利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

43 条记录 (耗时 0.029 秒)

    BOOTING TO A RECOVERY/MAINTENANCE ENVIRONMENT
    11.
    发明申请
    BOOTING TO A RECOVERY/MAINTENANCE ENVIRONMENT 有权
    恢复/维护环境

    公开(公告)号:US20080184025A1

    公开(公告)日:2008-07-31

    申请号:US12058696

    申请日:2008-03-29

    申请人: Richard Alan Dayan Joseph Wayne Freeman William Fred Keown Randall Scott Springfield

    发明人: Richard Alan Dayan Joseph Wayne Freeman William Fred Keown Randall Scott Springfield

    IPC分类号: G06F15/177

    CPC分类号: G06F9/4406 G06F11/1417 G06F11/1441

    摘要: A system, computer program product and method for booting to a partition in a non-volatile storage unit without a local operator. In one embodiment, one or more bits in a BOOT register may be set by an operating system indicating if the BIOS should boot to the partition. The BIOS may then read the BOOT register to determine if the BIOS is to boot to the partition as well as any activities to perform if the BIOS is to boot to the partition. In another embodiment, a network interface card may insert directive information received from a packet in a register within the network interface card. The BIOS may then read the register within the network interface card to determine if the BIOS is to boot to the partition as well as any activities to perform if the BIOS is to boot to the partition.

    摘要翻译: 用于在没有本地操作者的情况下引导到非易失性存储单元中的分区的系统,计算机程序产品和方法。 在一个实施例中,BOOT寄存器中的一个或多个位可以由操作系统设置,指示是否BIOS应该引导到分区。 然后,BIOS可以读取BOOT寄存器,以确定BIOS是否要引导到分区,以及BIOS是否要引导到分区时执行的任何活动。 在另一个实施例中,网络接口卡可以将从分组接收的指令信息插入网络接口卡内的寄存器中。 然后,BIOS可以读取网络接口卡内的寄存器,以确定BIOS是否要引导到分区,以及BIOS要启动到分区的任何活动。

    Method and system for tracking a secure boot in a trusted computing environment
    12.
    发明授权
    Method and system for tracking a secure boot in a trusted computing environment 有权
    用于在可信计算环境中跟踪安全引导的方法和系统

    公开(公告)号:US07191464B2

    公开(公告)日:2007-03-13

    申请号:US09978381

    申请日:2001-10-16

    申请人: Daryl Carvis Cromer Joseph Wayne Freeman Steven Dale Goodman Eric Richard Kern Randall Scott Springfield

    发明人: Daryl Carvis Cromer Joseph Wayne Freeman Steven Dale Goodman Eric Richard Kern Randall Scott Springfield

    IPC分类号: H04L9/32 G06F15/177

    CPC分类号: G06F21/575

    摘要: A method, system and computer readable medium containing programming instructions for tracking a secure boot in a computer system having a plurality of devices is disclosed. The method, system and computer readable medium include providing an embedded security system (ESS) in the computer system, wherein the ESS includes at least one boot platform configuration register (PCR) and a shadow PCR for each of the at least one boot PCRs, initiating a platform reset to boot the computer system via BIOS, and, for a device booted, generating a measurement value for the device and extending that value to one of the at least one boot PCRs and its corresponding shadow PCR. The system, method and computer readable medium of the present invention also includes comparing the measurement values of the boot PCRs to their corresponding shadow PCRs, whereby the computer system is trusted if the measurement values match.

    摘要翻译: 公开了一种包含用于在具有多个设备的计算机系统中跟踪安全引导的编程指令的方法,系统和计算机可读介质。 所述方法,系统和计算机可读介质包括在所述计算机系统中提供嵌入式安全系统(ESS),其中所述ESS包括用于所述至少一个启动PCR中的每一个的至少一个引导平台配置寄存器(PCR)和阴影PCR, 启动平台重置以通过BIOS引导计算机系统,并且对于引导的设备,生成所述设备的测量值并将该值扩展到所述至少一个启动PCR中的一个及其相应的阴影PCR。 本发明的系统,方法和计算机可读介质还包括将引导PCR的测量值与其相应的阴影PCR进行比较,从而如果测量值匹配,则计算机系统被信任。

    Secure method and system to prevent external unauthorized remotely initiated power up events in computer
    13.
    发明授权
    Secure method and system to prevent external unauthorized remotely initiated power up events in computer 失效
    安全的方法和系统,以防止外部未经授权的远程启动电脑中的加电事件

    公开(公告)号:US07082129B2

    公开(公告)日:2006-07-25

    申请号:US10134936

    申请日:2002-04-29

    申请人: Daryl Carvis Cromer Joseph Wayne Freeman Chad Lee Gettelfinger Steven Dale Goodman Eric Richard Kern Randall Scott Springfield

    发明人: Daryl Carvis Cromer Joseph Wayne Freeman Chad Lee Gettelfinger Steven Dale Goodman Eric Richard Kern Randall Scott Springfield

    IPC分类号: H04L12/28

    CPC分类号: G06F1/3209 H04L12/12 H04L45/20 Y02D50/40

    摘要: In a computer network including a plurality of interconnected computers, one of the computers being a sleeping computer in a power down state, the sleeping computer listening for a packet associated with the sleeping computer, a method and system of waking the sleeping computer from the computer network. An incoming packet of data is transmitted from one of the computers in the network to the sleeping computer. When the sleeping computer detects the incoming packet, it determines if the incoming packet contains a data sequence associated with the sleeping computer. Further, the sleeping computer compares a transit value in the incoming packet to a predetermined value stored at the sleeping computer. The transit value indicates how far the data packet has traveled through the network, indicating the approximate origin of the data packet. Knowing the approximate origin of the data packet allows the client system to identify if the data packet originated from an external network. The predetermined value represents an origin within the internal network. Accordingly, if the incoming packet matches the particular data sequence associated with the sleeping computer, and the transit value in the packet matches the predetermined value stored at the sleeping computer, then a signal is issued to wake the sleeping computer. Otherwise, the incoming packet is discarded and the sleeping computer is not awaken.

    摘要翻译: 在包括多个相互连接的计算机的计算机网络中,计算机中的一个是处于断电状态的休眠计算机,睡眠计算机监听与休眠计算机相关联的分组,从计算机唤醒睡眠计算机的方法和系统 网络。 传入的数据包从网络中的一台计算机发送到睡眠计算机。 当睡眠计算机检测到传入分组时,它确定传入分组是否包含与睡眠计算机相关联的数据序列。 此外,睡眠计算机将输入分组中的传输值与存储在睡眠计算机上的预定值进行比较。 传输值表示数据分组通过网络传播的距离,指示数据分组的近似来源。 知道数据包的近似来源允许客户端系统识别数据包是否源自外部网络。 预定值表示内部网络内的原点。 因此,如果输入分组与休眠计算机相关联的特定数据序列匹配,并且分组中的传输值与存储在睡眠计算机上的预定值匹配,则发出信号以唤醒睡眠计算机。 否则,传入的数据包被丢弃,并且睡眠的计算机没有被唤醒。

    Method, system, and program for customizing a basic input/output system (“BIOS”) configuration according to the type of user
    14.
    发明授权
    Method, system, and program for customizing a basic input/output system (“BIOS”) configuration according to the type of user 失效
    用于根据用户类型定制基本输入/输出系统(“BIOS”)配置的方法,系统和程序

    公开(公告)号:US06658562B1

    公开(公告)日:2003-12-02

    申请号:US09649440

    申请日:2000-08-25

    申请人: Ralph Bonomo Richard Alan Dayan Joseph Wayne Freeman Robert Duane Johnson Diane Nolterieke Randall Scott Springfield

    发明人: Ralph Bonomo Richard Alan Dayan Joseph Wayne Freeman Robert Duane Johnson Diane Nolterieke Randall Scott Springfield

    IPC分类号: G06F924

    CPC分类号: G06F9/44505 G06F9/4401 G06F21/572

    摘要: A method, system, and program for selecting and implementing a basic input/output system (“BIOS”) configuration among various BIOS configurations for a data processing system are disclosed. Different BIOS configurations are defined for various types of users, such as a home user, a commercial user, and a network user. Each of the BIOS configurations includes a different set of BIOS characteristics, such as program setup features security features, and network server features, under which the data processing system is able to run. The different BIOS configurations are stored into a memory device for the data processing system. A designation is set within the memory device that directs a processor of the data processing system to select and execute a desired one of the BIOS configurations for a particular type of user.

    摘要翻译: 公开了一种用于在数据处理系统的各种BIOS配置之间选择和实现基本输入/输出系统(“BIOS”)配置的方法,系统和程序。 为各种类型的用户(例如家庭用户,商业用户和网络用户)定义不同的BIOS配置。 每个BIOS配置包括一组不同的BIOS特性,例如程序设置功能,安全功能和网络服务器功能,数据处理系统可以在这些功能下运行。 不同的BIOS配置被存储到用于数据处理系统的存储器设备中。 在存储器设备内设置指示数据处理系统的处理器为特定类型的用户选择并执行所需的一个BIOS配置的指定。

    Dynamic hardfile size allocation to secure data
    16.
    发明授权
    Dynamic hardfile size allocation to secure data 有权
    动态硬文件大小分配到安全数据

    公开(公告)号:US07249249B2

    公开(公告)日:2007-07-24

    申请号:US10064087

    申请日:2002-06-10

    申请人: Joseph Wayne Freeman Steven Dale Goodman Randall Scott Springfield

    发明人: Joseph Wayne Freeman Steven Dale Goodman Randall Scott Springfield

    IPC分类号: G06F15/177

    CPC分类号: G06F21/575 G06F9/4406 G06F2221/2105

    摘要: A system and method for access control of a hardfile responsive to a computer system having an operating system is disclosed. The method includes detecting a special boot condition during a pre-boot test of the computer system; and altering, in response to the special boot condition, an operating system access configuration of the hardfile. The system includes a computer system that adjusts an operating system access to a hardfile based upon various boot conditions.

    摘要翻译: 公开了一种响应具有操作系统的计算机系统对硬盘进行访问控制的系统和方法。 该方法包括在计算机系统的预引导测试期间检测特殊启动条件; 并且响应于特殊引导条件改变硬文件的操作系统访问配置。 该系统包括一个计算机系统,该计算机系统根据各种引导条件调整对硬盘的操作系统访问。

    Method to use secure passwords in an unsecure program environment
    17.
    发明授权
    Method to use secure passwords in an unsecure program environment 失效
    在不安全的程序环境中使用安全密码的方法

    公开(公告)号:US07200761B1

    公开(公告)日:2007-04-03

    申请号:US09711028

    申请日:2000-11-09

    申请人: Joseph Wayne Freeman Randall Scott Springfield Steven Dale Goodman Isaac Karpel

    发明人: Joseph Wayne Freeman Randall Scott Springfield Steven Dale Goodman Isaac Karpel

    IPC分类号: G06F9/00 G06F11/30 G06F15/173 G06F15/16 H04L9/00

    CPC分类号: G06F21/575 G06F11/2284 G06F21/79

    摘要: During power up initialization, security data such as passwords and other sensitive data which are stored in a lockable memory device are read and copied to protected system management interrupt (SMI) memory space, subject to verification by code running in the SMI memory space that the call to write the security data originates with a trusted entity. Once copied to SMI memory space, the security data is erased from regular system memory and the lockable storage device is hard locked (requiring a reset to unlock) against direct access prior to starting the operating system. The copy of the security data within the SMI memory space is invisible to the operating system. However, the operating system may initiate a call to code running in the SMI memory space to check a password entered by the user, with the SMI code returning a “match” or “no match” indication. The security data may thus be employed after the lockable memory device is hard locked and the operating system is started.

    摘要翻译: 在上电初始化期间,存储在可锁定存储器设备中的安全数据(例如密码和其他敏感数据)被读取并复制到受保护的系统管理中断(SMI)存储器空间,经由在SMI存储器空间中运行的代码进行验证, 调用写入安全数据来源于受信任的实体。 一旦复制到SMI内存空间,安全数据将从常规系统内存中擦除,锁定的存储设备在启动操作系统之前就被硬锁定(需要重新启动)以防止直接访问。 SMI内存空间中的安全数据的副本对于操作系统是不可见的。 然而,操作系统可以启动对在SMI存储器空间中运行的代码的调用,以检查由用户输入的密码,SMI代码返回“匹配”或“不匹配”指示。 因此,在可锁定存储器件被硬锁定并且操作系统启动之后可以采用安全数据。

    Method and system for setting a secure computer environment
    19.
    发明授权
    Method and system for setting a secure computer environment 失效
    设置安全计算机环境的方法和系统

    公开(公告)号:US06925570B2

    公开(公告)日:2005-08-02

    申请号:US09858058

    申请日:2001-05-15

    申请人: Joseph Wayne Freeman Randall Scott Springfield

    发明人: Joseph Wayne Freeman Randall Scott Springfield

    IPC分类号: G06F12/14 G06F9/445 G06F21/00 G06F21/22 G06F21/24 G06F17/00

    CPC分类号: G06F21/71 G06F21/79

    摘要: A computer system processor incorporates a special S-latch which may only be set by secure signals. One state of the S-latch sets the processor into a secure mode where it only executes instructions and not commands from an In Circuit Emulator (ICE) unit. A second state of the S-latch sets the processor into a non-secure mode. A non-volatile random access memory (NVRAM) is written with secure data which can only be read by boot block code stored in a BIOS storage device. The boot block code is operable to read the secure data in the NVRAM and set the S-latch to an appropriate security state. If the boot block code cannot set the S-latch, then remaining boot up with BIOS data is stopped. On boot up the boot block code reads the NVRAM and sets the S-latch into the appropriate security state.

    摘要翻译: 计算机系统处理器包括只能由安全信号设置的特殊S-锁存器。 S锁存器的一个状态将处理器设置为安全模式,其中它只执行指令而不是来自In Circuit Emulator(ICE)单元的命令。 S锁存器的第二状态将处理器设置为非安全模式。 用非易失性随机存取存储器(NVRAM)写入只能由存储在BIOS存储设备中的引导块代码读取的安全数据。 引导块代码可操作以读取NVRAM中的安全数据并将S锁存器设置为适当的安全状态。 如果引导块代码无法设置S锁存器,则停止使用BIOS数据进行剩余引导。 启动引导块代码读取NVRAM并将S锁存器设置为适当的安全状态。

    Method for improving personal computer reliability for systems that use certain power saving schemes
    20.
    发明授权
    Method for improving personal computer reliability for systems that use certain power saving schemes 有权
    提高使用某些省电方案的系统的个人计算机可靠性的方法

    公开(公告)号:US06510528B1

    公开(公告)日:2003-01-21

    申请号:US09464462

    申请日:1999-12-14

    申请人: Joseph Wayne Freeman Isaac Karpel Randall Scott Springfield

    发明人: Joseph Wayne Freeman Isaac Karpel Randall Scott Springfield

    IPC分类号: G06F1108

    CPC分类号: G06F11/106

    摘要: A periodic system “wake-up” is implemented during S1, S2 or S3 states utilizing a hardware timer. A memory scrubbing routine is initiated that reads out all memory locations and writes back any memory locations that have single bit (correctable) Error Correction Code errors. This procedure minimizes the chances of a multiple bit error build up over time that may cause an unrecoverable error. The scrubbing routine is invoked whenever the system is brought out of S1, S2, or S3 state to insure that there are no single bit errors present when full system operation is resumed.

    摘要翻译: 在使用硬件定时器的S1,S2或S3状态期间实现周期性系统“唤醒”。 启动内存清理例程,读取所有存储器位置并写入具有单个位(可校正)错误更正代码错误的任何存储器位置。 此过程可以最大程度地减少可能导致不可恢复错误的多个位错误累积的可能性。 每当系统从S1,S2或S3状态退出时,将调用擦除程序,以确保在完全系统操作恢复时不存在单个位错误。