公开(公告)号：US20120159137A1

公开(公告)日：2012-06-21

申请号：US12970698

申请日：2010-12-16

申请人： Hormuzd M. Khosravi ,  Divya Naidu Kolar Sundar ,  David M. Durham

发明人： Hormuzd M. Khosravi ,  Divya Naidu Kolar Sundar ,  David M. Durham

IPC分类号： G06F15/177

CPC分类号： G06F21/572 ,  G06F21/575

摘要： In some embodiments, the invention involves a method and apparatus for secure/authenticated local boot of a host operating system on a computing platform using active management technology (AMT) with a third party data store (3PDS)-based ISO firmware image. A portion of non-volatile memory is hardware secured against access by the host processor and OS, and accessible only to the AMT. The AMT comprises an AT/ATAPI protocol emulator to access an ISO boot image from secured memory, while appearing to the host processor as a communication with an AT/ATAPI device. Other embodiments are described and claimed.

摘要翻译： 在一些实施例中，本发明涉及一种用于使用基于第三方数据存储（3PDS）的ISO固件映像的主动管理技术（AMT）在计算平台上安全/认证的主机操作系统本地引导的方法和装置。 非易失性存储器的一部分是由主机处理器和OS访问的硬件安全的，并且只能由AMT访问。 AMT包括AT / ATAPI协议仿真器，用于从安全存储器访问ISO引导映像，同时作为与AT / ATAPI设备的通信向主机处理器呈现。 描述和要求保护其他实施例。

公开(公告)号：US20110078799A1

公开(公告)日：2011-03-31

申请号：US12658876

申请日：2010-02-17

申请人： Ravi L. Sahita ,  David M. Durham ,  Steve Orrin ,  Yasser Rasheed ,  Prasanna G. Mulgaonkar ,  Paul S. Schmitz ,  Hormuzd M. Khosravi

发明人： Ravi L. Sahita ,  David M. Durham ,  Steve Orrin ,  Yasser Rasheed ,  Prasanna G. Mulgaonkar ,  Paul S. Schmitz ,  Hormuzd M. Khosravi

IPC分类号： G06F12/14 ,  G06F21/00 ,  G06F21/22

CPC分类号： G06F21/53 ,  G06F21/55

摘要： In some embodiments, approaches may provide an out-of-band (OOB) agent to protect a platform. The OOB agent may be able to use non-TRS methods to measure and protect an in-band security agent. In some embodiments, a manageability engine can provide out of band connectivity to the in-band and out-of-band security agents and provide access to the system memory resources without having to rely on OS services. This can be used for a trusted anti-malware and remediation service.

摘要翻译： 在一些实施例中，方法可以提供带外（OOB）代理来保护平台。 OOB代理可能能够使用非TRS方法来测量和保护带内安全代理。 在一些实施例中，可管理性引擎可以向带内和带外安全代理提供带外连接，并提供对系统存储器资源的访问，而不必依赖于OS服务。 这可以用于受信任的反恶意软件和修复服务。

公开(公告)号：US07072958B2

公开(公告)日：2006-07-04

申请号：US09919059

申请日：2001-07-30

申请人： Pankaj N. Parmar ,  David M. Durham

发明人： Pankaj N. Parmar ,  David M. Durham

IPC分类号： G06F15/173

CPC分类号： H04L41/0893

摘要： A policy based network management (PBNM) system may identify one or more policies associated with a network component (e.g., a network device, a device group, a device subgroup, a user, an application, an end-host, etc.) by identifying one or more policies directly associated with the network component, generating a list of one or more groups to which the network component belongs, and identifying one or more policies associated with each of the groups in the generated list. An aggregated data set (e.g., a hash table or a balanced tree) may be used to store network component identity elements, one or more pointers to a deployed policy tree, and one or more pointers to a network configuration tree. Each identity element in the data set identifies a network component and has an associated network configuration tree pointer and one or more associated deployed policy tree pointers.

公开(公告)号：US07065598B2

公开(公告)日：2006-06-20

申请号：US10326740

申请日：2002-12-20

申请人： Patrick L. Connor ,  Eric K. Mann ,  Hieu T. Tran ,  Priya Govindarajan ,  John P. Jacobs ,  David M. Durham ,  Gary D. Gumanow ,  Chun Yang Chiu

发明人： Patrick L. Connor ,  Eric K. Mann ,  Hieu T. Tran ,  Priya Govindarajan ,  John P. Jacobs ,  David M. Durham ,  Gary D. Gumanow ,  Chun Yang Chiu

IPC分类号： G06F13/24

CPC分类号： G06F13/24

摘要： Provided are a method, system and article of manufacture for adjusting interrupt levels. A current system interrupt rate at a computational device is determined, wherein the current system interrupt rate is a sum of interrupt rates from a plurality of interrupt generating agents. The current system interrupt rate is compared with at least one threshold interrupt rate associated with the computational device. Based on the comparison, an interrupt moderation level is adjusted at an interrupt generating agent of the plurality of interrupt generating agents.

摘要翻译： 提供了一种用于调整中断级别的方法，系统和制造。 确定计算设备处的当前系统中断速率，其中当前系统中断速率是来自多个中断发生器的中断速率之和。 将当前系统中断速率与与计算设备相关联的至少一个阈值中断速率进行比较。 基于该比较，在多个中断发生器的中断产生代理处调整中断调整级别。

公开(公告)号：US06704319B1

公开(公告)日：2004-03-09

申请号：US09217761

申请日：1998-12-21

申请人： David M. Durham ,  Russell J. Fenger

发明人： David M. Durham ,  Russell J. Fenger

IPC分类号： H04L1228

CPC分类号： H04L45/02 ,  H04L45/48

摘要： A network route tracing system traces a path through a network and identifies network components and communications links affected by the path. According to one embodiment of the present invention, a route is traced between two hosts in a network. The network is represented as a logical tree having a plurality of nodes. Each one of the nodes corresponds to a component in the network and each non-root node has a parent node. Two nodes are identified in the logical tree. A first node corresponds to a first host and a second node corresponding to a second host. If one of the two nodes exists at a lower level of the logical tree, then a first path is traced from the first node at the lower level to the parent node at a higher level until the parent node is at a same level of the logical tree as the second node. The first path is further traced up the logical tree from the parent node and a second path is traced up the logical tree from the second node until the first path and the second path meet at a same node.

摘要翻译： 网络路由跟踪系统通过网络跟踪路径，并识别受路径影响的网络组件和通信链路。 根据本发明的一个实施例，在网络中的两个主机之间追踪路由。 网络被表示为具有多个节点的逻辑树。 每个节点对应于网络中的一个组件，每个非根节点都有一个父节点。 在逻辑树中标识两个节点。 第一节点对应于第一主机和对应于第二主机的第二节点。 如果两个节点中的一个存在于逻辑树的较低层，则将第一路径从较低级别的第一节点追溯到较高级别的父节点，直到父节点处于逻辑层的相同级别 树作为第二个节点。 第一条路径从父节点进一步跟踪逻辑树，第二条路径从第二个节点追溯到逻辑树，直到第一条路径和第二条路径在同一个节点相交。