摘要:
Hacking a rental computer to use it beyond purchased rental time is prevented by plugging a time card with internal counter into a DIMM socket of the motherboard and encrypting the register locations of the time card with the private key of the motherboard to bind the time card to the motherboard. Thus, if the time card is not detected at boot or if it is removed during operation the computer is disabled. The counter counts down the rented time period as it receives clocking signals, and at the elapse of the purchased period disables the computer.
摘要:
An approach is provided that receives a user identifier from a user of the information handling system. The user identifier can include a username as well as a user authentication code, such as a password. Hardware settings that correspond to the user identifier are retrieved from a nonvolatile memory. Hardware devices, such as ports (e.g., USB controller), network interfaces, storage devices, and boot sequences, are configured using the retrieved hardware settings. After the hardware devices have been configured to correspond to the identified user, an operating system is booted.
摘要:
An apparatus, system, and method are disclosed for quiescing a boot environment. A reservation module reserves a portion of a first storage device. A store module stores an update boot image to the reserved portion. A detection module detects the update boot image stored on the first storage device when the computer boots and executes the update boot image in place of a standard boot image in response to detecting the update boot image. The update boot image places a computer in a known quiescent state.
摘要:
An apparatus, system, and method are disclosed for auditing access to secure data. A detection module detects an access to the secure data. A record module records an encrypted log entry describing the access to the secure data. A verification module verifies the secure data is securely stored.
摘要:
A hypervisor operating system instantiates a virtual video driver to a main operating system that supports only one type of graphics adapter. The virtual driver handles graphics remapping among plural different display drivers associated with plural different display monitors to enable a computer to output data on multiple different monitors even though the main O.S. supports only one type of display driver.
摘要:
When a disk sector is written to, a bit for the sector is set indicating that the sector will require secure data disposal (SDD) to be run on it. To save time during end of life disposal, SDD is executed only on sectors whose bits indicate that they have been written to. SDD can be executed on each dirty sector in one operation at end of life or incrementally during use as disk activity permits.
摘要:
When a disk sector is written to, a bit for the sector is set indicating that the sector will require secure data disposal (SDD) to be run on it To saw time during end of life disposal, SDD is executed only on sectors whose bits indicate that they have been written to. SDD can be executed on each dirty sector in one operation at end of life or incrementally during use as disk activity permits.
摘要:
A system and method to avoid disk lube pooling is presented. A track access monitor tracks the number of times that a program accesses a particular track located on a hard drive. When the track access monitor determines that the number of track accesses to a particular track exceed a track access threshold, the track access monitor invokes a sequence of events to scan adjacent tracks in order to uniformly redistribute lubrication over the hard drive. In one embodiment, the track access monitor incrementally performs the adjacent track scanning during hard drive idle periods, such as when the system waits for a password from a user or when the operating system conserves power and idles the hard drive due to lack of activity.
摘要:
An apparatus, system, and method are disclosed for suspend-resume scheduling in conjunction with an operation requiring a suspend-resume cycle of a computer 200, including updating, for purposes of system configuration management, a non-volatile memory 506, such as an electrically erasable programmable read-only memory (“EEPROM”) 702. A control module 402 sends 806 a request to update the EEPROM 702. A suspend module 404 suspends 818 an operating system 204. A standby module 406 prepares 904 the computer 200 to enter a standby state, estimates 914 a sufficient amount of time to enter the standby state, places 916 the estimate into an alarm register 608, and then enters 918 the standby state. An update module 308 exits 1004 the standby state in response to an alarm signal 612, receives the request if present 1008, writes 1012 the EEPROM 702 with the updated information, and resumes 1018 the operating system 204.
摘要:
A method and system is described for selectively downloading antidotes onto a client computer. The client computer is connected via a network interface card (NIC) to a network that contains an anti-virus server. The NIC is initially logically isolated from the client computer, thus permitting the NIC to autonomously examine packets to and from the client computer and the network. The NIC selectively accepts packets only from trusted Internet Protocol (IP) addresses that conform to a security format such as Internet Protocol Security (IPSec).