-
公开(公告)号:US07330977B2
公开(公告)日:2008-02-12
申请号:US10748062
申请日:2003-12-30
IPC分类号: H04L9/00
CPC分类号: G06F21/78 , G06F11/1458 , G06F11/1469
摘要: An apparatus for securely backing up data using a cryptographic module includes a mass storage device having a first accessible portion and a second encrypted portion. The mass storage device is initialized to only decrypt the encrypted portion on the system that first created the encrypted portion. The cryptographic module may be a Trusted Platform Module (TPM) based on specifications from the Trusted Computer Group. The mass storage device comprises a trusted platform interface module configured to communicate with the TPM. The system may include a motherboard having a TPM, and the mass storage device. The method in one embodiment comprises providing a computer readable mass storage device, initializing a password module, transmitting an encrypted password to the cryptographic module, authenticating the encrypted password, decrypting the encrypted password, transmitting the decrypted password to the computer readable medium, and decrypting the second encrypted portion using the decrypted password.
摘要翻译: 使用加密模块安全地备份数据的装置包括具有第一可访问部分和第二加密部分的大容量存储设备。 大容量存储设备被初始化为仅对首先创建加密部分的系统上的加密部分进行解密。 加密模块可以是基于可信计算机组的规范的可信平台模块(TPM)。 大容量存储设备包括被配置为与TPM通信的可信平台接口模块。 该系统可以包括具有TPM的主板和大容量存储设备。 在一个实施例中的方法包括提供计算机可读大容量存储设备,初始化密码模块,向加密模块发送加密密码,认证加密密码,解密加密密码,将解密的密码发送到计算机可读介质,以及解密 使用解密密码的第二加密部分。
-
12.发明申请SENDING LOG OF ACCESSED DATA PRIOR TO EXECUTING DISABLE COMMAND IN LOST COMPUTER 审中-公开在丢失计算机上执行禁用命令的发送日志公开(公告)号:US20090328233A1
公开(公告)日:2009-12-31
申请号:US12146210
申请日:2008-06-25
IPC分类号: H04L9/00
CPC分类号: G06F21/575 , G06F21/554 , G06F21/88 , G06F2221/2105 , G06F2221/2111 , G06F2221/2143 , G06F2221/2147
摘要: Prior to disabling itself in response to a disable command, a lost or stolen portable computer first constructs a log of data that has been accessed recently and sends the log to the rightful owner's address, so the owner knows specifically what data might have been compromised.
摘要翻译: 在响应禁用命令禁用自身之前,丢失或被盗便携式计算机首先构建最近访问的数据日志,并将该日志发送给合法的所有者的地址,因此所有者明确地知道哪些数据可能已被泄密。
-
公开(公告)号:US07853804B2
公开(公告)日:2010-12-14
申请号:US11852418
申请日:2007-09-10
CPC分类号: G06F21/575
摘要: A system, method, and program product is provided that initializes expected PCRs stored in a TPM by generating and storing a random number, seeding expected PCRs with the random number, inputting a set of startup code processes to a hash algorithm resulting in a set of hash values, updating the expected PCRs using the set of hash values, and saving the expected PCRs in a nonvolatile data area that is secured by the TPM. Upon reboot, the random number is retrieved from the nonvolatile data area, the PCRs are seeded with the retrieved random number, the startup code processes are input to the hash algorithm process resulting in another set of hash values, the PCRs are updated using the resulting set of hash values, and an encrypted data object is decrypted in response to the PCRs being the same as the expected PCRs.
摘要翻译: 提供了一种系统,方法和程序产品,其通过生成和存储随机数来初始化存储在TPM中的预期PCR,将随机数的种子预期PCR输入到一个散列算法中,从而产生一组 散列值,使用该组散列值更新预期PCR,并将预期PCR保存在由TPM保护的非易失性数据区域中。 在重新启动时,从非易失性数据区域检索随机数,用检索的随机数种子PCR,将启动代码处理输入到散列算法处理,得到另一组散列值,使用所得到的更新PCR 响应于与预期PCR相同的PCR来解密加密数据对象。
-
公开(公告)号:US20090070598A1
公开(公告)日:2009-03-12
申请号:US11852418
申请日:2007-09-10
IPC分类号: G06F12/14
CPC分类号: G06F21/575
摘要: A system, method, and program product is provided that initializes expected PCRs stored in a TPM by generating and storing a random number, seeding expected PCRs with the random number, inputting a set of startup code processes to a hash algorithm resulting in a set of hash values, updating the expected PCRs using the set of hash values, and saving the expected PCRs in a nonvolatile data area that is secured by the TPM. Upon reboot, the random number is retrieved from the nonvolatile data area, the PCRs are seeded with the retrieved random number, the startup code processes are input to the hash algorithm process resulting in another set of hash values, the PCRs are updated using the resulting set of hash values, and an encrypted data object is decrypted in response to the PCRs being the same as the expected PCRs.
摘要翻译: 提供了一种系统,方法和程序产品,其通过生成和存储随机数来初始化存储在TPM中的预期PCR,将随机数的种子预期PCR输入到一个散列算法中,从而产生一组 散列值,使用该组散列值更新预期PCR,并将预期PCR保存在由TPM保护的非易失性数据区域中。 在重新启动时,从非易失性数据区域检索随机数,用检索的随机数种子PCR,将启动代码处理输入到散列算法处理,得到另一组散列值,使用所得到的更新PCR 响应于与预期PCR相同的PCR来解密加密数据对象。
-
15.发明授权公开(公告)号:US07480265B2
公开(公告)日:2009-01-20
申请号:US10727004
申请日:2003-12-03
CPC分类号: H04L12/12 , H04W52/0225 , H04W84/12 , Y02D70/142 , Y02D70/144
摘要: A system and method for autonomic extensions to wake on LAN are presented. An access point detects wake on LAN (WOL) requests that are targeted for unassociated clients. When the access point detects a WOL request for an unassociated client, the access point stores the WOL request in a table for a predefined amount of time. A client queries the access point periodically to see if the access point is storing a WOL request which is targeted for the client. When the access point receives the query, the access point compares the client's identifier, such as its MAC address, with targeted client identifiers corresponding to pending WOL requests. When the access point detects a match, the access point sends the WOL request to the client for the client to process.
摘要翻译: 提出了一种用于局域网唤醒的自主扩展的系统和方法。 接入点检测针对非关联客户机的唤醒唤醒(WOL)请求。 当接入点检测到无关联客户端的WOL请求时,接入点将WOL请求存储在表中预定义的时间量。 客户端定期查询接入点,查看接入点是否正在存储针对客户端的WOL请求。 当接入点接收到查询时,接入点将客户端的标识符(例如其MAC地址)与对应于待处理的WOL请求的目标客户端标识进行比较。 当接入点检测到匹配时,接入点将发送WOL请求给客户端进行处理。
-
公开(公告)号:US20080301675A1
公开(公告)日:2008-12-04
申请号:US11755130
申请日:2007-05-30
申请人: Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield , Jennifer Greenwood Zawacki
发明人: Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield , Jennifer Greenwood Zawacki
IPC分类号: G06F9/455
CPC分类号: G06F9/45533 , G06F3/1438
摘要: A hypervisor operating system instantiates a virtual video driver to a main operating system that supports only one type of graphics adapter. The virtual driver handles graphics remapping among plural different display drivers associated with plural different display monitors to enable a computer to output data on multiple different monitors even though the main O.S. supports only one type of display driver.
摘要翻译: 虚拟机管理程序操作系统将虚拟视频驱动程序实例化为仅支持一种图形适配器的主操作系统。 虚拟驱动器处理与多个不同显示监视器相关联的多个不同显示驱动器之间的图形重新映射,以使得计算机能够在多个不同显示器上输出数据,即使主O.S. 仅支持一种显示驱动程序。
-
17.发明授权System and method for securely clearing secret data that remain in a computer system memory 有权用于安全地清除保留在计算机系统存储器中的秘密数据的系统和方法公开(公告)号:US08312534B2
公开(公告)日:2012-11-13
申请号:US12040953
申请日:2008-03-03
申请人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield
发明人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: G06F21/00 , G06F17/00 , G06F17/30 , G06F15/177
摘要: A system, method, and program product is provided that initializes a counter maintained in a nonvolatile memory of a security module to an initialization value. The security module receives requests for a secret from requesters. The security module releases the secret to the requesters and the released secrets are stored in memory areas allocated to the requesters. A counter is incremented when the secret is released. Requestors send notifications to the security module indicating that the requestor has removed the secret from the requestor's memory area. The security module decrements the counter each time a notification is received. When the computer system is rebooted, if the counter is not at the initialization value, the system memory is scrubbed erasing any secrets that remain in memory.
摘要翻译: 提供了一种系统,方法和程序产品,其将维护在安全模块的非易失性存储器中的计数器初始化为初始化值。 安全模块从请求者接收到秘密的请求。 安全模块向请求者释放秘密,所发布的秘密存储在分配给请求者的内存区域中。 当秘密被释放时,计数器递增。 请求者向安全模块发送指示请求者已经从请求者的存储区域移除了秘密的通知。 每次接收到通知时,安全模块都会递减计数器。 当计算机系统重新启动时,如果计数器不在初始化值,系统内存将被擦除擦除留在内存中的任何秘密。
-
18.发明申请System and Method to Use Chipset Resources to Clear Sensitive Data from Computer System Memory 审中-公开使用芯片组资源清除计算机系统内存中的敏感数据的系统和方法公开(公告)号:US20090222635A1
公开(公告)日:2009-09-03
申请号:US12040981
申请日:2008-03-03
申请人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield
发明人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: G06F15/177 , G06F12/00
CPC分类号: G06F12/1433 , G06F21/575 , G06F2221/2143
摘要: A system, method, and program product is provided that initializes a computer system using an initialization process that identifies secrets that were stored in memory and not scrubbed during a prior use of the computer system. During the initialization process, one or more secret indicators are retrieved that identify whether one or more secrets were scrubbed from the computer system's memory during a previous use of the computer system. If the secret indicators show that one or more secrets were not scrubbed from the memory during the prior use of the computer system, then the initialization process scrubs the memory. On the other hand, if the secret indicators show that each of the secrets was scrubbed from the memory during the prior use of the computer system, then the memory is not scrubbed during the initialization process.
摘要翻译: 提供了一种系统,方法和程序产品,其使用识别存储在存储器中并且在先前使用计算机系统期间不被擦除的秘密的初始化过程来初始化计算机系统。 在初始化过程中,检索一个或多个秘密指示符,其识别在先前使用计算机系统期间是否从计算机系统的存储器擦除了一个或多个秘密。 如果秘密指示器显示在计算机系统的先前使用期间没有从存储器擦除一个或多个秘密,则初始化过程擦除存储器。 另一方面,如果秘密指示器显示在计算机系统的先前使用期间从存储器擦除了每个秘密,则在初始化过程期间不擦除存储器。
-
公开(公告)号:US20080239545A1
公开(公告)日:2008-10-02
申请号:US11692307
申请日:2007-03-28
IPC分类号: G11B15/18
CPC分类号: G11B15/03 , G11B5/725 , G11B15/18 , G11B33/148 , G11B2220/2516
摘要: A system and method to avoid disk lube pooling is presented. A track access monitor tracks the number of times that a program accesses a particular track located on a hard drive. When the track access monitor determines that the number of track accesses to a particular track exceed a track access threshold, the track access monitor invokes a sequence of events to scan adjacent tracks in order to uniformly redistribute lubrication over the hard drive. In one embodiment, the track access monitor incrementally performs the adjacent track scanning during hard drive idle periods, such as when the system waits for a password from a user or when the operating system conserves power and idles the hard drive due to lack of activity.
摘要翻译: 提出了一种避免磁盘润滑池的系统和方法。 轨道访问监视器跟踪程序访问位于硬盘驱动器上的特定轨道的次数。 当轨道访问监视器确定对特定轨道的轨道访问数量超过轨道访问阈值时,轨道访问监视器调用一系列事件来扫描相邻轨道,以便均匀地重新分配硬盘驱动器上的润滑。 在一个实施例中,轨道访问监视器在硬盘驱动器空闲时段期间,例如当系统等待来自用户的密码或当操作系统由于缺乏活动而节省电力和空闲硬盘驱动器时,逐渐执行相邻轨道扫描。
-
20.发明申请System and Method for Using a Hypervisor to Control Access to a Rental Computer 审中-公开使用管理程序控制对租用计算机的访问的系统和方法公开(公告)号:US20080147555A1
公开(公告)日:2008-06-19
申请号:US11692310
申请日:2007-03-28
IPC分类号: G06Q99/00
CPC分类号: G06F21/57 , G06F9/45558 , G06F21/10 , G06F21/575 , G06F2009/45575 , G06Q30/06
摘要: A system, method, and program product is provided that executes a hypervisor in order to control access to a rental computer system. The hypervisor performs steps that include: reading a rental metric from a nonvolatile storage area, comparing the rental metric with a rental limit, allowing use of one or more guest operating systems by a user of the computer system in response to the rental metric being within the rental limit, and inhibiting use of the guest operating systems by the user of the computer system in response to the rental metric exceeding the rental limit.
摘要翻译: 提供了一种执行管理程序以便控制对租用计算机系统的访问的系统,方法和程序产品。 管理程序执行步骤,其包括:从非易失性存储区域读取租赁指标,将租赁度量与租赁限制进行比较,允许计算机系统的用户使用一个或多个客户操作系统来响应租赁度量 租金限制,以及响应于超出租金限额的租金标准,由计算机系统的用户禁止使用客人操作系统。
-
-
-
-
-
-
-
-
-
搜索结果
114 条记录 (耗时 0.038 秒)
