-
公开(公告)号:US20130283383A1
公开(公告)日:2013-10-24
申请号:US13919609
申请日:2013-06-17
IPC分类号: G06F21/56
CPC分类号: G06F21/561 , G06F21/51 , G06F21/56 , G06F21/74 , G06F21/85 , G06F2221/034 , G06F2221/2101 , G06F2221/2105
摘要: A platform to support verification of the contents of an input-output device. The platform includes a platform hardware, which may verify the contents of the I/O device. The platform hardware may comprise components such as manageability engine and verification engine that are used to verify the contents of the I/O device even before the contents of the I/O device are exposed to an operating system supported by a host. The platform components may delete the infected portions of the contents of I/O device if the verification process indicates that the contents of the I/O device include the infected portions.
摘要翻译: 支持验证输入输出设备内容的平台。 该平台包括可以验证I / O设备内容的平台硬件。 即使在I / O设备的内容暴露于由主机支持的操作系统之前,平台硬件也可以包括用于验证I / O设备的内容的诸如可管理性引擎和验证引擎的组件。 如果验证过程指示I / O设备的内容包括感染部分,则平台组件可以删除I / O设备的内容的被感染部分。
-
12.发明授权Method and apparatus allowing scan of data storage device from remote server 有权允许从远程服务器扫描数据存储设备的方法和装置公开(公告)号:US08489686B2
公开(公告)日:2013-07-16
申请号:US12785131
申请日:2010-05-21
申请人: Hormuzd Khosravi , David Durham , David A. Edwards , Venkat R. Gokulrangan , Men Long , Yasser Rasheed
发明人: Hormuzd Khosravi , David Durham , David A. Edwards , Venkat R. Gokulrangan , Men Long , Yasser Rasheed
IPC分类号: G06F15/16
摘要: A method and device allowing a scan of a data storage device from a remote server are disclosed. In some embodiments, a computing device may include an out-of-band (OOB) configured to compute a first hash value for data stored in one or more sectors of a data storage device at a first time; receive, using communication circuitry, a request to transmit a portion of the data stored in the one or more sectors of the data storage device at a second time, the second time being subsequent to the first time; compute a second hash value for the data stored in the one or more sectors of the data storage device at the second time; and transmit, using the communication circuitry, the requested portion of the data, only if the second hash value does not match the first hash value.
摘要翻译: 公开了允许从远程服务器扫描数据存储设备的方法和设备。 在一些实施例中,计算设备可以包括带外(OOB),其被配置为在第一时间对存储在数据存储设备的一个或多个扇区中的数据计算第一散列值; 接收使用通信电路的请求,以在第二时间之后的第二时间第二时间发送存储在数据存储装置的一个或多个扇区中的数据的一部分的请求; 在第二次计算存储在数据存储设备的一个或多个扇区中的数据的第二哈希值; 并且仅当所述第二散列值与所述第一散列值不匹配时,才使用所述通信电路来发送所请求的数据部分。
-
公开(公告)号:US20110078799A1
公开(公告)日:2011-03-31
申请号:US12658876
申请日:2010-02-17
申请人: Ravi L. Sahita , David M. Durham , Steve Orrin , Yasser Rasheed , Prasanna G. Mulgaonkar , Paul S. Schmitz , Hormuzd M. Khosravi
发明人: Ravi L. Sahita , David M. Durham , Steve Orrin , Yasser Rasheed , Prasanna G. Mulgaonkar , Paul S. Schmitz , Hormuzd M. Khosravi
摘要: In some embodiments, approaches may provide an out-of-band (OOB) agent to protect a platform. The OOB agent may be able to use non-TRS methods to measure and protect an in-band security agent. In some embodiments, a manageability engine can provide out of band connectivity to the in-band and out-of-band security agents and provide access to the system memory resources without having to rely on OS services. This can be used for a trusted anti-malware and remediation service.
摘要翻译: 在一些实施例中,方法可以提供带外(OOB)代理来保护平台。 OOB代理可能能够使用非TRS方法来测量和保护带内安全代理。 在一些实施例中,可管理性引擎可以向带内和带外安全代理提供带外连接,并提供对系统存储器资源的访问,而不必依赖于OS服务。 这可以用于受信任的反恶意软件和修复服务。
-
公开(公告)号:US20160286393A1
公开(公告)日:2016-09-29
申请号:US14669268
申请日:2015-03-26
CPC分类号: H04W12/06 , G06F21/35 , G06F21/43 , H04L9/3215 , H04L9/3234 , H04L63/0853 , H04L63/18 , H04L2209/80 , H04W12/08
摘要: In an embodiment, at least one non-transitory computer readable storage medium includes instructions that when executed enable a system to: request, by an authentication logic of the system during a multi-factor authentication of a user of the system to obtain access to a first service, a token to be sent from a second system associated with the first service to a third system associated with the user; receive, in the authentication logic, the token from the third system without user involvement via a secure channel; and send the token from the authentication logic to the second system to authenticate the user. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,至少一个非暂时性计算机可读存储介质包括指令,当被执行时,该指令使得系统能够在系统的用户的多因素认证期间由系统的认证逻辑请求以获得对 第一服务,要从与第一服务相关联的第二系统发送到与用户相关联的第三系统的令牌; 在认证逻辑中接收来自第三系统的令牌,而无需通过安全信道进行用户参与; 并将令牌从认证逻辑发送到第二系统以认证用户。 描述和要求保护其他实施例。
-
公开(公告)号:US20140181504A1
公开(公告)日:2014-06-26
申请号:US13723890
申请日:2012-12-21
IPC分类号: H04L29/06
CPC分类号: H04L63/0823 , H04L63/062
摘要: Technologies for securely provisioning a personal computing device for enterprise connectivity includes a trusted computing device for wirelessly communicating with the personal computing device, generating a key pair for the personal computing device, generating a certificate signing request, sending the certificate signing request on behalf of the personal computing device, receiving an access certificate for enterprise connectivity, and securely exporting the access certificate and a private key of the key pair to the personal computing device.
摘要翻译: 用于安全地配置用于企业连接的个人计算设备的技术包括用于与个人计算设备无线通信的可信计算设备,为个人计算设备生成密钥对,生成证书签名请求,代表 个人计算设备,接收用于企业连接的访问证书,以及将密钥对的访问证书和私钥安全地导出到个人计算设备。
-
公开(公告)号:US20140020121A1
公开(公告)日:2014-01-16
申请号:US13992238
申请日:2011-12-22
申请人: Michael Berger , Mukesh Kataria , Jeffrey M. Tripp , Yasser Rasheed , David Birnbaum , Hung P. Huynh , Eli Kupermann , Mazen G. Gedeon , Joshua M. Resch
发明人: Michael Berger , Mukesh Kataria , Jeffrey M. Tripp , Yasser Rasheed , David Birnbaum , Hung P. Huynh , Eli Kupermann , Mazen G. Gedeon , Joshua M. Resch
IPC分类号: G06F21/70
摘要: A platform including a security system is described. The security system comprises, in one embodiment, a multi-state system having a plurality of modes, available whenever the platform has a source of power. The modes comprise an unarmed mode, in which the security system is not protecting the platform, an armed mode, in which the platform is protected, the armed mode reached from the unarmed mode, after an arming command, and a suspecting mode, in which the platform is suspecting theft, the suspecting mode reached from the armed mode, when a risk behavior is detected.
摘要翻译: 描述了包括安全系统的平台。 在一个实施例中,安全系统包括具有多个模式的多状态系统,每当平台具有电源时,该系统是可用的。 这些模式包括非武装模式,其中安全系统不保护平台,平台受保护的武装模式,武装模式到达武装模式,布防命令和怀疑模式之后,其中 该平台怀疑盗窃,当发现风险行为时,武装模式达到了怀疑模式。
-
公开(公告)号:US08468279B2
公开(公告)日:2013-06-18
申请号:US12415612
申请日:2009-03-31
CPC分类号: G06F21/561 , G06F21/51 , G06F21/56 , G06F21/74 , G06F21/85 , G06F2221/034 , G06F2221/2101 , G06F2221/2105
摘要: A platform to support verification of the contents of an input-output device. The platform includes a platform hardware, which may verify the contents of the I/O device. The platform hardware may comprise components such as manageability engine and verification engine that are used to verify the contents of the I/O device even before the contents of the I/O device are exposed to an operating system supported by a host. The platform components may delete the infected portions of the contents of I/O device if the verification process indicates that the contents of the I/O device include the infected portions.
-
公开(公告)号:US08321501B2
公开(公告)日:2012-11-27
申请号:US12646692
申请日:2009-12-23
申请人: David A. Edwards , Hormuzd M. Khosravi , Yasser Rasheed , Divya Naidu Kolar Sunder , Josephe E. Clark
发明人: David A. Edwards , Hormuzd M. Khosravi , Yasser Rasheed , Divya Naidu Kolar Sunder , Josephe E. Clark
IPC分类号: G06F15/16
CPC分类号: H04L67/1097
摘要: Embodiments of the present disclosure provide methods and computing devices configured to establish secure out-of-band storage control. In various embodiments, a management module in a client device may be used to communicate with a server device independent of an operating system of the client device, to facilitate remote storage services. Other embodiments may be disclosed and claimed.
摘要翻译: 本公开的实施例提供了被配置为建立安全的带外存储控制的方法和计算设备。 在各种实施例中,客户端设备中的管理模块可用于与独立于客户端设备的操作系统的服务器设备通信,以便于远程存储服务。 可以公开和要求保护其他实施例。
-
19.发明申请VIRTUAL AND HIDDEN SERVICE PARTITION AND DYNAMIC ENHANCED THIRD PARTY DATA STORE 有权虚拟和隐藏服务分区和动态增强第三方数据存储公开(公告)号:US20110161551A1
公开(公告)日:2011-06-30
申请号:US12647538
申请日:2009-12-27
IPC分类号: G06F12/02
CPC分类号: G06F21/80 , G06F9/5077
摘要: A system reserves and manages a hidden service partition through components of the hardware platform of a computing device. The hidden partition is not accessible by way of a host operating system on the computing device. A hardware platform controller provisions a portion of nonvolatile storage through configuration settings of the hardware platform controller. When the host system requests settings related to storage in the system, the request is routed through the interfaces of the hardware platform, and the hardware platform controller reports in accordance with the configuration settings, hiding the service partition. The hidden partition is dynamically modifiable through secure remote access to the hardware platform controller, not through the host system such as operating system or BIOS.
摘要翻译: 系统通过计算设备的硬件平台的组件来保留和管理隐藏的服务分区。 隐藏的分区不能通过计算设备上的主机操作系统访问。 硬件平台控制器通过硬件平台控制器的配置设置来提供非易失性存储器的一部分。 当主机系统请求与系统存储相关的设置时,请求通过硬件平台的接口进行路由,硬件平台控制器根据配置设置进行报告,隐藏服务分区。 隐藏的分区可以通过安全远程访问硬件平台控制器而不是通过主机系统(如操作系统或BIOS)进行动态修改。
-
公开(公告)号:US20100306399A1
公开(公告)日:2010-12-02
申请号:US12454927
申请日:2009-05-26
IPC分类号: G06F15/16 , G06F9/44 , G06F15/173
CPC分类号: H04L63/029 , G06F8/60 , G06F9/4416 , H04L67/1097 , H04L67/34
摘要: A method and apparatus for traversing a firewall between an Intranet and the Internet without the use of a proxy server is provided. Internet Small Computer Systems Interface (iSCSI) streaming over a firewall is provided by tunneling iSCSI over Hypertext Transport Protocol (Security) (HTTP(S)).
摘要翻译: 提供了一种在不使用代理服务器的情况下在Intranet和Internet之间遍历防火墙的方法和装置。 通过在超文本传输协议(安全性)(HTTP(S))上隧道化iSCSI来提供通过防火墙的互联网小型计算机系统接口(iSCSI)流。
-
-
-
-
-
-
-
-
-
搜索结果
40 条记录 (耗时 0.023 秒)