公开(公告)号：US20190334951A1

公开(公告)日：2019-10-31

申请号：US15962406

申请日：2018-04-25

Applicant: Dell Products, L.P.

Inventor： David Konetski ,  Carlton A. Andrews ,  Ricardo L. Martinez ,  Abeye Teshome ,  Joseph Kozlowski ,  Charles D. Robison ,  Girish S. Dhoble ,  Andrew T. Fausak

IPC: H04L29/06 ,  G06F21/62 ,  H04L12/24 ,  H04L9/32 ,  G06F9/455

Abstract: Embodiments provide access to enterprise data via a secured virtual environment hosted on an Information Handling System (IHS), with the integrity of the IHS validated prior to launching the virtual environment. The integrity of the IHS may also be continuously validated during operation of the launched virtual environment. Policies for accessing the enterprise data are stored in a secured memory that is isolated from the operating system of the IHS. A virtual environment is configured, according to the policies, with resources for a particular user to access the enterprise data. If the integrity of the IHS is validated by a trusted resource on the IHS, the virtual environment is launched. During operation of the virtual environment, the trusted resource periodically confirms the integrity of the IHS. If the integrity of the IHS is not verified or policy changes are identified, access to the secured workspace may be revoked.

公开(公告)号：US10395036B2

公开(公告)日：2019-08-27

申请号：US15460804

申请日：2017-03-16

Applicant: Dell Products, L.P.

Inventor： Abeye Teshome ,  Ricardo L. Martinez ,  Charles D. Robison ,  David Konetski ,  Girish S. Dhoble ,  Carlton A. Andrews

IPC: G06F21/57 ,  G06F21/52

Abstract: Systems and methods for continued runtime authentication of Information Handling System (IHS) applications. In an illustrative, non-limiting embodiment, an IHS may include one or more processors and a memory coupled to the one or more processors, the memory including program instructions stored thereon that, upon execution by the one or more processors, cause the IHS to: receive a command to execute an application; initially verify a plurality of tokens, where a first token is provided by the application, a second token is provided by an application manager, and a third token is provided by a hardware component within the IHS; and execute the application in response the initial verification being successful.

公开(公告)号：US20180365467A1

公开(公告)日：2018-12-20

申请号：US15624191

申请日：2017-06-15

Applicant: Dell Products L.P.

Inventor： Charles D. Robison ,  Maxwell S. Andrews

IPC: G06K9/00

CPC classification number: G06K9/0004 ,  G06K9/00087

Abstract: Systems and methods for fingerprint anti-spoof protection using a multispectral optical sensor array may include a fingerprint sensor device that may have a fingerprint area sensor, a multi-spectral optical sensor array, and a signal processing device. The fingerprint area sensor may detect a finger in contact with the fingerprint area sensor and may capture a fingerprint sensor image. The multi-spectral optical sensor array may capture spectral reflectance data of the detected finger. The signal processing device may determine authenticity of the detected finger based on the fingerprint sensor image and the spectral reflectance data and provide an authentication result.

公开(公告)号：US20170366536A1

公开(公告)日：2017-12-21

申请号：US15185118

申请日：2016-06-17

Applicant: Dell Products, L.P.

Inventor： Charles D. Robison ,  Daniel L. Hamlin ,  Frank H. Molsberry

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/0823 ,  H04L9/3226 ,  H04L9/3263 ,  H04L9/3268 ,  H04L63/083 ,  H04L63/0861 ,  H04L63/0884 ,  H04L2463/082

Abstract: Systems and methods for credential translation are described. In some embodiments, an Information Handling System (IHS) may include: a host processor; an embedded controller coupled to the processor; and an off-host authentication processing system coupled to the embedded controller and segregated from the host processor, the off-host authentication processing system further comprising: an off-host processor; and an off-host memory coupled to the off-host processor, the off-host memory having program instructions stored thereon that, upon execution, cause the off-host processor to: receive a certificate from a web-access management server; store the certificate in the off-host memory; and request that a user of the IHS provide a first authentication factor to be associated with the certificate such that, when the first authentication factor is presented to the off-host processor, the certificate is released from the off-host memory.

公开(公告)号：US09723012B2

公开(公告)日：2017-08-01

申请号：US14607369

申请日：2015-01-28

Applicant: Dell Products L.P.

Inventor： Douglas M. Anson ,  Carlton A. Andrews ,  Charles D. Robison ,  David Konetski ,  Frank H. Molsberry ,  Yuan-Chang Lo

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/105 ,  H04L63/126 ,  H04L63/20 ,  H04L67/104

Abstract: A method may also include receiving from each of one or more of potential peer information handling systems a connection request comprising a peer minimum acceptable security level for the peer information handling system. The method may additionally include comparing the peer minimum acceptable security level to a security level of the information handling system. The method may further include completing a peer-to-peer connection between the information handling system and the peer information handling system if the minimum acceptable security level is not higher than that of the security level of the information handling system.

公开(公告)号：US09400878B2

公开(公告)日：2016-07-26

申请号：US14075151

申请日：2013-11-08

Applicant: Dell Products L.P.

Inventor： Charles D. Robison ,  Liam B. Quinn ,  Rocco Ancona

IPC: G06F21/81 ,  G06F21/31 ,  H04L29/06 ,  H04W4/02 ,  H04W12/02

CPC classification number: G06F21/31 ,  G06F2221/2137 ,  G06F2221/2139 ,  H04L63/0492 ,  H04L63/0853 ,  H04W4/02 ,  H04W12/02 ,  H04W12/08

Abstract: Context captured with sensors of an information handling system is applied to selectively lock access to currently unlocked information, with conditions for locking access based upon the context. Nervous states enforce locking of selected information based upon the confidence of the security of the information under sensed external conditions. Increased sensitivity for locking access includes reduced timeouts to a lock command, increased response to sensed conditions, and more rapid response where unlocked access is to sensitive information.

公开(公告)号：US09280770B2

公开(公告)日：2016-03-08

申请号：US14530955

申请日：2014-11-03

Applicant: Dell Products L.P.

Inventor： Charles D. Robison ,  Richard W. Schuckle ,  Rocco Ancona

IPC: G06K5/00 ,  G06K15/00 ,  G06Q20/32 ,  G06Q20/40 ,  G06K7/14 ,  G06K19/06 ,  G06Q20/20 ,  G06Q20/38

CPC classification number: G06Q20/3274 ,  G06K7/1447 ,  G06K19/06112 ,  G06Q20/204 ,  G06Q20/3224 ,  G06Q20/3276 ,  G06Q20/3829 ,  G06Q20/401

Abstract: Unauthorized copying of a transaction barcode is prevented by including a sensed condition or other publicly-accessible data with the transaction barcode for use as a comparison with the publicly accessible data determined at a barcode reader. If the sensed condition included in the transaction barcode indicates that the transaction barcode was generated for a different transaction, then the barcode reader invalidates the transaction. For instance, if the barcode was generated too distant in time, position, or sequential transactions, then the barcode reader invalidates the transaction barcode as an unauthorized copy of a transaction barcode generated for a different transaction.

Abstract translation: 通过将检测到的条件或其他可公开访问的数据与交易条形码一起用于与条形码读取器确定的可公开访问的数据进行比较来防止交易条形码的未经授权的复制。 如果包含在交易条形码中的检测条件指示为不同的交易生成交易条形码，则条形码读取器使交易无效。 例如，如果条形码在时间，位置或顺序事务中产生得太远，则条形码读取器将事务条形码作为为不同事务生成的事务条形码的未经授权的副本而使其无效。

公开(公告)号：US09143503B2

公开(公告)日：2015-09-22

申请号：US14102130

申请日：2013-12-10

Applicant: Dell Products, L.P.

Inventor： Yuan-Chang Lo ,  Charles D. Robison ,  Clifton J. Barker

IPC: H04L29/06 ,  G06F17/30 ,  H04L12/18

CPC classification number: H04L63/0823 ,  G06F17/3053 ,  H04L12/1813 ,  H04L12/1822 ,  H04L51/12 ,  H04L63/14

Abstract: Systems and methods for managing trust relationships. In some embodiments, a method may include receiving an indication of an in-person transaction between a first user and a second user; calculating, for the first user, a trust score associated with the second user, the trust score based, at least in part, upon the indication; and storing a record of the trust score. For example, the in-person transaction may include a face-to-face meeting.

Abstract translation: 用于管理信任关系的系统和方法。 在一些实施例中，方法可以包括接收第一用户和第二用户之间的亲自交易的指示; 针对所述第一用户计算与所述第二用户相关联的信任评分，所述信任评分至少部分地基于所述指示; 并存储信任分数的记录。 例如，个人交易可以包括面对面会议。

公开(公告)号：US20140263623A1

公开(公告)日：2014-09-18

申请号：US13840393

申请日：2013-03-15

Applicant: DELL PRODUCTS L.P.

Inventor： Charles D. Robison ,  Richard W. Schuckle ,  Rocco Ancona

IPC: G06Q20/40

CPC classification number: G06Q20/3274 ,  G06K7/1447 ,  G06K19/06112 ,  G06Q20/204 ,  G06Q20/3224 ,  G06Q20/3276 ,  G06Q20/3829 ,  G06Q20/401

Abstract: Unauthorized copying of a transaction barcode is prevented by including a sensed condition or other publicly-accessible data with the transaction barcode for use as a comparison with the publicly accessible data determined at a barcode reader. If the sensed condition included in the transaction barcode indicates that the transaction barcode was generated for a different transaction, then the barcode reader invalidates the transaction. For instance, if the barcode was generated too distant in time, position, or sequential transactions, then the barcode reader invalidates the transaction barcode as an unauthorized copy of a transaction barcode generated for a different transaction.

Abstract translation: 通过将检测到的条件或其他可公开访问的数据与交易条形码一起用于与条形码读取器确定的可公开访问的数据进行比较来防止交易条形码的未经授权的复制。 如果包含在交易条形码中的检测条件指示为不同的交易生成交易条形码，则条形码读取器使交易无效。 例如，如果条形码在时间，位置或顺序事务中产生得太远，则条形码读取器将事务条形码作为为不同事务生成的事务条形码的未经授权的副本而使其无效。

公开(公告)号：US12135809B2

公开(公告)日：2024-11-05

申请号：US17542360

申请日：2021-12-03

Applicant: DELL PRODUCTS L.P.

Inventor： Anantha K. Boyapalle ,  Charles D. Robison ,  Vaibhav Soni

IPC: G06F21/62 ,  H04L9/40

Abstract: Systems and methods are provided that may be implemented in one example to physically transfer or relocate information handling systems between facilities of different system owners in a manner that is downstream of the original equipment manufacturer (OEM) of the transferred information handling system/s, and which in one example may be managed in part or in whole by the OEM's customer base. In conjunction with facilitating physical transfer of each given information handling system directly between different enterprise owners, the disclosed systems and methods may also be implemented at the same time to utilize a unique identifier (that is assigned by the OEM manufacturer to each given information handling system) to manage transfer of the registration or other type of association of the given information handling system assets between the enterprise OEM user accounts of the different enterprise owners that are maintained by an OEM of the information handling system assets.