Field of the Invention
The present invention relates to information handling systems. More specifically, embodiments of the invention relate to utilizing a client key to generate a one-time use reference for delivery of managed software to a userless and headless device.
Description of the Related Art
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
It is known to use a plurality of information handling system within information technology (IT) environments. With IT environments, it is often desirable to deploy assets such as software to the information handling systems via a Software as a Service (SaaS) operation. However, deploying software as a service to a userless and headless device can present security and manageability challenges that are not present in deployment scenarios to information handling systems which have users present with access to I/O devices such as keyboards and displays to manually authenticate and validate an installation. In an enterprise, domain join and domain based authentication secures the trust within the domain environment. In an environment where headless, userless devices are not attached to a domain and aren't assigned to user identities, securing the deployment of applications that are attached to specific and unique cloud services can be problematic.
For example, in certain environments it might be desirable to perform a post-install deployment of an agent (e.g., a Boomi atom agent such as a Statistica or FogLight agent available from Dell Inc.) on a device such as an Internet of Things (IoT) type gateway that has a trust relationship with a device management system such as a cloud client manager (CCM) management system and/or an AirWatch type management system. The management system can perform the deployment of the agent; however, linking the agent back to a tenant account for the SaaS service can require the gateway to deliver tenant specific information such as login, password or device identity information to the service. Having this tenant specific information sent programmatically to a login portal without user verification or an established certificate based trust relationship may not be secure. Accordingly, it would be desirable to provide a secure method for managed deployment of SaaS on-device agentry and account association.