公开(公告)号：EP3120238A1

公开(公告)日：2017-01-25

申请号：EP14886149.5

申请日：2014-03-19

申请人： Intel Corporation

发明人： LI, Kevin ,  ZIMMER, Vincent ,  ZHOU, Xiaohu ,  WU, Ping ,  YOU, Zijian ,  ROTHMAN, Michael

IPC分类号： G06F9/44

摘要： The present application is directed to access isolation for multi-operating system devices. In general, a device may be configured using firmware to accommodate more than one operating system (OS) operating concurrently on the device or to transition from one OS to another. An access isolation module (AIM) in the firmware may determine a device equipment configuration and may partition the equipment for use by multiple operating systems. The AIM may disable OS-based equipment sensing and may allocate at least a portion of the equipment to each OS using customized tables. When transitioning between operating systems, the AIM may help to ensure that information from one OS is not accessible to others. For example, the AIM may detect when a foreground OS is to be replaced by a background OS, and may protect (e.g., lockout or encrypt) the files of the foreground OS prior to the background OS becoming active.

摘要翻译： 本应用针对多操作系统设备的访问隔离。 通常，可以使用固件来配置设备以容纳在设备上同时运行的多个操作系统（OS）或者从一个OS转换到另一个操作系统。 固件中的访问隔离模块（AIM）可以确定设备设备配置，并且可以划分设备以供多个操作系统使用。 AIM可以禁用基于操作系统的设备感测，并且可以使用定制的表将至少一部分设备分配给每个OS。 在操作系统之间转换时，AIM可以帮助确保来自一个操作系统的信息不能被其他人访问。 例如，AIM可以检测前景OS何时被后台OS替换，并且可以在背景OS变为活动之前保护（例如，锁定或加密）前台OS的文件。

公开(公告)号：EP2771784A1

公开(公告)日：2014-09-03

申请号：EP11874737.7

申请日：2011-10-28

申请人： Intel Corporation

发明人： ROTHMAN, Michael ,  ZIMMER, Vincent J. ,  SIM, Chee Keong ,  HAU, Tze Ming ,  QIAN, Yi Holger ,  RUI, Yu ,  WANG, Jian Javen

IPC分类号： G06F9/22

CPC分类号： G06F9/4418 ,  G06F1/3203 ,  G06F9/441

摘要： Multiple operational contexts are called up from a Standby power state of a computing device. The operational contexts run on one or more operating systems of the computing device. When a desired operational context is chosen, such as by activation through a user initiated act or hot key, the operating system supporting the desired operational context is booted up from the Standby power state.

公开(公告)号：EP1924909A1

公开(公告)日：2008-05-28

申请号：EP06789443.6

申请日：2006-08-03

申请人： Intel Corporation

发明人： ROTHMAN, Michael ,  ZIMMER, Vincent ,  HINTON, Glenn ,  DORAN, Mark ,  KINNEY, Michael

IPC分类号： G06F9/445

CPC分类号： G06F1/3234 ,  G06F9/4418

摘要： When transitioning from sleep mode to active mode, a processing system loads first stage resume content and second stage resume content into a volatile memory of the processing system. The first stage resume content may contain contextual data for a first program that was in use before the processing system transitioned to sleep mode. The second stage resume content may contain contextual data for another program that was in use before the processing system transitioned to sleep mode. The processing system may provide a user interface for the first program before all of the second stage resume content has been loaded into the volatile memory. Other embodiments are described and claimed.

公开(公告)号：EP1634170A2

公开(公告)日：2006-03-15

申请号：EP04753416.9

申请日：2004-05-26

申请人： INTEL CORPORATION

发明人： ZIMMER, Vincent ,  ROTHMAN, Michael ,  MILLER, Greg ,  DORAN, Mark

IPC分类号： G06F9/445 ,  H03M7/30

CPC分类号： G06F9/4401 ,  H03M7/30

摘要： Firmware-based conversion methods for storing converted firmware variables in a firmware storage device, such as flash memory. Under one method, “eager” compression of firmware is performed. In response to a storage request, a determination is made to whether a compressor is available. If it is, the firmware variable is stored in a compressed form in the storage device; if not, the firmware variable is stored in an uncompressed form. In response to a read request for a stored firmware variable, a determination is made to whether the variable is stored in a compressed or uncompressed form. If it is compressed, a decompressor is employed to return the variable to its uncompressed form prior to providing it to the requestor; already uncompressed variables are provided directly to the requestor. An application program interface is provided to enable operating system runtime access to the firmware variables. Similar conversions may be employed separately or in parallel, including encryption.

公开(公告)号：EP1805572B1

公开(公告)日：2015-07-29

申请号：EP05810186.6

申请日：2005-10-13

申请人： Intel Corporation

发明人： ZIMMER, Vincent ,  ROTHMAN, Michael

IPC分类号： G06F1/00

CPC分类号： H04L63/0823 ,  G06F13/4068 ,  G06F21/575 ,  G06F21/71 ,  G06F21/72 ,  G06F21/80 ,  G06F2221/2107 ,  G06F2221/2115 ,  H04L9/3268 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/08

摘要： In one embodiment, a method is provided that may include one or more operations. One of these operations may include, in response, at least in part, to a request to store input data in storage, encrypting, based least in part upon one or more keys, the input data to generate output data to store in the storage. The one or more keys may be authorized by a remote authority. Alternatively or additionally, another of these operations may include, in response, at least in part, to a request to retrieve the input data from the storage, decrypting, based at least in part upon the at least one key, the output data. Many modifications, variations, and alternatives are possible without departing from this embodiment.

公开(公告)号：EP1636696B1

公开(公告)日：2013-07-24

申请号：EP04754766.6

申请日：2004-06-09

申请人： Intel Corporation

发明人： ZIMMER, Vincent ,  ROTHMAN, Michael

IPC分类号： G06F9/50 ,  G06F9/44

CPC分类号： G06F9/4405 ,  G06F9/5011

公开(公告)号：EP1927065A1

公开(公告)日：2008-06-04

申请号：EP06815263.6

申请日：2006-09-21

申请人： Intel Corporation

发明人： ROTHMAN, Michael ,  ZIMMER, Vincent

IPC分类号： G06F21/00 ,  G06F21/02

CPC分类号： G06F21/82 ,  G06F21/57 ,  G06F21/575 ,  G06F21/62 ,  G06F21/85

摘要： Deterring output of data from a computing platform may be accomplished by launching a driver to filter write requests to selected output ports of the computing platform, receiving a write request, and denying the write request when the write request is for a selected output port identified as being in a read-only mode.

摘要翻译： 可以通过启动驱动程序来将写入请求过滤到计算平台的选定输出端口，接收写入请求，以及当写入请求针对所选择的输出端口标识为 处于只读模式。

公开(公告)号：EP1922617A1

公开(公告)日：2008-05-21

申请号：EP06789241.4

申请日：2006-08-03

申请人： Intel Corporation

发明人： ZIMMER, Vincent ,  FISH, Andrew ,  ROTHMAN, Michael ,  NATU, Mahesh

IPC分类号： G06F9/445

CPC分类号： G06F12/10 ,  G06F9/4403 ,  G06F2212/2515

摘要： A temporary memory of a computer system is configured during a boot mode. Page tables are generated for the temporary memory. System memory of the computer system is initialized. Contents of the temporary memory are migrated to the system memory.

公开(公告)号：EP1639426A2

公开(公告)日：2006-03-29

申请号：EP04755422.5

申请日：2004-06-16

申请人： INTEL CORPORATION

发明人： ZIMMER, Vincent ,  ELLISON, Carl ,  ROTHMAN, Michael ,  FISH, Andrew ,  DORAN, Mark

IPC分类号： G06F1/00

CPC分类号： G06F21/51 ,  G06F21/575 ,  G06F2221/2141

摘要： Methods and apparatus to provide secure firmware storage and service access are disclosed. One example method may include receiving a request to execute an instruction in a pre-boot environment, determining an identity of the instruction, determining if an access control list includes an entry corresponding to the instruction, and selectively allowing the execution of the instruction if the access control list includes an entry corresponding to the instruction.

公开(公告)号：EP1922617B1

公开(公告)日：2009-05-13

申请号：EP06789241.4

申请日：2006-08-03

申请人： Intel Corporation

发明人： ZIMMER, Vincent ,  FISH, Andrew ,  ROTHMAN, Michael ,  NATU, Mahesh

IPC分类号： G06F9/445

CPC分类号： G06F12/10 ,  G06F9/4403 ,  G06F2212/2515

摘要： A temporary memory of a computer system is configured during a boot mode. Page tables are generated for the temporary memory. System memory of the computer system is initialized. Contents of the temporary memory are migrated to the system memory.