-
1.发明公开ACCESS ISOLATION FOR MULTI-OPERATING SYSTEM DEVICES 审中-公开ZUGRIFFSISOLIERUNGFÜRVORRICHTUNGEN MIT MEHREREN BETRIEBSSYSTEMEN
公开(公告)号:EP3120238A1
公开(公告)日:2017-01-25
申请号:EP14886149.5
申请日:2014-03-19
申请人: Intel Corporation
发明人: LI, Kevin , ZIMMER, Vincent , ZHOU, Xiaohu , WU, Ping , YOU, Zijian , ROTHMAN, Michael
IPC分类号: G06F9/44
摘要: The present application is directed to access isolation for multi-operating system devices. In general, a device may be configured using firmware to accommodate more than one operating system (OS) operating concurrently on the device or to transition from one OS to another. An access isolation module (AIM) in the firmware may determine a device equipment configuration and may partition the equipment for use by multiple operating systems. The AIM may disable OS-based equipment sensing and may allocate at least a portion of the equipment to each OS using customized tables. When transitioning between operating systems, the AIM may help to ensure that information from one OS is not accessible to others. For example, the AIM may detect when a foreground OS is to be replaced by a background OS, and may protect (e.g., lockout or encrypt) the files of the foreground OS prior to the background OS becoming active.
摘要翻译: 本应用针对多操作系统设备的访问隔离。 通常,可以使用固件来配置设备以容纳在设备上同时运行的多个操作系统(OS)或者从一个OS转换到另一个操作系统。 固件中的访问隔离模块(AIM)可以确定设备设备配置,并且可以划分设备以供多个操作系统使用。 AIM可以禁用基于操作系统的设备感测,并且可以使用定制的表将至少一部分设备分配给每个OS。 在操作系统之间转换时,AIM可以帮助确保来自一个操作系统的信息不能被其他人访问。 例如,AIM可以检测前景OS何时被后台OS替换,并且可以在背景OS变为活动之前保护(例如,锁定或加密)前台OS的文件。
-
2.发明授权METHOD, APPARATUSES AND COMPUTER PROGRAM PRODUCT FOR SHARING CRYPTOGRAPHIC KEY WITH AN EMBEDDED AGENT ON A NETWORK ENDPOINT IN A NETWORK DOMAIN 有权方法,设备和计算机程序产品的密钥与嵌入式代理一个网络结点在网络域中使用
公开(公告)号:EP1728376B1
公开(公告)日:2009-07-15
申请号:EP05729217.9
申请日:2005-03-18
申请人: Intel Corporation
发明人: DURHAM, David , ZIMMER, Vincent , SMITH, Carey , YAVATKAR, Raj , SCHLUESSLER, Travis , LARSON, Dylan , ROZAS, Carlos
IPC分类号: H04L29/06
CPC分类号: H04L63/0435 , G06F21/57 , H04L9/083 , H04L9/0891 , H04L63/062 , H04L2209/60
摘要: Methods and apparatuses associated with sharing cryptographic keys in a network domain. An embedded agent on a network endpoint participates in the distribution of cryptographic keys. In one embodiment the embedded agent receives and stores a shared symmetric key, as do embedded agents on other network endpoints in the same network domain. The embedded agent causes the shared key to be stored in a secure storage not directly accessible by the host. When the host wants to transmit enciphered data, the embedded agent may provide access to cryptographic services. The embedded agent provides isolation of the shared key from parts of the host that are subject to compromise by attack or infection.
-
公开(公告)号:EP1924909A1
公开(公告)日:2008-05-28
申请号:EP06789443.6
申请日:2006-08-03
申请人: Intel Corporation
IPC分类号: G06F9/445
CPC分类号: G06F1/3234 , G06F9/4418
摘要: When transitioning from sleep mode to active mode, a processing system loads first stage resume content and second stage resume content into a volatile memory of the processing system. The first stage resume content may contain contextual data for a first program that was in use before the processing system transitioned to sleep mode. The second stage resume content may contain contextual data for another program that was in use before the processing system transitioned to sleep mode. The processing system may provide a user interface for the first program before all of the second stage resume content has been loaded into the volatile memory. Other embodiments are described and claimed.
-
4.发明公开SYSTEM AND METHOD FOR SECURE INTER-PLATFORM AND INTRA-PLATFORM COMMUNICATIONS 有权系统和方法,以确保安全INTRA INTERPLATTFORM-通信平台
公开(公告)号:EP1761837A1
公开(公告)日:2007-03-14
申请号:EP05786047.0
申请日:2005-06-24
申请人: Intel Corporation
IPC分类号: G06F1/00
摘要: A system and method are provided to preserve the confidentiality and/or integrity of a sensitive communication from its source to its destination whether locally on the platform, between platforms, or even the same program over time.
-
5.发明授权METHOD AND SYSTEM FOR CONCURRENT HANDLER EXECUTION IN AN SMI AND PMI-BASED DISPATCH-EXECUTION FRAMEWORK 有权方法和系统的中断程序一个SMI和PMI为基础的分配和执行环境的并行执行
公开(公告)号:EP1449077B1
公开(公告)日:2007-01-03
申请号:EP02780694.2
申请日:2002-11-13
申请人: INTEL CORPORATION
发明人: ZIMMER, Vincent , DATTA, Samanna
IPC分类号: G06F9/46
CPC分类号: G06F9/4812
摘要: A method and system that enables concurrent event handler execution in a system management interrupt (SMI) and processor management interrupt (PMI)-based dispatch-execution framework to service an SMI or PMI event. A plurality of event handlers are loaded into a hidden memory space that is accessible to a hidden execution mode supported by each of a plurality of processors in a multiprocessor computer system but is not accessible to other operating modes of those processors. The event handlers are then dispatched to two or more processors in response to the hidden execution mode event and concurrently executed to service the event. Various embodiments include use of a single event handler to service the event, multiple event handlers that perform different tasks, and multiple event handler instances that concurrently perform a single task. The invention also provides a resource locking mechanism to prevent resource access conflicts.
-
6.发明公开METHOD, APPARATUSES AND COMPUTER PROGRAM PRODUCT FOR SHARING CRYPTOGRAPHIC KEY WITH AN EMBEDDED AGENT ON A NETWORK ENDPOINT IN A NETWORK DOMAIN 有权方法,设备和计算机程序产品的密钥与嵌入式代理一个网络结点在网络域中使用
公开(公告)号:EP1728376A1
公开(公告)日:2006-12-06
申请号:EP05729217.9
申请日:2005-03-18
申请人: Intel Corporation
发明人: DURHAM, David , ZIMMER, Vincent , SMITH, Carey , YAVATKAR, Raj , SCHLUESSLER, Travis , LARSON, Dylan , ROZAS, Carlos
IPC分类号: H04L29/06
CPC分类号: H04L63/0435 , G06F21/57 , H04L9/083 , H04L9/0891 , H04L63/062 , H04L2209/60
摘要: Methods and apparatuses associated with sharing cryptographic keys in a network domain. An embedded agent on a network endpoint participates in the distribution of cryptographic keys. In one embodiment the embedded agent receives and stores a shared symmetric key, as do embedded agents on other network endpoints in the same network domain. The embedded agent causes the shared key to be stored in a secure storage not directly accessible by the host. When the host wants to transmit enciphered data, the embedded agent may provide access to cryptographic services. The embedded agent provides isolation of the shared key from parts of the host that are subject to compromise by attack or infection.
-
7.发明公开METHOD FOR FIRMWARE VARIABLE STORAGE WITH EAGER COMPRESSION, FAIL-SAFE EXTRACTION AND RESTART TIME COMPRESSION SCAN 有权方法对于具有较强的抗压变固件存储,故障保险,提取时间RESTART压缩扫描
公开(公告)号:EP1634170A2
公开(公告)日:2006-03-15
申请号:EP04753416.9
申请日:2004-05-26
申请人: INTEL CORPORATION
发明人: ZIMMER, Vincent , ROTHMAN, Michael , MILLER, Greg , DORAN, Mark
CPC分类号: G06F9/4401 , H03M7/30
摘要: Firmware-based conversion methods for storing converted firmware variables in a firmware storage device, such as flash memory. Under one method, “eager” compression of firmware is performed. In response to a storage request, a determination is made to whether a compressor is available. If it is, the firmware variable is stored in a compressed form in the storage device; if not, the firmware variable is stored in an uncompressed form. In response to a read request for a stored firmware variable, a determination is made to whether the variable is stored in a compressed or uncompressed form. If it is compressed, a decompressor is employed to return the variable to its uncompressed form prior to providing it to the requestor; already uncompressed variables are provided directly to the requestor. An application program interface is provided to enable operating system runtime access to the firmware variables. Similar conversions may be employed separately or in parallel, including encryption.
-
公开(公告)号:EP1485797A2
公开(公告)日:2004-12-15
申请号:EP02790148.7
申请日:2002-12-17
发明人: DATTA, Samanna , BRANNOCK, Kirk , ZIMMER, Vincent
IPC分类号: G06F9/445
CPC分类号: G06F9/4401
摘要: A boot routine is initialized in a computer by bootstrapping a volume top file (VTF) located in a first addressable location accessible upon the initializing of the boot routine and the volume top file bootstrapping a set of firmware modules.
-
公开(公告)号:EP3971713A1
公开(公告)日:2022-03-23
申请号:EP21191559.0
申请日:2021-08-16
申请人: INTEL Corporation
IPC分类号: G06F9/4401 , G06F12/0811 , G06F12/084 , G06F3/14
摘要: Embodiments are directed to improving boot process for early display initialization and visualization. An embodiment of a system includes a plurality of processor cores; a cache coupled to the plurality of processor cores; and a controller circuit to: initialize a portion of the cache as static memory for hardware initialization code usage before beginning execution of the hardware initialization code after a power on of the hardware processor; and cause initialization of a display device to be performed using the portion of the cache, the initialization of the display device performed independently of initialization of dynamic memory of the hardware processor.
-
公开(公告)号:EP3274895A1
公开(公告)日:2018-01-31
申请号:EP16715190.1
申请日:2016-03-23
申请人: Intel Corporation
CPC分类号: G06F9/30189 , G06F9/34 , G06F21/44 , G06F21/57 , G06F21/74
摘要: Various embodiments are generally directed to establishing trust in system management mode. An operating system management mode driver can invoke a system management mode and provide a signature to the system management mode to authenticate the driver with. Additionally, a hash value of the driver can be used to determine whether the driver is authorized to invoke system management mode or particular operations or features of system management mode.
-
-
-
-
-
-
-
-
-
搜索结果
65 条记录 (耗时 0.017 秒)
