Field of the Invention
The present invention relates in general to the field of information handling system server management, and more particularly to secure near field communication server information handling system support.
Description of the Related Art
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Server information handling systems are often concentrated in data centers that provide power and cooling infrastructure. An enterprise will often support email, data storage and ecommerce operations in one or more data centers in an attempt to secure information and business operations. The server information handling systems are typically maintained by an information technology (IT) team that manages systems and stored information through remote and local operations. For example, server information handling systems typically include a baseboard management controller (BMC) having an out-of-band network interface so that IT professionals have access to physical components of a server from a remote location. A BMC will typically allow remote start-up, power down and configuration of a server through a secure network interface separate from the enterprise network interface supported by the server. Although a BMC out-of-band network interface provides remote access for many server maintenance tasks, some tasks do require a physical presence at an information handling system. For example, a failure of a physical component within a server, such as a storage drive, often results in assignment of an individual to open the server and replace the failed component.
Server information handling systems often manage sensitive enterprise information and operations. To protect against data loss, data centers typically have redundancy and security systems in place. Redundancy systems store back-up copies of information in case a primary copy is lost and provide back-up cooling and power resources in case primary resources become degraded or unavailable. For example, server information handling systems often have RAID storage that maintains redundant copies of information in case a storage device fails. As another example, server information handling systems often have multiple power supplies and cooling fans so that the system can continue to operate in a degraded state if a power supply or cooling fan fails. Security systems protect against unauthorized and malicious acts that threaten server operations and data integrity. For example, data centers typically use password-secured access to information and systems to prevent unauthorized actions, such as an Active Directory (AD) system supported by Microsoft or various implementations of a lightweight directory access protocol (LDAP) system. Generally, such security systems allow users to access information based upon a level of access granted by reference to the user's credentials. For instance, most end users have access limited to their e-mail accounts and documents, while some users have greater access to monitor resource use without authority to alter data, and some users have access to control data of others. As an example, in a data center physical location, IT professionals often have access to administrative functions to manage server operations but lack access to information managed by the servers. Higher level administrators, in contrast, have access to information managed by servers, including authority to assign access levels to other users. Often, complex relationships are defined within an enterprise to closely control who has access at a system level versus access to information stored on server systems.
Recent trends in data management have further complicated efforts towards data security. One example of this is that enterprises have moved towards cloud-based services as an alternative to owning and maintaining their own server information handling system and storage resources. A data center that provides cloud-based services might support competing enterprises who share the same physical processing resources. For example, virtual machines associated with separate enterprises may run on the same server information handling system and share the same hard disk drive. Although data centers typically have tight physical security measures to prevent physical access to server and storage resources, the use of cloud computing effectively precludes restriction of physical access to server and storage resources based upon the end user who is using the resources. This difficulty is further multiplied where the server resources include wireless networking assets that support wireless communication within a data center, such as through a wireless local area network or even a Bluetooth connection that allows the use of wireless keyboards. For this and other security concerns, data centers often will not install server information handling systems that include wireless networking resources. However, in some instances, data centers will use near field communication (NFC) devices that allow IT administrators to wirelessly interface with server BMCs at very close range, such as with an NFC device integrated in a smartphone, tablet or other type of portable information handling system. Because of the short range involved with NFC devices, data centers generally assume that an individual who accesses a BMC with NFC is authorized to have physical access to the system.