Memory device with secure boot updates and self recovery
US-2024406008-A1 · Dec 5, 2024 · US
Automatic software upgrade
US2016357546A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016357546-A1 |
| Application number | US-201615148185-A |
| Country | US |
| Kind code | A1 |
| Filing date | May 6, 2016 |
| Priority date | Jun 5, 2015 |
| Publication date | Dec 8, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems, methods, and computer-readable media are provided for automatically downloading and launching a new version of software package on components in a network environment. In some examples, an upgrade server of a network environment keeps a copy of all versions of software packages running on nodes or sensors of the network environment, identifications of corresponding nodes or sensors, and public keys associated with the software packages. The upgrade server can authenticate a new version of a software package using a two-step process.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: receiving, from a provider, a notification of a new version of a software package; downloading the new version of the software package; authenticating the new version of the software package using a first public key assigned by the provider; in response to determining that the new version of the software package is a valid software packet from the provider, determining a current version of the software package miming on a particular node of a network environment, the current version of the software package comprising a software package portion and a specific control engine; determining that the current version of the software package is older than the new version of the software package; authenticating the new version of the software package using a second public key assigned by the specific control engine; determining that the new version of the software package matches be particular node's identification; and causing the new version of the software package to be installed on the particular node. 2 . The method of claim 1 , further comprising: collecting, directly from the particular node or a sensor associated with the particular node, process and network data of the particular node; and determining a status of the new version of the software package running on the particular node by analyzing the process and network data of the particular node. 3 . The method of claim 2 , further comprising: determining that the new version of the software package is not running ok on the particular node; uninstalling the new version of the software package on the particular node; and causing the current version of the software package to be restored on the particular node. 4 . The method of claim 3 , further comprising: rejecting an upgrade request from at least one node of the network environment, the at least one node running under an operating system similar to that of the particular node. 5 . The method of claim 2 , further comprising: determining that the new version of the software package is running okay on the particular node over a predetermined period of time; and causing the new version of the software package to be upgraded to at least one additional node of the network environment, the at least one additional node running under an operating system similar to that of the particular node. 6 . The method of claim 1 , wherein the authenticating the new version of the software package and the determining the current version of the software package are performed by a sensor associated with the particular node or an upgrade server of the network environment, the upgrade server maintaining a copy of software packages that are currently running on a plurality of nodes or sensors in the network environment, a copy of all prior versions of the software packages, and identifications of the plurality of nodes or sensors together with corresponding software versions that are running on the plurality of nodes or sensors. 7 . The method of claim 1 , wherein the authenticating the new version of the software package and the determining the current version of the software package are performed by the specific control engine. 8 . The method of claim 7 , further comprising: collecting process and network data of the particular node; and determining a status of the new version of the software package running on the particular node by analyzing the process and network data of the particular node. 9 . The method of claim 8 , further comprising: maintaining a copy of the current version of the software package on the particular node; determining that the new version of the software package has been running okay over a predetermined period of time; and removing the current version of the software package from the particular node. 10 . The method of claim 8 , further comprising: maintaining a copy of the current version of the software package on the particular node; determining that the new version of the software package is not running okay; uninstalling the new version of the software package from the particular node; and reinstalling the current version of the software package on the particular node. 11 . A system, comprising: a processor; and a computer-readable medium storing instructions that, when executed by the processor, cause the system to perform operations comprising: receiving, from a provider, a notification of a new version of a software package; downloading the new version of the software package; authenticating the new version of the software package using a first public key assigned by the provider; in response to determining that the new version of the software package is a valid software packet from the provider, determining a current version of the software package running on a particular node of a network environment, the current version of the software package comprising a software package portion and a specific control engine; determining that the current version of the software package is older than the new version of the software package; authenticating the new version of the software package using a second public key assigned by the specific control engine; determining that the new version of the software package matches the particular node's identification; and installing the new version of the software package on the particular node. 12 . The system of claim 11 , wherein the instructions, when executed by the processor, cause the system to perform operations further comprising: collecting, directly from the particular node or a sensor associated with the particular node, process and network data of the particular node; and determining a status of the new version of the software package running on the particular node by analyzing the process and network data of the particular node. 13 . The system of claim 12 , wherein the instructions, when executed by the processor, cause the system to perform operations further comprising: determining that the new version of the software package is not running ok on the particular node; uninstalling the new version of the software package on the particular node; and causing the current version of the software package to be restored on the particular node, 14 . The system of claim 13 , wherein the instructions, when executed by the processor, cause the system to perform operations further comprising: rejecting an upgrade request from at least one node of the network environment, the at least one node running under an operating system similar to that of the particular node. 15 . The system. of claim 12 , wherein the instructions, when executed by the processor, cause the system to perform operations further comprising: determining that the new version of the software package is running okay on the particular node over a predetermined period of time; and causing the new version of the software package to be upgraded to at least one additional node of the network environment, the at least one additional node running under an operating system similar to that of the particular node. 16 . The system of claim 11 , wherein the authenticating the new version of the software package and the determining the current version of the software package are performed by a sensor associated with the particular node or an upgrade server of the network environment, the upgrade server maintaining a copy of software packages that are currently running on a plurality of nodes or sensors in the network environment, a copy of all prior ver
Assignees
Inventors
Classifications
- G06F8/65Primary
Updates (security arrangements therefor G06F21/57) · CPC title
Applying verification of the received information (cryptographic mechanisms or cryptographic arrangements for data integrity or data verification H04L9/32) · CPC title
Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016357546A1 cover?
- Systems, methods, and computer-readable media are provided for automatically downloading and launching a new version of software package on components in a network environment. In some examples, an upgrade server of a network environment keeps a copy of all versions of software packages running on nodes or sensors of the network environment, identifications of corresponding nodes or sensors, an…
- Who is the assignee on this patent?
- Cisco Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F8/65. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Dec 08 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).