公开(公告)号：US07590834B2

公开(公告)日：2009-09-15

申请号：US11352499

申请日：2006-02-10

Applicant: David Carroll Challener ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Jerry Clyde Dishman ,  Howard Jeffery Locker ,  Randall Scott Springfield

Inventor： David Carroll Challener ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Jerry Clyde Dishman ,  Howard Jeffery Locker ,  Randall Scott Springfield

IPC: G06F9/00 ,  G06F12/14 ,  G06F15/177 ,  G08B23/00

CPC classification number: G06F21/57 ,  G06F9/4408 ,  G06F21/562

Abstract: A computer determines whether it has been booted from a hard disk drive or from an alternate source (e.g., a floppy drive or portable memory) that entails a higher risk of importing a virus into the computer, and if it is determined that a non-HDD source was booted from, corrective action such as a virus scan can be preemptively taken.

Abstract translation: 计算机确定是从硬盘驱动器还是从备份源（例如，软盘驱动器或便携式存储器）引导，这导致将病毒导入计算机的风险更高，并且如果确定非易失性存储器 HDD源被启动，可以抢先采取诸如病毒扫描的纠正措施。

公开(公告)号：US07490250B2

公开(公告)日：2009-02-10

申请号：US10012170

申请日：2001-10-26

Applicant: Daryl Carvis Cromer ,  Joseph Wayne Freeman ,  Steven Dale Goodman ,  Eric Richard Kern ,  Randall Scott Springfield

Inventor： Daryl Carvis Cromer ,  Joseph Wayne Freeman ,  Steven Dale Goodman ,  Eric Richard Kern ,  Randall Scott Springfield

IPC: H04L9/32

CPC classification number: G06F21/554 ,  G06F21/575

Abstract: A method, system and computer readable medium containing programming instructions for detecting a tamper event in a computer system having an embedded security system (ESS), a trusted operating system, and a plurality of devices is disclosed. The method, system and computer readable medium of the present invention provide for receiving a tamper signal in the ESS, and locking the tamper signal in the ESS. According to the method, system and computer readable medium of the present invention, the trusted operating system is capable of detecting the tamper signal in the ESS.

Abstract translation: 公开了一种包含用于检测具有嵌入式安全系统（ESS），可信操作系统和多个设备的计算机系统中的篡改事件的编程指令的方法，系统和计算机可读介质。 本发明的方法，系统和计算机可读介质提供在ESS中接收篡改信号，并将篡改信号锁定在ESS中。 根据本发明的方法，系统和计算机可读介质，可信操作系统能够检测ESS中的篡改信号。

公开(公告)号：US20080244553A1

公开(公告)日：2008-10-02

申请号：US11692283

申请日：2007-03-28

Applicant: Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Randall Scott Springfield ,  Rod D. Waltermann

Inventor： Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Randall Scott Springfield ,  Rod D. Waltermann

IPC: G06F9/44

CPC classification number: G06F21/572

Abstract: A system, method, and program product is provided that receives and processes a firmware update at a computer system. The computer system is executing a hypervisor and one or more guest operating systems, and the firmware update corresponds to a hardware device accessible by the computer system. The hardware device is a type that is programmed using an updateable firmware. The hypervisor operating in the computer system processes the received firmware update by first inhibiting use of the device by each of the guest operating systems. After the guest operating systems have been inhibited from using the device, the firmware in the device is upgraded by the hypervisor using the received firmware update. After the firmware has been upgraded, each of the guest operating systems is allowed use of the device.

Abstract translation: 提供了一种在计算机系统接收和处理固件更新的系统，方法和程序产品。 计算机系统正在执行管理程序和一个或多个客户操作系统，并且固件更新对应于计算机系统可访问的硬件设备。 硬件设备是使用可更新固件编程的类型。 在计算机系统中操作的管理程序通过首先禁止每个客户操作系统使用该设备来处理所接收的固件更新。 在客户机操作系统被禁止使用设备之后，设备中的固件由管理程序使用接收到的固件更新进行升级。 在升级固件之后，允许每个客户机操作系统使用该设备。

公开(公告)号：US07401361B2

公开(公告)日：2008-07-15

申请号：US10963888

申请日：2004-10-13

Applicant: Joseph Wayne Freeman ,  Steven Dale Goodman ,  Randall Scott Springfield

Inventor： Joseph Wayne Freeman ,  Steven Dale Goodman ,  Randall Scott Springfield

IPC: G06F12/14 ,  G06F11/30 ,  G06F17/30

CPC classification number: G06F21/562 ,  G06F21/564 ,  Y10S707/99953 ,  Y10S707/99955

Abstract: A system and method that marks whenever a sector on a hard drive is altered. A protected archive bit is maintained for each sector on the hard drive in a secured fashion. Authenticated requests are able to reset the protected archive bit. When a file is changed, the hard drive marks the sectors of the program that have been altered. When the virus protection application executes, it retrieves the sectors that have been altered, identifies the files that correspond to such sectors, and scans the identified files. If a virus has attacked the computer and attached itself to one of the files, the file is identified and scanned and the virus is discovered with appropriate eradication actions performed. An authentication scheme is assigned to a hard drive with a secret that is shared between the drive and the virus protection program and stored in a secure location.

Abstract translation: 每当硬盘驱动器上的扇区被更改时都会标记的系统和方法。 以安全的方式为硬盘驱动器上的每个扇区维护受保护的归档位。 经认证的请求能够重置受保护的归档位。 当文件更改时，硬盘驱动器会标记已更改的程序扇区。 当病毒保护应用程序执行时，它检索已更改的扇区，识别与这些扇区相对应的文件，并扫描已识别的文件。 如果病毒攻击了计算机并将其自身附加到其中一个文件中，则会识别并扫描文件，并发现病毒被发现，并执行适当的根除操作。 将认证方案分配给具有在驱动器和病毒保护程序之间共享并存储在安全位置的秘密的硬盘驱动器。

公开(公告)号：US20080140575A1

公开(公告)日：2008-06-12

申请号：US11609814

申请日：2006-12-12

Applicant: Stacy John Cannady ,  David Carroll Challener ,  Daryl Cromer ,  Mark Charles Davis ,  David Rivera ,  Randall Scott Springfield ,  Rod D. Waltermann

Inventor： Stacy John Cannady ,  David Carroll Challener ,  Daryl Cromer ,  Mark Charles Davis ,  David Rivera ,  Randall Scott Springfield ,  Rod D. Waltermann

IPC: H04L9/14 ,  H04L9/32 ,  G06Q20/00

CPC classification number: G07F7/08 ,  G06Q20/24 ,  G06Q20/26 ,  G06Q20/3674 ,  G06Q20/3829 ,  G06Q20/40 ,  G06Q20/403 ,  G06Q20/4037 ,  H04L9/3231 ,  H04L9/3234 ,  H04L2209/56 ,  H04L2209/805

Abstract: An apparatus, system, and method are disclosed for securely authorizing changes to a transaction restriction. A security module securely stores encryption keys for a payment instrument. The payment instrument electronically transacts payments and includes a transaction restriction. An authentication module receives an authentication from a user of the payment instrument. The security module validates the authentication with a first encryption key. In addition, the security module authorizes a change to the transaction restriction using a second encryption key if the authentication is valid. The security module resides on a computer that the user designates as authorized to validate the authentication.

Abstract translation: 公开了用于安全地授权对交易限制的改变的装置，系统和方法。 安全模块安全地存储付款工具的加密密钥。 支付工具以电子方式处理付款，并包括交易限制。 验证模块从付款工具的用户接收认证。 安全模块使用第一个加密密钥验证身份验证。 此外，如果认证有效，则安全模块授权使用第二加密密钥更改事务限制。 安全模块驻留在用户指定为授权验证身份验证的计算机上。

公开(公告)号：US20080077420A1

公开(公告)日：2008-03-27

申请号：US11612300

申请日：2006-12-18

Applicant: Daryl Cromer ,  Howard Jeffrey Locker ,  Randall Scott Springfield ,  Rod D. Waltermann

Inventor： Daryl Cromer ,  Howard Jeffrey Locker ,  Randall Scott Springfield ,  Rod D. Waltermann

IPC: G06Q10/00

CPC classification number: G06F21/55 ,  G06F21/10 ,  G06F2221/0737 ,  G06F2221/0775 ,  G06F2221/2135 ,  G06Q30/0645

Abstract: A system, method, and program product is provided that manages a rental computer system by verifying installation of a secure time-day module in a computer system. The computer system is rendered inoperable if the secure time-day module is not installed. A current time-day value is retrieved from the secure time-day module and an end time-day value is retrieved from a secure storage area. The current time-day value is compared to the end time-day value in order to determine whether a rental period has expired. If the rental period has expired, then the user is prevented from using the rental computer system.

Abstract translation: 提供了一种系统，方法和程序产品，其通过在计算机系统中验证安全时间日模块的安装来管理租赁计算机系统。 如果未安装安全的时间日模块，计算机系统将无法运行。 从安全时间日模块检索当前时间日期值，并且从安全存储区域检索结束时间日值。 将当前时间日值与结束时间日值进行比较，以确定租期是否已过期。 如果出租期已经过期，则不允许用户使用租赁计算机系统。

公开(公告)号：US07337310B2

公开(公告)日：2008-02-26

申请号：US10967821

申请日：2004-10-18

Applicant: Richard W. Cheston ,  Daryl Carvis Cromer ,  Jan Michael Janick ,  John Peter Karidis ,  Howard Jeffrey Locker ,  Randall Scott Springfield

Inventor： Richard W. Cheston ,  Daryl Carvis Cromer ,  Jan Michael Janick ,  John Peter Karidis ,  Howard Jeffrey Locker ,  Randall Scott Springfield

IPC: G06F9/00 ,  G06F9/24 ,  G06F15/177

CPC classification number: G06F8/63 ,  G06F2221/2143

Abstract: An apparatus, system, and method are disclosed for autonomically disposing a computer such as a workstation. The computer's local persistent storage medium is configured with pre-boot image which is configured with a set of functional modules that facilitate disposal or recycling of the computer to the next user. The disposal and recycle methods are automated, require minimal user intervention, and facilitate moving configuration options and data to a different computer. The entire process may execute from the pre-boot image on the computer's local persistent storage medium without ever booting the primary operating system.

Abstract translation: 公开了用于自动地布置诸如工作站的计算机的装置，系统和方法。 计算机的本地持久存储介质被配置有预引导映像，其被配置有一组功能模块，这些功能模块便于将计算机处理或再循环到下一个用户。 处置和回收方法是自动化的，需要最少的用户干预，并且便于将配置选项和数据移动到不同的计算机。 整个过程可以从计算机本地持久存储介质上的预引导映像执行，而无需引导主操作系统。

公开(公告)号：US07263608B2

公开(公告)日：2007-08-28

申请号：US10735388

申请日：2003-12-12

Applicant: David Carroll Challener ,  James Patrick Hoff ,  Randall Scott Springfield ,  James Peter Ward

Inventor： David Carroll Challener ,  James Patrick Hoff ,  Randall Scott Springfield ,  James Peter Ward

IPC: H04L9/00

CPC classification number: G06F21/57 ,  G06F2221/2117

Abstract: A Trusted Computing Platform Alliance (TCPA) endorsement certificate is provided by comparing a trusted platform module (TPM) public key transmitted by an owner of the computing device to which the TPM belongs to a copy of the key as originally stored in a remote database prior to vending the device. If a match is found the certificate is created using the public key, and then sent to the owner of the computing device.

Abstract translation: 通过将由TPM所属的计算设备的所有者发送的可信平台模块（TPM）公钥与原始存储在远程数据库中的密钥的副本进行比较来提供可信计算平台联盟（TCPA）认可证书 自动售货机。 如果发现匹配，则使用公钥创建证书，然后发送给计算设备的所有者。

公开(公告)号：US07257701B2

公开(公告)日：2007-08-14

申请号：US09990003

申请日：2001-11-21

Applicant: Richard Wayne Cheston ,  Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  David Benson Rhoades ,  Randall Scott Springfield ,  James Peter Ward

Inventor： Richard Wayne Cheston ,  Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  David Benson Rhoades ,  Randall Scott Springfield ,  James Peter Ward

IPC: G06F15/00

CPC classification number: H04L67/34 ,  G06F9/441 ,  G06F9/454 ,  H04L29/06

Abstract: A method and system for configuring an operating system in a computer system including language selection during bootup rather than at manufacture. A first aspect of the method and system comprises providing a plurality of operating system images in the computer system, each of the plurality of operating system images being based upon a particular language, selecting one of the plurality of operating system images based on the language supported by the computer system and loading the selected operating system image into the computer system. A second aspect of the method and system comprises providing a language-independent operating system image in the computer system, determining a language supported by the computer system, loading the language-independent operating system image into the computer system, and associating the language supported by the computer system with the language-independent operating system image.

Abstract translation: 一种用于在计算机系统中配置操作系统的方法和系统，包括在启动期间而不是制造期间的语言选择。 所述方法和系统的第一方面包括在所述计算机系统中提供多个操作系统图像，所述多个操作系统图像中的每一个基于特定语言，基于所支持的语言来选择所述多个操作系统图像中的一个 通过计算机系统将所选择的操作系统映像加载到计算机系统中。 该方法和系统的第二方面包括在计算机系统中提供与语言无关的操作系统图像，确定由计算机系统支持的语言，将与语言无关的操作系统映像加载到计算机系统中，以及将由 计算机系统具有与语言无关的操作系统映像。

公开(公告)号：US07069431B2

公开(公告)日：2006-06-27

申请号：US09919081

申请日：2001-07-31

Applicant: Richard Alan Dayan ,  Joseph Wayne Freeman ,  William Fred Keown ,  Randall Scott Springfield

Inventor： Richard Alan Dayan ,  Joseph Wayne Freeman ,  William Fred Keown ,  Randall Scott Springfield

IPC: H04L9/32

CPC classification number: G06F11/1433

Abstract: A hard drive having a protected partition is used in the recovery of a BIOS image for a computer system. An EEPROM is used to store a first BIOS image that is used to boot-up the system and recovery code is used to recover a new BIOS image if the first BIOS image has been corrupted. The new BIOS image is stored in the protected partition of the drive. A recover BIOS command is issued whenever the first BIOS image has been corrupted or a remote or local recover BIOS request is received. When the first BIOS is corrupted, the EEPROM is rewritten with the second BIOS image and the system boots with the rewritten first BIOS image. When a recover BIOS request is received in a data packet sent over a communication link, the data packet is authenticated before the first BIOS image is rewritten.