13-01-2022 дата публикации
Номер: US20220012042A1
Принадлежит:
Various systems and methods for providing secure and resilient configuration upgrades are described herein. A system, includes a processor; and memory to store instructions, which when executed by the processor, cause the system to: receive at a resilient security island (RSI) partition of a first network node, an update from a source, the first network node hosting the RSI partition and a host partition, the RSI comprising reserved hardware resources of the first network node; verify, by the RSI, provenance of the update; apply, by the RSI, the update to modify a configuration of the RSI or the host partition; test, by the RSI, the modified configuration of the RSI or the host partition; and provide a cryptographic proof that the test was completed and an update status to an update coordinator. 1. A system , comprising:a processor; and receive at a resilient security island (RSI) partition of a first network node, an update from a source, the first network node hosting the RSI partition and a host partition, the RSI comprising reserved hardware resources of the first network node;', 'verify, by the RSI, provenance of the update;', 'apply, by the RSI, the update to modify a configuration of the RSI or the host partition;', 'test, by the RSI, the modified configuration of the RSI or the host partition; and', 'provide a cryptographic proof that the test was completed and an update status to an update coordinator., 'memory to store instructions, which when executed by the processor, cause the system to2. The system of claim 1 , wherein the source is a local device.3. The system of claim 2 , wherein the instructions cause the system to: after receiving the update from the source claim 2 , verifying device credentials of the local device and chain of custody of the update.4. The system of claim 1 , wherein the source is a peer RSI partition at a second network node.5. The system of claim 4 , wherein the instructions to receive the update from the source comprise ...
Подробнее
