Storage device deleting encryption key, method of operating the same, and method of operating electronic device including the same
US-2024086336-A1 · Mar 14, 2024 · US
Managing trusted platform module (tpm) replacement at an information handling system
US2025356062A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2025356062-A1 |
| Application number | US-202418664426-A |
| Country | US |
| Kind code | A1 |
| Filing date | May 15, 2024 |
| Priority date | May 15, 2024 |
| Publication date | Nov 20, 2025 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Managing TPM replacement at a IHS, including encrypting, by the client IHS, a storage device at the client IHS utilizing a first TPM and first keys; providing, by the client IHS and to the management server IHS, the first keys; storing the first keys at a database; detecting replacement of the first TPM with a second TPM at the client IHS, and in response: requesting, by the client IHS, the first keys; receiving, from the management server IHS, the first keys; decrypting, by the client IHS, the storage device at the client IHS utilizing the second TPM and the first keys; encrypting, by the client IHS, the storage device at the client IHS utilizing the second TPM and second keys differing from the first keys; providing, to the management server IHS, the second keys; and storing the second keys at the database.
First claim
Opening claim text (preview).
What is claimed is: 1 . A computer-implemented method of managing trusted platform module (TPM) replacement at a client information handling system (IHS), including: registering the client IHS to a management server information handling system (IHS); encrypting, by the client IHS at a first time, a storage device at the client IHS utilizing a first TPM and first keys; providing, by the client IHS and to the management server IHS, the first keys; storing, by the management server IHS, the first keys at a database; detecting, at a second time after the first time, replacement of the first TPM with a second TPM at the client IHS, and in response: requesting, by the client IHS and to the management server IHS, the first keys; receiving, from the management server IHS and by the client IHS, the first keys; decrypting, by the client IHS, the storage device at the client IHS utilizing the second TPM and the first keys; encrypting, by the client IHS, the storage device at the client IHS utilizing the second TPM and second keys differing from the first keys; providing, by the client IHS and to the management server IHS, the second keys; and storing, by the management server IHS, the second keys at the database. 2 . The computer-implemented method of claim 1 , further including: storing, at the first TPM, additional keys and certifications; providing, by the client IHS and to the management server IHS, the additional keys and the certifications; and storing, by the management server IHS, the additional keys and the certifications at the database. 3 . The computer-implemented method of claim 2 , further including: identifying, by the client IHS, an adjustment of the additional keys; and periodically syncing the additional keys and the certifications with the management server IHS, including the adjustment of the additional keys. 4 . The computer-implemented method of claim 3 , wherein requesting the first keys further includes requesting the additional keys and the certifications, the method further including receiving, from the management server IHS and by the client IHS, the additional keys and the certifications. 5 . The computer-implemented method of claim 1 , wherein detecting replacement of the first TPM with the second TPM further includes detecting a failure to boot of the storage device. 6 . The computer-implemented method of claim 1 , wherein the first keys and the second keys are stored at the database in an encrypted format. 7 . A computing environment, including: a server management information handling system comprising a processor having access to memory media storing instructions executable by the processor to perform operations; a client information handling system comprising a processor having access to memory media storing instructions executable by the processor to perform operations, comprising: registering the client IHS to a management server information handling system (IHS); encrypting, at a first time, a storage device at the client IHS utilizing a first TPM and first keys; providing, to the management server IHS, the first keys; wherein the management server IHS is configured to perform operations: storing the first keys at a database; wherein the client IHS is configured to perform operations: detecting, at a second time after the first time, replacement of the first TPM with a second TPM at the client IHS, and in response: requesting, to the management server IHS, the first keys; receiving, from the management server IHS, the first keys; decrypting the storage device at the client IHS utilizing the second TPM and the first keys; encrypting the storage device at the client IHS utilizing the second TPM and second keys differing from the first keys; providing, to the management server IHS, the second keys; and wherein the management server IHS is configured to perform operations: storing the second keys at the database. 8 . The computing environment of claim 7 , wherein the client IHS is configured to perform operations: storing, at the first TPM, additional keys and certifications; providing, to the management server IHS, the additional keys and the certifications; and wherein the management server IHS is configured to perform operations: storing the additional keys and the certifications at the database. 9 . The computing environment of claim 8 , wherein the client IHS is configured to perform operations: identifying an adjustment of the additional keys; and periodically syncing the additional keys and the certifications with the management server IHS, including the adjustment of the additional keys. 10 . The computing environment of claim 9 , wherein requesting the first keys further includes requesting the additional keys and the certifications, the method further including receiving, from the management server IHS and by the client IHS, the additional keys and the certifications. 11 . The computing environment of claim 7 , wherein detecting replacement of the first TPM with the second TPM further includes detecting a failure to boot of the storage device. 12 . The computing environment of claim 7 , wherein the first keys and the second keys are stored at the database in an encrypted format. 13 . A non-transitory computer-readable medium storing software comprising instructions executable by one or more computers which, upon such execution, cause the one or more computers to perform operations comprising: registering the client IHS to a management server information handling system (IHS); encrypting, by the client IHS at a first time, a storage device at the client IHS utilizing a first TPM and first keys; providing, by the client IHS and to the management server IHS, the first keys; storing, by the management server IHS, the first keys at a database; detecting, at a second time after the first time, replacement of the first TPM with a second TPM at the client IHS, and in response: requesting, by the client IHS and to the management server IHS, the first keys; receiving, from the management server IHS and by the client IHS, the first keys; decrypting, by the client IHS, the storage device at the client IHS utilizing the second TPM and the first keys; encrypting, by the client IHS, the storage device at the client IHS utilizing the second TPM and second keys differing from the first keys; providing, by the client IHS and to the management server IHS, the second keys; and storing, by the management server IHS, the second keys at the database. 14 . The non-transitory computer-readable medium of claim 13 , the operations further including: storing, at the first TPM, additional keys and certifications; providing, by the client IHS and to the management server IHS, the additional keys and the certifications; and storing, by the management server IHS, the additional keys and the certifications at the database. 15 . The non-transitory computer-readable medium of claim 14 , the operations further including: identifying, by the client IHS, an adjustment of the additional keys; and periodically syncing the additional keys and the certifications with the management server IHS, including the adjustment of the additional keys. 16 . The non-transitory computer-readable medium of claim 15 , wherein requesting the first keys further includes requesting the additional keys and the certifications, the method further including receiving, from the management server IHS and by the client IHS, the additional keys and the certifications. 17 . The non
Assignees
Inventors
Classifications
Secure boot · CPC title
Providing cryptographic facilities or services · CPC title
File encryption · CPC title
- G06F21/78Primary
to assure secure storage of data (address-based protection against unauthorised use of memory G06F12/14; record carriers for use with machines and with at least a part designed to carry digital markings G06K19/00) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2025356062A1 cover?
- Managing TPM replacement at a IHS, including encrypting, by the client IHS, a storage device at the client IHS utilizing a first TPM and first keys; providing, by the client IHS and to the management server IHS, the first keys; storing the first keys at a database; detecting replacement of the first TPM with a second TPM at the client IHS, and in response: requesting, by the client IHS, the fir…
- Who is the assignee on this patent?
- Dell Products Lp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/78. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Nov 20 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).