A server and component management method based on intelligent platform management interface
The intelligent platform management interface solves the problems of device identification and data transmission security through automatic device discovery, dynamic key negotiation and multi-encryption verification mechanisms, and realizes efficient and secure communication for server and component management.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- 四川华鲲振宇智能科技有限责任公司
- Filing Date
- 2026-03-10
- Publication Date
- 2026-06-19
Smart Images

Figure CN122241730A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of server operation and maintenance management, and in particular to a method for managing servers and components based on an intelligent platform management interface. Background Technology
[0002] In the field of server operation and maintenance management, intelligent platform management interfaces, with their remote management capabilities and lack of operating system support, have become one of the core technologies for server and pluggable component management, and are widely used in various server clusters and equipment operation and maintenance scenarios. Currently, the industry commonly uses intelligent platform management interfaces to achieve basic status monitoring, component information collection, and remote control of server equipment, completing communication and data transmission between devices through message exchange within a local area network. With the increasing variety of pluggable server components and the growing complexity of operation and maintenance scenarios, higher demands are being placed on the functional scalability, data transmission security, and device adaptability of intelligent platform management interfaces. Various extension technologies and security mechanisms based on this interface are gradually being developed and applied, forming a diversified management solution system. Simultaneously, to ensure data transmission security, technologies such as key negotiation, data encryption, and authentication are increasingly being integrated with intelligent platform management interfaces, becoming standard configurations in server component management solutions, driving management technology towards greater efficiency and security.
[0003] Existing server and component management solutions based on intelligent platform management interfaces still suffer from numerous unresolved technical issues that cannot be completely solved through single-technology optimization. First, the device discovery process lacks a standardized identity association and verification mechanism, making it difficult to accurately identify legitimate devices and extract valid basic information. This results in insufficient stability of subsequent communication links and an inability to provide reliable data support for subsequent management operations. Second, key management often employs fixed key modes or simple negotiation processes, lacking dynamic control over the key lifecycle. This leads to a high risk of key reuse, making it unsuitable for dynamically changing operational environments and compromising the security of long-term communication. Third, the standard command set of the intelligent platform management interface has significant functional limitations, lacking targeted private extension instructions. The encapsulation and transmission formats for pluggable component information are inconsistent, and sensitive data encryption protection measures are inadequate, making data leakage or transmission anomalies likely. Finally, the security protection mechanism is relatively simplistic, relying solely on simple encryption methods and lacking multiple protection measures such as certificate verification and message validation. This makes it unable to effectively resist data tampering, forgery, and invalid message attacks, impacting the security and reliability of the entire management process. Summary of the Invention
[0004] The purpose of this invention is to overcome the shortcomings of the prior art and provide a server and component management method based on an intelligent platform management interface.
[0005] The objective of this invention is achieved through the following technical solution: A method for managing servers and components based on an intelligent platform management interface is provided, which includes the following steps: S1. Perform automatic discovery operation, send a smart platform management interface broadcast message containing a preset identifier and public key fragment, receive the returned response message, verify the validity of the preset identifier, and extract relevant information; S2. Conduct dynamic key negotiation, use key exchange algorithm to generate temporary session key with extracted relevant information, send session activation command containing its own public key, receive temporary session key encrypted with its own public key, set the life cycle of temporary session key and monitor it, and renegotiation after the life cycle of temporary session key ends. S3. Extend the private original equipment manufacturer (OEM) instructions in the command set of the extended intelligent platform management interface, encapsulate the server pluggable component information using a type-length-value structure, encrypt sensitive data using a temporary session key, and transmit it through the extended private OEM instructions after attaching a checksum. S4. Implement security enhancement mechanisms to encrypt request and response data of private original equipment manufacturer (OEM) instructions, exchange and verify digital certificates, add and verify serial numbers and timestamps, reject invalid messages, and pre-configure digital certificate fingerprint information.
[0006] Furthermore, step S1 includes the following sub-steps: S1.1. Construct a smart platform management interface broadcast message containing a preset identifier and a public key fragment, and send it through the local area network; S1.2. Receive a response message returned in response to the broadcast message of the intelligent platform management interface containing a preset identifier and a public key fragment. The response message contains a temporary session identifier and a random number. S1.3. Extract the preset identifier from the received response message and verify the validity of the extracted preset identifier; S1.4. If the preset identifier verification is successful, extract the media access control address, firmware version, and list of supported extended commands from the received response message as the relevant information extracted in step S1.
[0007] Furthermore, step S2 includes the following sub-steps: S2.1. Using a key exchange algorithm, combined with the media access control address, firmware version, and list of supported extended commands extracted in step S1, a temporary session key is generated; S2.2. Construct a session activation command containing your own public key and send the session activation command containing your own public key; S2.3. Receive response data returned in response to the sent session activation command containing its own public key, wherein the response data contains a temporary session key encrypted with its own public key in the session activation command; S2.4. Set the lifecycle of the received temporary session key encrypted with its own public key, and start a timing mechanism to count the usage time of the temporary session key encrypted with its own public key; S2.5. When the timeout period reaches the lifecycle setting value of the temporary session key, terminate the use of the currently used temporary session key and restart the dynamic key negotiation process to generate a new temporary session key.
[0008] Furthermore, step S3 includes the following sub-steps: S3.1. Referring to the list of supported extended commands extracted in step S1, extend the private original equipment manufacturer (OEM) instructions in the command set of the intelligent platform management interface. The private OEM instructions include three types of specific instructions: obtaining all pluggable component types of the server, returning detailed information by component type, and reporting component change events. S3.2. Collect relevant data of the server's pluggable components, and encapsulate the collected data of the server's pluggable components using a type-length-value structure. The type-length-value structure includes data type identifier, data length information, and encrypted actual data content. S3.3. Identify sensitive data in the collected data related to the pluggable components of the server, and encrypt the identified sensitive data using the temporary session key received in step S2 and encrypted with its own public key; S3.4. Process the encrypted encapsulated data and append a checksum to the end of the encrypted encapsulated data; S3.5. Based on the list of supported extended commands extracted in step S1, select the corresponding private original equipment manufacturer (OEM) instruction and transmit the encapsulated data with the attached checksum over the network.
[0009] Furthermore, step S4 includes the following sub-steps: S4.1. Use a preset encryption mode to encrypt the request data and response data of the private original equipment manufacturer (OEM) instruction transmitted in step S3; S4.2. Based on the communication link after the request data and response data of the private original equipment manufacturer's instructions have been encrypted, exchange digital certificates with the communication counterpart during the session establishment phase; S4.3. Verify the legitimacy of the digital certificates exchanged during the session establishment phase; S4.4. Process the encrypted request and response messages of the private original equipment manufacturer (OEM) instructions, and add an incrementing sequence number and timestamp to each smart platform management interface message; S4.5. After receiving a message with an added sequence number and timestamp, verify the original added sequence number and timestamp in the message; S4.6. Based on the verification results of the sequence number and timestamp, perform rejection processing on messages with duplicate sequence numbers and expired messages that exceed the valid time range; S4.7. Extract the fingerprint information of the digital certificate exchanged during the session establishment phase, and pre-set the extracted digital certificate fingerprint information in the relevant firmware and configuration files.
[0010] Furthermore, in step S1, the intelligent platform management interface broadcast message is sent through the local area network to ensure that all relevant devices in the local area network can receive the intelligent platform management interface broadcast message. After receiving the intelligent platform management interface broadcast message, the relevant devices first extract the preset identifier in the intelligent platform management interface broadcast message for verification. After the preset identifier is verified, a temporary session identifier and a random number are generated and a response message is constructed. The list of supported extended commands extracted in step S1 is used to clarify the private original equipment manufacturer (OEM) instructions that the relevant devices can respond to. When sending private OEM instructions in the future, the corresponding private OEM instruction is selected according to the list of supported extended commands.
[0011] Furthermore, in step S2, the key exchange algorithm adopts the elliptic curve Diffie-Hellman algorithm. The elliptic curve Diffie-Hellman algorithm generates a public key and a private key pair. After exchanging the public key, it calculates a temporary session key by combining it with its own private key. The public key carried in the session activation command is generated based on the elliptic curve Diffie-Hellman algorithm. The relevant device uses its own public key carried in the session activation command to encrypt the temporary session key and then returns it. The timing mechanism starts when the temporary session key is generated. After the new temporary session key is generated, it replaces the original temporary session key for subsequent data encryption and communication verification.
[0012] Furthermore, in step S3, the instruction to obtain all pluggable component types of the server is used to collect type information of hard drives, network cards, power supplies, fans, and optical modules in the server. The instruction to return detailed information by component type is used to collect the serial number, component model, physical location identifier, and health status of the corresponding component. The physical location identifier includes the slot number and rack location of the component. The health status is divided into three states: normal, alarm, and fault. The instruction to report component change events is triggered when a component is plugged in or removed. After the instruction to report component change events is triggered, an event notification containing the component type, change type, and change time is generated. The change type includes two situations: insertion and removal.
[0013] Furthermore, in step S3, the data type identifier in the type length value structure is used to distinguish different categories of component data, the data length information is used to identify the byte length of the corresponding data, the encrypted actual data content is the original component data after being encrypted with a temporary session key, the sensitive data includes the component's serial number and physical location identifier, the encryption processing of the sensitive data adopts the Advanced Encryption Standard related algorithm, and the check code is calculated by hashing the unencrypted original component data.
[0014] Furthermore, in step S4, the preset encryption mode adopts a combination of counter mode and Galois domain mode. The digital certificate adopts a standard format and includes the certificate holder's identity information, public key information, issuing authority information, and validity period. When verifying the legality of the digital certificate, the signature of the digital certificate is checked first, and then the validity period and issuing authority of the digital certificate are checked. The sequence number is incremented sequentially from the time the session is established. The timestamp records the time when the message is sent. Messages with duplicate sequence numbers are directly discarded, and expired messages are marked and discarded.
[0015] The beneficial effects of this invention are: (1) Through the coordinated execution of core steps such as automatic discovery and dynamic key negotiation, device identification and communication key management can be achieved without complex pre-configuration, reducing configuration complexity and ensuring session security; (2) By relying on the encapsulation technology of extended private instructions and type length value structure, flexible collection and encrypted transmission of pluggable component information can be realized, thereby improving the scalability of the method and the confidentiality of data transmission; (3) Combining multiple encryption, certificate verification and message verification mechanisms, it effectively resists risks such as data leakage and tampering, and ensures the stability and reliability of server and component management processes. Attached Figure Description
[0016] Figure 1 This is a flowchart illustrating the steps of a server and component management method based on an intelligent platform management interface. Figure 2 This is a flowchart illustrating the specific steps of a server and component management method based on an intelligent platform management interface, provided as an example. Detailed Implementation
[0017] The technical solution of the present invention will be clearly and completely described below with reference to the embodiments. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.
[0018] Example 1 A method for managing servers and components based on an intelligent platform management interface is provided, which includes the following steps: S1. Perform automatic discovery operation, send a smart platform management interface broadcast message containing a preset identifier and public key fragment, receive the returned response message, verify the validity of the preset identifier, and extract relevant information; S2. Conduct dynamic key negotiation, use key exchange algorithm to generate temporary session key with extracted relevant information, send session activation command containing its own public key, receive temporary session key encrypted with its own public key, set the life cycle of temporary session key and monitor it, and renegotiation after the life cycle of temporary session key ends. S3. Extend the private original equipment manufacturer (OEM) instructions in the command set of the extended intelligent platform management interface, encapsulate the server pluggable component information using a type-length-value structure, encrypt sensitive data using a temporary session key, and transmit it through the extended private OEM instructions after attaching a checksum. S4. Implement security enhancement mechanisms to encrypt request and response data of private original equipment manufacturer (OEM) instructions, exchange and verify digital certificates, add and verify serial numbers and timestamps, reject invalid messages, and pre-configure digital certificate fingerprint information.
[0019] In some embodiments, step S1 includes the following sub-steps: S1.1. Construct a smart platform management interface broadcast message containing a preset identifier and a public key fragment, and send it through the local area network; S1.2. Receive a response message returned in response to the broadcast message of the intelligent platform management interface containing a preset identifier and a public key fragment. The response message contains a temporary session identifier and a random number. S1.3. Extract the preset identifier from the received response message and verify the validity of the extracted preset identifier; S1.4. If the preset identifier verification is successful, extract the media access control address, firmware version, and list of supported extended commands from the received response message as the relevant information extracted in step S1.
[0020] In some embodiments, step S2 includes the following sub-steps: S2.1. Using a key exchange algorithm, combined with the media access control address, firmware version, and list of supported extended commands extracted in step S1, a temporary session key is generated; S2.2. Construct a session activation command containing your own public key and send the session activation command containing your own public key; S2.3. Receive response data returned in response to the sent session activation command containing its own public key, wherein the response data contains a temporary session key encrypted with its own public key in the session activation command; S2.4. Set the lifecycle of the received temporary session key encrypted with its own public key, and start a timing mechanism to count the usage time of the temporary session key encrypted with its own public key; S2.5. When the timeout period reaches the lifecycle setting value of the temporary session key, terminate the use of the currently used temporary session key and restart the dynamic key negotiation process to generate a new temporary session key.
[0021] In some embodiments, step S3 includes the following sub-steps: S3.1. Referring to the list of supported extended commands extracted in step S1, extend the private original equipment manufacturer (OEM) instructions in the command set of the intelligent platform management interface. The private OEM instructions include three types of specific instructions: obtaining all pluggable component types of the server, returning detailed information by component type, and reporting component change events. S3.2. Collect relevant data of the server's pluggable components, and encapsulate the collected data of the server's pluggable components using a type-length-value structure. The type-length-value structure includes data type identifier, data length information, and encrypted actual data content. S3.3. Identify sensitive data in the collected data related to the pluggable components of the server, and encrypt the identified sensitive data using the temporary session key received in step S2 and encrypted with its own public key; S3.4. Process the encrypted encapsulated data and append a checksum to the end of the encrypted encapsulated data; S3.5. Based on the list of supported extended commands extracted in step S1, select the corresponding private original equipment manufacturer (OEM) instruction and transmit the encapsulated data with the attached checksum over the network.
[0022] In some embodiments, step S4 includes the following sub-steps: S4.1. Use a preset encryption mode to encrypt the request data and response data of the private original equipment manufacturer (OEM) instruction transmitted in step S3; S4.2. Based on the communication link after the request data and response data of the private original equipment manufacturer's instructions have been encrypted, exchange digital certificates with the communication counterpart during the session establishment phase; S4.3. Verify the legitimacy of the digital certificates exchanged during the session establishment phase; S4.4. Process the encrypted request and response messages of the private original equipment manufacturer (OEM) instructions, and add an incrementing sequence number and timestamp to each smart platform management interface message; S4.5. After receiving a message with an added sequence number and timestamp, verify the original added sequence number and timestamp in the message; S4.6. Based on the verification results of the sequence number and timestamp, perform rejection processing on messages with duplicate sequence numbers and expired messages that exceed the valid time range; S4.7. Extract the fingerprint information of the digital certificate exchanged during the session establishment phase, and pre-set the extracted digital certificate fingerprint information in the relevant firmware and configuration files.
[0023] In some embodiments, in step S1, the intelligent platform management interface broadcast message is sent through the local area network to ensure that all relevant devices in the local area network can receive the intelligent platform management interface broadcast message. After receiving the intelligent platform management interface broadcast message, the relevant devices first extract the preset identifier in the intelligent platform management interface broadcast message for verification. After the preset identifier is verified, a temporary session identifier and a random number are generated and a response message is constructed. The list of supported extended commands extracted in step S1 is used to clarify the private original equipment manufacturer (OEM) instructions that the relevant devices can respond to. When sending private OEM instructions in the future, the corresponding private OEM instructions are selected according to the list of supported extended commands.
[0024] In some embodiments, in step S2, the key exchange algorithm adopts the elliptic curve Diffie-Hellman algorithm. The elliptic curve Diffie-Hellman algorithm generates a public key and a private key pair, exchanges the public key, and calculates a temporary session key by combining the public key with its own private key. The public key carried in the session activation command is generated based on the elliptic curve Diffie-Hellman algorithm. The relevant device uses its own public key carried in the session activation command to encrypt the temporary session key and returns it. The timing mechanism starts when the temporary session key is generated. After the new temporary session key is generated, it replaces the original temporary session key for subsequent data encryption and communication verification.
[0025] In some embodiments, in step S3, the instruction to obtain all pluggable component types of the server is used to collect type information of hard drives, network cards, power supplies, fans and optical modules in the server. The instruction to return detailed information by component type is used to collect the serial number, component model, physical location identifier and health status of the corresponding component. The physical location identifier includes the slot number and rack location of the component. The health status is divided into three states: normal, alarm and fault. The instruction to report component change events is triggered when a component is plugged in or unplugged. After the instruction to report component change events is triggered, an event notification containing component type, change type and change time is generated. The change type includes two situations: insertion and removal.
[0026] In some embodiments, in step S3, the data type identifier in the type length value structure is used to distinguish different categories of component data, the data length information is used to identify the byte length of the corresponding data, the encrypted actual data content is the original component data after being encrypted by the temporary session key, the sensitive data includes the component's serial number and physical location identifier, the encryption processing of the sensitive data adopts the Advanced Encryption Standard related algorithm, and the check code is calculated by hashing the unencrypted original component data.
[0027] In some embodiments, in step S4, the preset encryption mode adopts a combination of counter mode and Galois domain mode, the digital certificate adopts a standard format, and the digital certificate contains the certificate holder's identity information, public key information, issuing authority information and validity period. When verifying the legality of the digital certificate, the signature of the digital certificate is checked first, and then the validity period and issuing authority of the digital certificate are checked. The sequence number is incremented sequentially from the time the session is established, and the timestamp records the time when the message is sent. Messages with duplicate sequence numbers are directly discarded, and expired messages are marked and discarded.
[0028] Example 2 This embodiment provides a specific implementation process for a server and component management method based on an intelligent platform management interface. This process achieves efficient management of servers and pluggable components through the coordinated execution of automatic discovery, dynamic key negotiation, extended instruction encapsulation transmission, and security enhancement mechanisms. The entire process requires no complex pre-configuration and adapts to dynamically changing usage environments. Figure 2 As shown, the specific implementation process is as follows: S1. Broadcast detection and verification to extract basic device information: S1.1. Construct a smart platform management interface broadcast message containing a preset identifier and a public key fragment, and send it via the local area network: The construction of broadcast messages for the intelligent platform management interface must adhere to the basic format specifications of the intelligent platform management interface protocol. A preset identifier and public key fragment must be embedded in the message payload according to the field order and length requirements stipulated in the protocol. The public key fragment is incomplete public key information and is only used for initial identity association in subsequent communications; it does not possess independent encryption or authentication functions. During local area network (LAN) transmission, the message will be transmitted according to the LAN's communication rules, ensuring that the message can propagate normally within the LAN's coverage area, not limited to specific network segments or device groups.
[0029] In some embodiments, a multi-port parallel transmission method can be adopted. In addition to the default intelligent platform management interface communication port, 1-2 spare ports can be added to send the same broadcast message synchronously, reducing the probability of discovery failure caused by a single port failure. The public key fragment can also be transmitted in segments, and the complete public key information can be supplemented in subsequent response interactions to further improve the transmission efficiency of the initial broadcast message.
[0030] S1.2. Receive a response message returned in response to the broadcast message from the smart platform management interface containing a preset identifier and a public key fragment. The response message contains a temporary session identifier and a random number. The communication port remains in listening mode, continuously receiving response data from relevant devices within the local area network. The received data is initially parsed to filter out response messages corresponding to the sent broadcast messages, eliminating irrelevant data interference. The temporary session identifier in the response message is a randomly generated string used to uniquely identify the established communication session. The random number is used to enhance security during subsequent key negotiation, preventing duplicate or forgery attacks.
[0031] S1.3. Extract the preset identifier from the received response message and verify the validity of the extracted preset identifier: The predefined identifier field is extracted from the parsed response message and compared with the predefined identifier embedded when the broadcast message was sent. The verification process includes identifier length verification, format verification, and content verification to ensure that the response message comes from a legitimate target device and is not a maliciously forged invalid message. If the verification process finds inconsistencies in the identifier, incorrect format, or mismatched length, the response message is deemed invalid and will not be processed further.
[0032] S1.4. If the preset identifier verification passes, extract the media access control address, firmware version, and list of supported extended commands from the received response message as the relevant information extracted in step S1: After the preset identifier verification is successful, the validity of the response message is confirmed, and then the media access control address, firmware version, and list of supported extended commands are extracted from the specified fields of the message. The media access control address is used to identify the device's physical network address, providing a basis for establishing subsequent communication links; the firmware version information is used to determine the device's software support capabilities, ensuring that subsequent extended commands are compatible with the device firmware; the list of supported extended commands clarifies the types of proprietary original equipment manufacturer (OEM) commands that the device can respond to, providing a basis for subsequent command sending and avoiding the sending of invalid commands that the device does not support.
[0033] S2. Negotiate dynamic keys and manage session lifecycle: S2.1. Using a key exchange algorithm, and combining the media access control address, firmware version, and supported extended command list extracted in step S1, generate a temporary session key: The execution of the key exchange algorithm uses the relevant information extracted in step S1 as auxiliary parameters. The media access control address is used to distinguish different communication objects and avoid confusion with other devices during key negotiation. Firmware version information is used to adapt the algorithm's execution parameters, ensuring that the algorithm can run normally on devices with different firmware versions. The list of supported extended commands is used to confirm the device's support for key exchange-related operations. Through the algorithm's calculation process, a temporary session key with a specific length and encryption strength is generated. This key is used only for data encryption processing in this communication session.
[0034] In some embodiments, the key exchange algorithm can be adaptively adjusted based on firmware version information. For devices with newer firmware versions, a more complex and secure algorithm variant is used; for devices with older firmware versions, a more compatible base algorithm version is used to ensure the success rate of key negotiation. Simultaneously, a device performance detection mechanism can be introduced to dynamically adjust the computational complexity of key generation based on the device's processing capabilities, avoiding device response delays caused by overly complex algorithms.
[0035] S2.2. Construct a session activation command containing your own public key and send the session activation command containing your own public key: The session activation command is constructed in accordance with the command format requirements of the intelligent platform management interface protocol, embedding its own public key as a core parameter in the command field. The public key is complete public key information with public encryption capabilities, used to encrypt the temporary session key transmitted subsequently. During command transmission, a point-to-point communication link is established based on the media access control address extracted in step S1, ensuring that the session activation command is accurately transmitted to the target device and is not intercepted or tampered with by other devices.
[0036] S2.3. Receive response data returned in response to the sent session activation command containing its own public key, the response data containing a temporary session key encrypted with its own public key from the session activation command: The system continuously monitors the target device's response port and receives the response data returned by the device. It parses the response data and extracts a temporary session key encrypted with its own public key. This encryption process ensures that even if the temporary session key is intercepted during transmission, it cannot be decrypted without the corresponding private key, guaranteeing the security of key transmission. The response data may also contain a key encryption status identifier to verify the integrity and validity of the encryption process.
[0037] S2.4. Set the lifecycle of the received temporary session key encrypted with its own public key, and start a timer mechanism to count the usage time of the temporary session key encrypted with its own public key: Based on communication security requirements and actual usage scenarios, a fixed lifespan is set for temporary session keys. The timing mechanism starts from the moment the temporary session key is successfully decrypted and confirmed to be usable, continuously accumulating the key's usage time. The timing process employs a high-precision time statistics method to ensure the accuracy of time statistics, providing a reliable basis for subsequent key rotation. Simultaneously, the lifespan setting and the current usage time are stored in real time for easy monitoring and analysis.
[0038] In some embodiments, the lifecycle can be dynamically adjusted based on the amount of communication data and the communication frequency. When the data volume is large and communication is frequent, the lifecycle can be shortened appropriately, while when the data volume is small and communication is infrequent, the lifecycle can be extended appropriately, achieving a balance between security and ease of use. The timing mechanism can also be synchronized with the system time to avoid errors in lifecycle judgment caused by local time deviation of the device.
[0039] S2.5. When the timeout period reaches the set lifespan of the temporary session key, terminate the use of the currently used temporary session key and restart the dynamic key negotiation process to generate a new temporary session key: The system monitors the relationship between the timeout duration and the lifecycle setting in real time. When the timeout duration reaches or exceeds the setting value, the key termination process is immediately triggered. The termination process includes stopping the encryption and decryption functions of the current temporary session key, clearing the key information stored in the device, and ensuring that the key is no longer used for secure data transmission. Subsequently, following steps S2.1 to S2.4, dynamic key negotiation is restarted, a new temporary session key is generated, and the original key is used to continue to ensure communication security.
[0040] S3. Extended instructions encapsulate data, encrypt transmission, and verify: S3.1. Referring to the list of supported extended commands extracted in step S1, extend the private original equipment manufacturer (OEM) instructions into the intelligent platform management interface command set. The private OEM instructions include three specific types of instructions: obtaining all pluggable component types of the server, returning detailed information by component type, and reporting component change events. Based on the standard command set of the intelligent platform management interface, and combined with the supported extended command list extracted in step S1, the encoding range and format specifications of private original equipment manufacturer (OEM) instructions are determined. Three specific instruction categories correspond to different functional requirements: instructions to retrieve all pluggable component types on the server are used to collect information on the types of pluggable components installed on the server; instructions to return detailed information by component type are used to obtain specific parameters of a particular component type; and instructions to report component change events are used to provide real-time feedback on changes in component pluggable / pluggable status. The encoding of these instructions must avoid conflicts with the encoding in the standard command set to ensure that the instructions can be accurately recognized and responded to by the target device.
[0041] S3.2. Collect data related to the server's pluggable components, and encapsulate the collected data using a type-length-value structure. This type-length-value structure includes a data type identifier, data length information, and the encrypted actual data content. Through the server's hardware interface and detection mechanism, various relevant data of pluggable components are collected, including basic attribute information and operational status information. During the encapsulation process using a type-length-value structure, the data type identifier is used to distinguish different types of component data, such as serial number, model, and physical location; the data length information is used to identify the byte length of the corresponding data, facilitating accurate data boundary resolution by the receiving end; the encrypted actual data content is component data encrypted with a temporary session key, ensuring data confidentiality during transmission. The encapsulation order follows the sequence of data type identifier, data length information, and encrypted actual data content, adhering to fixed format rules.
[0042] In some embodiments, a data verification identifier field can be added to the type length value structure to perform preliminary verification of the data during the encapsulation process and ensure the integrity of the encapsulated data. For component information with a large amount of data, a segmented encapsulation method can be adopted to split the data into multiple type length value structure units for transmission. The receiving end then merges and parses the data to improve the stability of large data transmission.
[0043] S3.3. Identify sensitive data in the collected data related to the pluggable components of the server, and encrypt the identified sensitive data using the temporary session key received in step S2 and encrypted with its own public key: All collected component data is categorized and filtered to identify sensitive data requiring confidentiality. Sensitive data identification is based on a pre-defined list of sensitive data types, including but not limited to component serial numbers, physical location identifiers, and other information that may involve device security or privacy. During encryption, the encryption algorithm corresponding to the temporary session key is invoked to convert the sensitive data into encrypted ciphertext. The encryption process adheres to the algorithm's encryption specifications to ensure that the ciphertext data cannot be decrypted by unauthorized devices.
[0044] S3.4. Process the encrypted encapsulated data and append a checksum to the end of the encrypted encapsulated data: The checksum is calculated using a specific hash algorithm on the encrypted encapsulated data and is used to verify whether the data has been tampered with or lost during transmission. During the calculation, the encrypted encapsulated data is used as the entire input to the hash algorithm to generate a fixed-length checksum. The checksum is transmitted bound to the encrypted encapsulated data. The receiving end can use the same hash algorithm to calculate the checksum on the received data and compare the result with the attached checksum to determine the data's integrity.
[0045] S3.5. Based on the list of supported extended commands extracted in step S1, select the corresponding proprietary original equipment manufacturer (OEM) instruction and transmit the encapsulated data with the attached checksum over the network: Based on the required data type and functional needs of the components to be transmitted, select the corresponding instruction from the three categories of proprietary original equipment manufacturer (OEM) instructions. Refer to the supported extended command list extracted in step S1 to confirm that the selected instruction is within the range supported by the device, avoiding the transmission of invalid instructions. Use the encapsulated data with an appended checksum as the payload of the instruction, and transmit it over the network through the established communication link according to the transmission rules of the intelligent platform management interface protocol, ensuring that the data is accurately transmitted to the target device.
[0046] In some embodiments, redundant transmission can be used to repeatedly transmit the encapsulated data of critical components multiple times, with a fixed interval between each transmission, to reduce the risk of data loss due to a single transmission failure. At the same time, transmission status identifiers can be added during the transmission process to provide real-time feedback on the progress and results of data transmission, making it easier to detect and handle transmission anomalies in a timely manner.
[0047] S4. Enhance communication security and verify message validity: S4.1. Using a preset encryption mode, encrypt the request and response data of the proprietary original equipment manufacturer (OEM) instruction transmitted in step S3: The default encryption mode is a method that balances security and transmission efficiency, encrypting both request and response data from proprietary original equipment manufacturers (OEMs) throughout the entire transmission process. Encryption begins after data generation at the sending end and continues until the receiving end decrypts the data to obtain the original data. Encryption not only targets the data content but also includes command headers and control fields, ensuring the security of the entire communication process and preventing data interception or tampering.
[0048] S4.2. Based on the communication link after the request and response data of the private original equipment manufacturer's instructions have been encrypted, exchange digital certificates with the communication counterpart during the session establishment phase: Digital certificates contain core fields such as the certificate holder's identity information, public key information, issuing authority information, and validity period, used for mutual authentication between the two parties. During the session establishment phase, both parties send their respective digital certificates to each other through an encrypted communication link. During transmission, the digital certificates are encapsulated according to a preset format to ensure that the certificate information is not leaked or tampered with during transmission. The exchanged digital certificates are valid certificates issued by legitimate authorities and possess a complete chain of identity authentication.
[0049] S4.3. Verify the legitimacy of the digital certificates exchanged during the session establishment phase: Upon receiving the digital certificate from the communication partner, the system first verifies the certificate's signature information by decrypting and verifying the signature using the issuing authority's public key to confirm that the certificate has not been tampered with. Next, it checks the certificate's validity period to determine if it is still valid. If the certificate has expired or has not yet taken effect, it is deemed invalid. Finally, it verifies the issuing authority's information to confirm that the issuing authority is a legitimate certification authority with the necessary certificate issuance qualifications. Only when signature verification, validity period verification, and issuing authority verification all pass are the digital certificate deemed legal and valid.
[0050] S4.4. Process the encrypted request and response messages of the private original equipment manufacturer (OEM) instructions, and add an incrementing sequence number and timestamp to each smart platform management interface message: The sequence number increments sequentially from the time the session is established, with each message corresponding to a unique sequence number. This sequence number identifies the order in which messages are sent, preventing message reordering during reception. The timestamp records the precise moment the message was sent, providing a basis for determining the message's timeliness. During the addition process, the sequence number and timestamp are embedded as additional fields in the message header, without affecting the core data content or encryption status of the message. The format of the sequence number and timestamp follows a unified standard, ensuring that the receiving end can accurately parse and identify them.
[0051] S4.5. After receiving a message with an added sequence number and timestamp, verify the original added sequence number and timestamp in the message: After receiving a message, the sequence number and timestamp fields in the message header are extracted. A continuity check is performed on the sequence number to confirm whether the currently received sequence number is consecutive to the previously received sequence number. If a sequence number jumps or duplicates, the message transmission is considered abnormal. A timeliness check is performed on the timestamp to determine whether the time difference between the message's sending and receiving times is within a preset valid range. If the time difference exceeds the range, the message is considered an expired message.
[0052] S4.6. Based on the verification results of the sequence number and timestamp, perform rejection processing on messages with duplicate sequence numbers and expired messages that exceed the valid time range: For messages with duplicate sequence numbers, they are discarded without further decryption or parsing to avoid data redundancy or errors caused by duplicate processing. Expired messages that have exceeded their validity period are also discarded, and their relevant information is recorded for later troubleshooting and analysis. Rejection processing only applies to the abnormal message itself and does not affect the reception and processing of normal messages.
[0053] S4.7. Extract the fingerprint information of the digital certificate exchanged during the session establishment phase, and pre-install the extracted digital certificate fingerprint information in the relevant firmware and configuration files: The fingerprint information of a digital certificate is calculated using a hash algorithm and serves as its unique identifier. After extraction, the fingerprint information is stored in the firmware and configuration files of the relevant device as pre-set information for subsequent communication authentication. When a communication session is re-established, the pre-set fingerprint information can be directly compared with the fingerprint information of the digital certificate sent by the other party to quickly complete authentication and improve the efficiency of communication establishment. The pre-setting process ensures the security and stability of the stored fingerprint information, preventing unauthorized modification or deletion.
[0054] This embodiment's server and component management method based on the intelligent platform management interface achieves device identification through an automatic discovery mechanism, eliminating the need for pre-configuration of complex network parameters and significantly reducing the complexity of configuration management. The combination of dynamic key negotiation and security enhancement mechanisms provides multiple security guarantees for data transmission, effectively resisting security risks such as data leakage, tampering, and forgery. The extended encapsulation method of proprietary original equipment manufacturer (OEM) instructions and type-length value structures enables flexible collection and transmission of pluggable component information, improving the method's scalability and adaptability. The fully automated execution process, without human intervention, reduces the probability of human error and improves the efficiency and reliability of server and component management. Simultaneously, through lifecycle management of session keys and validity verification of messages, the stability and continuity of the entire management process are ensured, enabling adaptation to dynamically changing usage environments and providing strong support for the full lifecycle management of servers and components.
[0055] The above description is merely a preferred embodiment of the present invention. It should be understood that the present invention is not limited to the forms disclosed herein and should not be construed as excluding other embodiments. It can be used in various other combinations, modifications, and environments, and can be altered within the scope of the concept described herein through the above teachings or related technologies or knowledge. Modifications and variations made by those skilled in the art that do not depart from the spirit and scope of the present invention should be within the protection scope of the appended claims.
Claims
1. A server and component management method based on an intelligent platform management interface, characterized in that, Includes the following steps: S1. Perform automatic discovery operation, send a smart platform management interface broadcast message containing a preset identifier and public key fragment, receive the returned response message, verify the validity of the preset identifier, and extract relevant information; S2. Conduct dynamic key negotiation, use key exchange algorithm to generate temporary session key with extracted relevant information, send session activation command containing its own public key, receive temporary session key encrypted with its own public key, set the life cycle of temporary session key and monitor it, and renegotiation after the life cycle of temporary session key ends. S3. Extend the private original equipment manufacturer (OEM) instructions in the command set of the extended intelligent platform management interface, encapsulate the server pluggable component information using a type-length-value structure, encrypt sensitive data using a temporary session key, and transmit it through the extended private OEM instructions after attaching a checksum. S4. Implement security enhancement mechanisms to encrypt request and response data of private original equipment manufacturer (OEM) instructions, exchange and verify digital certificates, add and verify serial numbers and timestamps, reject invalid messages, and pre-configure digital certificate fingerprint information.
2. The method according to claim 1, characterized in that, Step S1 includes the following sub-steps: S1.
1. Construct a smart platform management interface broadcast message containing a preset identifier and a public key fragment, and send it through the local area network; S1.
2. Receive a response message returned in response to the broadcast message of the intelligent platform management interface containing a preset identifier and a public key fragment. The response message contains a temporary session identifier and a random number. S1.
3. Extract the preset identifier from the received response message and verify the validity of the extracted preset identifier; S1.
4. If the preset identifier verification is successful, extract the media access control address, firmware version, and list of supported extended commands from the received response message as the relevant information extracted in step S1.
3. The method according to claim 1, characterized in that, Step S2 includes the following sub-steps: S2.
1. Using a key exchange algorithm, combined with the media access control address, firmware version, and list of supported extended commands extracted in step S1, a temporary session key is generated; S2.
2. Construct a session activation command containing your own public key and send the session activation command containing your own public key; S2.
3. Receive response data returned in response to the sent session activation command containing its own public key, wherein the response data contains a temporary session key encrypted with its own public key in the session activation command; S2.
4. Set the lifecycle of the received temporary session key encrypted with its own public key, and start a timing mechanism to count the usage time of the temporary session key encrypted with its own public key; S2.
5. When the timeout period reaches the lifecycle setting value of the temporary session key, terminate the use of the currently used temporary session key and restart the dynamic key negotiation process to generate a new temporary session key.
4. The method according to claim 1, characterized in that, Step S3 includes the following sub-steps: S3.
1. Referring to the list of supported extended commands extracted in step S1, extend the private original equipment manufacturer (OEM) instructions in the command set of the intelligent platform management interface. The private OEM instructions include three types of specific instructions: obtaining all pluggable component types of the server, returning detailed information by component type, and reporting component change events. S3.
2. Collect relevant data of the server's pluggable components, and encapsulate the collected data of the server's pluggable components using a type-length-value structure. The type-length-value structure includes data type identifier, data length information, and encrypted actual data content. S3.
3. Identify sensitive data in the collected data related to the pluggable components of the server, and encrypt the identified sensitive data using the temporary session key received in step S2 and encrypted with its own public key; S3.
4. Process the encrypted encapsulated data and append a checksum to the end of the encrypted encapsulated data; S3.
5. Based on the list of supported extended commands extracted in step S1, select the corresponding private original equipment manufacturer (OEM) instruction and transmit the encapsulated data with the attached checksum over the network.
5. The method according to claim 1, characterized in that, Step S4 includes the following sub-steps: S4.
1. Use a preset encryption mode to encrypt the request data and response data of the private original equipment manufacturer (OEM) instruction transmitted in step S3; S4.
2. Based on the communication link after the request data and response data of the private original equipment manufacturer's instructions have been encrypted, exchange digital certificates with the communication counterpart during the session establishment phase; S4.
3. Verify the legitimacy of the digital certificates exchanged during the session establishment phase; S4.
4. Process the encrypted request and response messages of the private original equipment manufacturer (OEM) instructions, and add an incrementing sequence number and timestamp to each smart platform management interface message; S4.
5. After receiving a message with an added sequence number and timestamp, verify the original added sequence number and timestamp in the message; S4.
6. Based on the verification results of the sequence number and timestamp, perform rejection processing on messages with duplicate sequence numbers and expired messages that exceed the valid time range; S4.
7. Extract the fingerprint information of the digital certificate exchanged during the session establishment phase, and pre-set the extracted digital certificate fingerprint information in the relevant firmware and configuration files.
6. The method according to claim 2, characterized in that, In step S1, the intelligent platform management interface broadcast message is sent through the local area network to ensure that all relevant devices in the local area network can receive the intelligent platform management interface broadcast message. After receiving the intelligent platform management interface broadcast message, the relevant devices first extract the preset identifier in the intelligent platform management interface broadcast message for verification. After the preset identifier is verified, a temporary session identifier and a random number are generated and a response message is constructed. The list of supported extended commands extracted in step S1 is used to clarify the private original equipment manufacturer (OEM) instructions that the relevant devices can respond to. When sending private OEM instructions in the future, the corresponding private OEM instruction is selected according to the list of supported extended commands.
7. The method according to claim 3, characterized in that, In step S2, the key exchange algorithm adopts the elliptic curve Diffie-Hellman algorithm. The elliptic curve Diffie-Hellman algorithm generates a public key and a private key pair. After exchanging the public key, it calculates a temporary session key by combining it with its own private key. The public key carried in the session activation command is generated based on the elliptic curve Diffie-Hellman algorithm. The relevant device uses its own public key carried in the session activation command to encrypt the temporary session key and then returns it. The timing mechanism starts when the temporary session key is generated. After the new temporary session key is generated, it replaces the original temporary session key for subsequent data encryption and communication verification.
8. The method according to claim 4, characterized in that, In step S3, the instruction to obtain all pluggable component types of the server is used to collect type information of hard drives, network cards, power supplies, fans and optical modules in the server. The instruction to return detailed information by component type is used to collect the serial number, component model, physical location identifier and health status of the corresponding component. The physical location identifier includes the slot number and rack location of the component. The health status is divided into three types: normal, alarm and fault. The instruction to report component change events is triggered when a component is plugged in or removed. After the instruction to report component change events is triggered, an event notification containing component type, change type and change time is generated. The change type includes two situations: insertion and removal.
9. The method according to claim 4, characterized in that, In step S3, the data type identifier in the type length value structure is used to distinguish different categories of component data, the data length information is used to identify the byte length of the corresponding data, the encrypted actual data content is the original component data after being encrypted by the temporary session key, the sensitive data includes the component's serial number and physical location identifier, the encryption processing of the sensitive data adopts the Advanced Encryption Standard related algorithm, and the check code is calculated by hashing the unencrypted original component data.
10. The method according to claim 5, characterized in that, In step S4, the preset encryption mode adopts a combination of counter mode and Galois domain mode. The digital certificate adopts a standard format and includes the certificate holder's identity information, public key information, issuing authority information, and validity period. When verifying the legality of the digital certificate, the signature of the digital certificate is checked first, and then the validity period and issuing authority of the digital certificate are checked. The sequence number is incremented sequentially from the time the session is established. The timestamp records the time when the message is sent. Messages with duplicate sequence numbers are discarded directly, and expired messages are marked and discarded.