公开(公告)号：US20190116173A1

公开(公告)日：2019-04-18

申请号：US15782190

申请日：2017-10-12

Applicant: Dell Products L.P.

Inventor： Charles D. Robison ,  Daniel L. Hamlin

IPC: H04L29/06 ,  H04W12/06

Abstract: In some examples, a target device may store a policy that includes one or more conditions. For example, a condition of the policy may specify that each device of the multiple devices have a certificate that was deployed to each device when each device was provisioned. A condition of the policy may specify that each device of the multiple devices be within a predetermined distance (or within a particular distance range) from the target device. A condition of the policy may specify that each device of the plurality of devices have a beacon secret that is periodically broadcast out-of-band by a local beacon. While the conditions of the policy are satisfied, the target device may grant the multiple devices access to the target device. If the target device determines that the conditions of the policy are no longer being satisfied, the target device may deny (or reduce) access.

公开(公告)号：US10097358B2

公开(公告)日：2018-10-09

申请号：US15133294

申请日：2016-04-20

Applicant: Dell Products, L.P.

Inventor： Warren Wade Robbins ,  Daniel L. Hamlin ,  Charles D. Robison

IPC: H04L9/32 ,  H04W4/06 ,  H04L9/30 ,  H04L29/06 ,  H04W12/06 ,  H04W12/04 ,  H04L9/00 ,  H04L9/14 ,  H04W88/16

Abstract: Systems and methods for securing network devices through the use of an out-of-band beacon are described. In some embodiments, a method may include broadcasting, by a gateway, a wireless beacon that is out-of-band with respect to communications between the gateway and a plurality of devices over a network, where the wireless beacon includes a token; receiving an encrypted packet at the gateway as part of the communications; decrypting the encrypted packet into an intermediate payload by the gateway using a public key, where the public key corresponds to a certificate provisioned to each of the plurality of devices; and decrypting the intermediate payload into a decrypted packet by the gateway using the token.

公开(公告)号：US10019577B2

公开(公告)日：2018-07-10

申请号：US15098930

申请日：2016-04-14

Applicant: Dell Products, L.P.

Inventor： Charles D. Robison ,  Chad R. Skipper ,  Daniel L. Hamlin

IPC: G06F21/56 ,  G06F21/57

CPC classification number: G06F21/566 ,  G06F21/575 ,  G06F2221/033

Abstract: Systems and methods for hardware hardened advanced threat protection are described. In some embodiments, an Information Handling System (IHS) may include a processor; and a Basic Input/Output System (BIOS) coupled to the processor, the BIOS having BIOS instructions stored thereon that, upon execution, cause the IHS to: launch an Extensible Firmware Interface (EFI) gateway module; and determine, using the EFI gateway module, whether the BIOS instructions include malware.

公开(公告)号：US20170300692A1

公开(公告)日：2017-10-19

申请号：US15098930

申请日：2016-04-14

Applicant: Dell Products, L.P.

Inventor： Charles D. Robison ,  Chad R. Skipper ,  Daniel L. Hamlin

IPC: G06F21/56 ,  G06F21/57

CPC classification number: G06F21/566 ,  G06F21/575 ,  G06F2221/033

Abstract: Systems and methods for hardware hardened advanced threat protection are described. In some embodiments, an Information Handling System (IHS) may include a processor; and a Basic Input/Output System (BIOS) coupled to the processor, the BIOS having BIOS instructions stored thereon that, upon execution, cause the IHS to: launch an Extensible Firmware Interface (EFI) gateway module; and determine, using the EFI gateway module, whether the BIOS instructions include malware.

公开(公告)号：US09436828B2

公开(公告)日：2016-09-06

申请号：US14736967

申请日：2015-06-11

Applicant: Dell Products L.P.

Inventor： Douglas M. Anson ,  Charles D. Robison ,  David Konetski ,  Frank H. Molsberry ,  Anand Joshi

IPC: G06F9/00 ,  G06F15/177 ,  G06F21/57 ,  G06F9/44

CPC classification number: G06F21/575 ,  G06F9/4401

Abstract: In accordance embodiments of the present disclosure, a method may include, during execution of an operating system on an information handling system and responsive to a user input indicating a desire to invoke a basic input/output system (BIOS) setup program for configuring a BIOS, prompting for and receiving user-provided credentials via a user interface communicatively coupled to the processor. The method may also include, during execution of the operating system, passing BIOS credentials to the BIOS based on the user-provided credentials. The method may additionally include, during execution of the operating system determining, by the BIOS, if the BIOS credentials are valid. The method may further include, responsive to determining that the BIOS credentials are valid, setting a flag to a value indicating that the BIOS setup program is to be invoked on a subsequent boot of the information handling system.

公开(公告)号：US09235729B2

公开(公告)日：2016-01-12

申请号：US14075135

申请日：2013-11-08

Applicant: Dell Products L.P.

Inventor： Charles D. Robison ,  Liam B. Quinn ,  Rocco Ancona ,  Roman Joel Pacheco

IPC: G06F21/81 ,  G06F21/62 ,  H04L29/06 ,  G06F11/07 ,  G06F21/86

CPC classification number: G06F21/6263 ,  G06F11/0757 ,  G06F21/81 ,  G06F21/86 ,  H04L63/083 ,  H04W12/06

Abstract: Context captured with sensors of an information handling system is applied to selectively lock access to currently unlocked information, with conditions for locking access based upon the context. Nervous states enforce locking of selected information based upon the confidence of the security of the information under sensed external conditions. Increased sensitivity for locking access includes reduced timeouts to a lock command, increased response to sensed conditions, and more rapid response where unlocked access is to sensitive information.

Abstract translation: 应用用信息处理系统的传感器捕获的背景，以选择性地锁定对当前解锁的信息的访问，以及基于上下文来锁定访问的条件。 紧张状态根据感觉到的外部条件下信息的安全性的信心，强制锁定所选择的信息。 锁定访问的灵敏度增加包括缩短锁定命令的超时时间，增加对感测条件的响应，以及更快速的响应，其中锁定访问是敏感信息。

公开(公告)号：US08978101B2

公开(公告)日：2015-03-10

申请号：US13747030

申请日：2013-01-22

Applicant: Dell Products L.P.

Inventor： Douglas M. Anson ,  Carlton A. Andrews ,  Charles D. Robison ,  David Konetski ,  Frank H. Molsberry ,  Yuan-Chang Lo

IPC: H04L29/02 ,  G06F15/16 ,  H04L29/06

CPC classification number: H04L63/105 ,  H04L63/126 ,  H04L63/20 ,  H04L67/104

Abstract: A method may also include receiving from each of one or more of potential peer information handling systems a connection request comprising a peer minimum acceptable security level for the peer information handling system. The method may additionally include comparing the peer minimum acceptable security level to a security level of the information handling system. The method may further include completing a peer-to-peer connection between the information handling system and the peer information handling system if the minimum acceptable security level is not higher than that of the security level of the information handling system.

Abstract translation: 一种方法还可以包括从潜在对等信息处理系统中的一个或多个潜在对等信息处理系统中的每一个接收包括用于对等信息处理系统的对等最小可接受安全级别的连接请求。 该方法还可以包括将对等最小可接受安全级别与信息处理系统的安全级别进行比较。 如果最小可接受安全级别不高于信息处理系统的安全级别，则该方法还可以包括完成信息处理系统与对等信息处理系统之间的对等连接。

公开(公告)号：US08893964B2

公开(公告)日：2014-11-25

申请号：US13840393

申请日：2013-03-15

Applicant: Dell Products L.P.

Inventor： Charles D. Robison ,  Richard W. Schuckle ,  Rocco Ancona

IPC: G06K5/00 ,  G06K15/00 ,  G06Q20/40

CPC classification number: G06Q20/3274 ,  G06K7/1447 ,  G06K19/06112 ,  G06Q20/204 ,  G06Q20/3224 ,  G06Q20/3276 ,  G06Q20/3829 ,  G06Q20/401

Abstract: Unauthorized copying of a transaction barcode is prevented by including a sensed condition or other publicly-accessible data with the transaction barcode for use as a comparison with the publicly accessible data determined at a barcode reader. If the sensed condition included in the transaction barcode indicates that the transaction barcode was generated for a different transaction, then the barcode reader invalidates the transaction. For instance, if the barcode was generated too distant in time, position, or sequential transactions, then the barcode reader invalidates the transaction barcode as an unauthorized copy of a transaction barcode generated for a different transaction.

Abstract translation: 通过将检测到的条件或其他可公开访问的数据与交易条形码一起用于与条形码读取器确定的可公开访问的数据进行比较来防止交易条形码的未经授权的复制。 如果包含在交易条形码中的检测条件指示为不同的交易生成交易条形码，则条形码读取器使交易无效。 例如，如果条形码在时间，位置或顺序事务中产生得太远，则条形码读取器将事务条形码作为为不同事务生成的事务条形码的未经授权的副本而使其无效。

公开(公告)号：US12225018B2

公开(公告)日：2025-02-11

申请号：US18157160

申请日：2023-01-20

Applicant: Dell Products, L.P.

Inventor： Charles D. Robison ,  Girish S. Dhoble ,  Nicholas D. Grobelny ,  Jason Kolodziej

IPC: G06F21/57 ,  G06F21/60 ,  H04L9/40

Abstract: Systems and methods are provided for managing capabilities of workspaces operating on an Information Handling System (IHS). A request is received from a user of the IHS for access to a protected resource. A security context and a productivity context are determined for operation of a primary workspace on the IHS. Two or more applications are identified for operation within the primary workspace, where the applications provide access to the protected resource, and where the applications include overlapping capabilities. Based on the security context and the productivity context for the primary workspace deployment, two or more of the applications with overlapping capabilities are selected for operation within the primary workspace.

公开(公告)号：US20240249293A1

公开(公告)日：2024-07-25

申请号：US18157135

申请日：2023-01-20

Applicant: Dell Products, L.P.

Inventor： Joseph Kozlowski ,  Charles D. Robison

IPC: G06Q30/018 ,  G06Q30/0601

CPC classification number: G06Q30/018 ,  G06Q30/0637 ,  G06Q2220/127 ,  G06Q2220/18

Abstract: Systems and methods support transfer of an Information Handling System (IHS) from a first individual to a second individual. Upon notification of the transfer of the IHS, a credential of the second individual is received and an inventory is generated of detected hardware of the IHS. The generated hardware inventory is signed using the credential received from the second individual and the signed hardware inventory is published, thus establishing the inventory at the time the transfer is initiated. Upon actual transfer of the IHS to the second individual, another inventory of detected IHS hardware is generated and the published hardware inventory signed using the credential of the second individual is retrieved. The inventory of detected IHS hardware generated by the second individual is compared against the signed hardware inventory generated at the time the transfer was initiated in order to identify any discrepancies in the IHS hardware.