公开(公告)号：US10248814B2

公开(公告)日：2019-04-02

申请号：US15415450

申请日：2017-01-25

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Geoffrey Ndu ,  Adrian Shaw ,  Brian Quentin Monahan

IPC: H04L9/06 ,  H04L9/32 ,  G06F21/60 ,  G06F21/64

Abstract: In one example in accordance with the present disclosure, a system comprises a first memory module and a first memory integrity monitoring processor, embedded to the first memory module, to receive a second hash corresponding to a second memory module. The second hash includes a second sequence number for reconstruction of a final hash value and the second hash is not sequentially a first number in a sequence for reconstruction of the final hash value. The first processor may receive a third hash corresponding to a third memory module. The third hash includes a third sequence number for reconstruction of the final hash value and the third hash is received after the second hash. The first processor may determine if the second hash can be combined with the third hash, combine the second hash and third hash into a partial hash reconstruct the final hash value using the partial hash.

公开(公告)号：US20180365451A1

公开(公告)日：2018-12-20

申请号：US15420736

申请日：2017-01-31

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Geoffrey Ndu ,  Pratyusa K. Manadhata ,  Christopher I. Dalton ,  Adrian Shaw ,  Stuart Haber

IPC: G06F21/78 ,  G06F21/60 ,  G06F21/72 ,  H04L9/06

Abstract: Examples relate to Input/Output (I/O) data encryption and decryption. In an example, an encryption/decryption engine on an Integrated Circuit (IC) of a computing device obtains at least one plaintext data. Some examples determine, by the encryption/decryption engine, whether the at least one plaintext data is to be sent to a memory in the computing device or to an I/O device. Some examples apply, when the at least one plaintext data is to be sent to the I/O device and by the encryption/decryption engine, an encryption primitive of a block cipher encryption algorithm to the at least one plaintext data to create output encrypted data, wherein an initialization vector that comprises a random number is applied to the encryption primitive.

公开(公告)号：US20180183609A1

公开(公告)日：2018-06-28

申请号：US15579904

申请日：2015-06-05

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Adrian Shaw ,  Ludovic Emmanuel Paul N. Jacquin ,  David Plaquin

IPC: H04L9/32 ,  G06F21/62 ,  H04L29/06 ,  G06F21/60 ,  H04L9/14 ,  H04L9/08

CPC classification number: H04L9/3268 ,  G06F21/602 ,  G06F21/6218 ,  H04L9/083 ,  H04L9/14 ,  H04L9/3234 ,  H04L9/3271 ,  H04L63/0823

Abstract: Examples relate to a network endpoint device of a first network infrastructure that facilitates remote attestation of the network endpoint device. In same examples, the network endpoint device comprises a trusted platform module and a processor that implements machine readable instructions that cause the network endpoint device to: receive a connection request from a computing device residing a second network infrastructure external to the first network infrastructure, the request comprising s security challenge; determine, based on a configuration of the network endpoint device, whether it can access information stored in the trusted platform module; and responsive to determining that information in the trusted platform module can be accessed, facilitate connection of the computing device to the network endpoint device by accessing the information and responding to the security challenge.

公开(公告)号：US20180107509A1

公开(公告)日：2018-04-19

申请号：US15573542

申请日：2015-07-31

Applicant: Adrian SHAW ,  Kate MALLICHAN ,  David PLAQUIN ,  Hewlett Packard Enterprise Development LP

Inventor： Adrian Shaw ,  Kate Mallichan ,  David Plaquin

IPC: G06F9/48 ,  G06F9/44

CPC classification number: G06F9/4856 ,  G06F9/4406

Abstract: An example method for migrating a live operating system from a first computing device to a second computing device is provided. The example method comprises (a) providing register values of a processor of a first computing device to a second computing device which is in communication with the first computing device; (b) providing contents of a dynamic random access memory, DRAM, of the first computing device to the second computing device; (c) storing the register values in a protected memory of the second computing device, wherein the protected memory is separate from a memory used by the second computing device during normal operation of the second computing device; (d) storing the contents of the DRAM of the first computing device in a DRAM of the second computing device; and (e) loading the register values from the protected memory to registers of a processor of the second computing device.

公开(公告)号：US20180025159A1

公开(公告)日：2018-01-25

申请号：US15217583

申请日：2016-07-22

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Ludovic Emmanuel Paul Noel Jacquin ,  Thomas M. Laffey ,  Adrian Shaw

IPC: G06F21/57 ,  H04L9/32

CPC classification number: G06F21/575 ,  G06F2221/033 ,  H04L9/3226

Abstract: Examples described herein include a computing device with a processing resource to execute beginning booting instructions of the computing device. The beginning booting instructions may include a first booting instruction. The computing device also includes an access line to access the first booting instruction, a measuring engine to duplicate the first booting instruction and to generate a first integrity value associated with the first booting instruction, and a measurement register to store the first integrity value. The measuring engine may be operationally screened from the processing resource and the measurement register may be inaccessible to the processing resource.