 7 , wherein: the establishing the first communication channel between the onboarding system and the data center asset conforms to a Fast Identity Online (FIDO) Alliance FIDO Device Onboard (FDO) specification. 9. The system of claim 7 , wherein: the shared data center asset secret key is derived from a public key of the data center asset purchaser. 10. The system of claim 9 , wherein the instructions executable by the processor are further configured for: generating an onboarding request; and, using the shared data center asset secret key to encrypt the onboarding request. 11. The system of claim 10 , wherein the instructions executable by the processor are further configured for: submitting the encrypted onboarding request to the trusted rendezvous service; and, using the encrypted onboarding request when providing authorization for the data center asset to be onboarded. 12. The system of claim 7 , wherein: a rendezvous support service communicates with the trusted rendezvous service via a third communication channel between the rendezvous server and the onboarding system. 13. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for: providing the data center asset to a data center asset purchaser; establishing a first communication channel between an onboarding system and the data center asset; establishing a second communication channel between a rendezvous server and the data center asset, the rendezvous server functioning as a rendezvous point between a newly powered-on data center asset and an onboarding service, the rendezvous server executing a trusted rendezvous service, the trusted rendezvous service being implemented to validate and register data center assets; generating a request to the trusted rendezvous service to generate a shared data center asset secret key for the data center asset; associating the shared data center asset secret key with the data center asset; and, sharing the shared data center asset secret key with the trusted rendezvous service upon receiving a request from the trusted rendezvous service that is encrypted by a public key of the data center asset purchaser; and, providing authorization for the data center asset to be onboarded when the shared data center asset secret key returned by the trusted rendezvous service matches the shared data center asset secret key associated with the data center asset. 14. The non-transitory, computer-readable storage medium of claim 13 , wherein: the establishing the first communication channel between the onboarding system and the data center asset conforms to a Fast Identity Online (FIDO) Alliance FIDO Device Onboard (FDO) specification. 15. The non-transitory, computer-readable storage medium of claim 13 , wherein: the shared data center asset secret key is derived from a public key of the data center asset purchaser. 16. The non-transitory, computer-readable storage medium of claim 13 , wherein the computer executable instructions are further configured for: generating an onboarding request; and, using the shared data center asset secret key to encrypt the onboarding request. 17. The non-transitory, computer-readable storage medium of claim 16 , wherein the computer executable instructions are further configured for: submitting the encrypted onboarding request to the trusted rendezvous service; and, using the encrypted onboarding request when providing authorization for the data center asset to be onboarded.
Assignees
Inventors
Classifications
for initial configuration or provisioning, e.g. plug-and-play · CPC title
- H04L9/30Primary
Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy · CPC title
- H04L9/088Primary
Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms (network architectures or network communication protocols for using time-dependent keys in a packet data network H04L63/068) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12225124B2 cover?
- A system, method, and computer-readable medium for performing a data center monitoring and management operation. The data center monitoring and management operation includes: providing the data center asset to a data center asset purchaser; establishing a communication channel between an onboarding system and the data center asset; generating a request to a rendezvous service to generate a shar…
- Who is the assignee on this patent?
- Dell Products Lp
- What technology area does this patent fall under?
- Primary CPC classification H04L9/30. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).