公开(公告)号：US07702789B2

公开(公告)日：2010-04-20

申请号：US11266147

申请日：2005-11-03

Applicant: Daryl C. Cromer ,  Howard J. Locker ,  Randall S. Springfield ,  Rod D. Waltermann

Inventor： Daryl C. Cromer ,  Howard J. Locker ,  Randall S. Springfield ,  Rod D. Waltermann

IPC: G06F15/173

CPC classification number: G06F9/5088 ,  G06F9/4856

Abstract: An apparatus, system, and method are disclosed for reassigning a client. A selection module selects a second computation module that is hardware compatible with a first computation module. A suspension module suspends a software process for a client executing on the first computation module. An execution state module copies a computation module execution state of the first computation module to the second computation module. A memory map module copies a memory map of a software process image associated with the software process and stored in a first storage system from the first computation module to the second computation module. In one embodiment, a resumption module resumes the software process executing on the second computation module.

Abstract translation: 公开了用于重新分配客户端的装置，系统和方法。 选择模块选择与第一计算模块硬件兼容的第二计算模块。 暂停模块暂停在第一计算模块上执行的客户端的软件处理。 执行状态模块将第一计算模块的计算模块执行状态复制到第二计算模块。 存储器映射模块将与软件过程相关联的软件过程映像的存储器映射复制并存储在第一存储系统中，从第一计算模块到第二计算模块。 在一个实施例中，恢复模块恢复在第二计算模块上执行的软件过程。

公开(公告)号：US20090222909A1

公开(公告)日：2009-09-03

申请号：US12040535

申请日：2008-02-29

Applicant: David C. Challener ,  Howard Locker ,  Randall S. Springfield

Inventor： David C. Challener ,  Howard Locker ,  Randall S. Springfield

IPC: G06F21/00

CPC classification number: G06F21/31 ,  G06F21/575

Abstract: In accordance with at least one presently preferred embodiment of the present invention, there is broadly contemplated herein the managing of a POP not solely in the BIOS but at least partly in a more secure location. In accordance with a particularly preferred embodiment of the present invention, this location could be in a NVRAM (non-volatile random access memory) inside a TPM (trusted platform module). Most preferably, this location will contain code that the BIOS preferably will need to access and employ in order to complete the booting of the system.

Abstract translation: 根据本发明的至少一个目前优选的实施例，这里广泛考虑到不仅在BIOS中管理POP，而且至少部分地在更安全的位置。 根据本发明的特别优选的实施例，该位置可以在TPM（可信平台模块）内的NVRAM（非易失性随机存取存储器）中。 最优选地，该位置将包含BIOS优选地需要访问和应用以便完成系统引导的代码。

公开(公告)号：US20080046998A1

公开(公告)日：2008-02-21

申请号：US11493952

申请日：2006-07-27

Applicant: Daryl Cromer ,  Howard Jeffrey Locker ,  Randall S. Springfield ,  Rod D. Waltermann

Inventor： Daryl Cromer ,  Howard Jeffrey Locker ,  Randall S. Springfield ,  Rod D. Waltermann

IPC: G06F12/14

CPC classification number: G06F21/805 ,  G06F2221/2143

Abstract: A hard disk drive unit includes a microprocessor programmed to erase data stored within the drive unit if it is determined that a process potentially leading to a misuse of the data stored within the drive unit, and if secure disposal configuration data stored in nonvolatile storage within the drive indicates that the data is to be erased. Such a process includes initializing the drive unit for operation without providing a password matching a password stored in the drive unit, initializing the drive unit in a system not having CMOS configuration data matching the drive unit, and determining that a failure rate within the drive unit exceeds a threshold level.

Abstract translation: 如果确定可能导致误用存储在驱动单元内的数据的过程，以及如果存储在驱动单元内的非易失性存储器中的安全处理配置数据，则硬盘驱动器单元包括被编程为擦除存储在驱动单元内的数据的微处理器 驱动器指示要擦除的数据。 这样的处理包括初始化用于操作的驱动单元，而不提供与存储在驱动单元中的密码匹配的密码，在不具有与驱动单元匹配的CMOS配置数据的系统中初始化驱动单元，以及确定驱动单元内的故障率 超过阈值水平。

公开(公告)号：US20080010517A1

公开(公告)日：2008-01-10

申请号：US11475361

申请日：2006-06-27

Applicant: Howard J. Locker ,  Daryl C. Cromer ,  Randall S. Springfield ,  Rod D. Waltermann ,  John C. Mese ,  Scott E. Kelso ,  Nathan J. Peterson ,  Arnold S. Weksler

Inventor： Howard J. Locker ,  Daryl C. Cromer ,  Randall S. Springfield ,  Rod D. Waltermann ,  John C. Mese ,  Scott E. Kelso ,  Nathan J. Peterson ,  Arnold S. Weksler

IPC: G06F11/00

CPC classification number: G06F11/0766 ,  G06F11/0712

Abstract: A client computer system is provided with two operating systems, one of which is a user operating system (UOS) and the other of which is a service operating system (SOS), and a hypervisor. In the event of a hang in the first operating system, the second operating system remains active, out of the awareness of the user of the system, and has reporting and command response capabilities beyond those of prior technology.

Abstract translation: 客户端计算机系统具有两个操作系统，其中一个是用户操作系统（UOS），另一个是服务操作系统（SOS），以及管理程序。 在第一个操作系统出现故障的情况下，第二个操作系统保持活动状态，不在系统用户的意识之内，并具有超越现有技术的报告和命令响应功能。

公开(公告)号：US07269725B2

公开(公告)日：2007-09-11

申请号：US10738183

申请日：2003-12-17

Applicant: Daryl C. Cromer ,  Howard J. Locker ,  Randall S. Springfield

Inventor： Daryl C. Cromer ,  Howard J. Locker ,  Randall S. Springfield

IPC: G06F1/24 ,  G06F9/00

CPC classification number: G06F21/6272 ,  G06F1/183 ,  G06F21/575 ,  G06F21/88 ,  G06F2221/2129

Abstract: A method is provided of uniquely binding, through connection, a subsystem device having restricted information space for storing code, to a system having a structure for generating and delivering a unique code to identify the system to the information storage space in the subsystem. The method comprises determining if the information storage space in the subsystem has information therein when the subsystem is connected to the system. If no information is contained in the information storage space in the subsystem, the system writes the unique code from the system to the information storage space in the subsystem. If information is in the information storage space, that information is compared with the unique code in the system, and operation of the system is allowed if, and only if, the information in the information storage space matches the unique code generated by the system. A structure for performing this method is also provided.

Abstract translation: 提供了一种通过连接将具有用于存储代码的受限信息空间的子系统设备唯一地绑定到具有用于生成和递送唯一代码以将系统识别到子系统中的信息存储空间的结构的系统的方法。 该方法包括当子系统连接到系统时确定子系统中的信息存储空间是否具有信息。 如果子系统的信息存储空间中没有信息，则系统将唯一的代码写入子系统中的信息存储空间。 如果信息在信息存储空间中，则该信息与系统中的唯一代码进行比较，并且仅当信息存储空间中的信息与系统生成的唯一代码匹配时才允许系统的操作。 还提供了一种用于执行该方法的结构。

公开(公告)号：US5987536A

公开(公告)日：1999-11-16

申请号：US861555

申请日：1997-05-22

Applicant: Robert D. Johnson ,  Howard J. Locker ,  Jerry W. Pearce ,  Randall S. Springfield ,  Donald D. Williams

Inventor： Robert D. Johnson ,  Howard J. Locker ,  Jerry W. Pearce ,  Randall S. Springfield ,  Donald D. Williams

IPC: G06F9/445 ,  G06F15/02

CPC classification number: G06F9/4403

Abstract: Disclosed is a personal computer system which includes a central processing unit (CPU) coupled to a direct access storage device (DASD) and a random access memory (RAM). A flash memory module is coupled to the CPU and an input/output (IO) bus and includes a basic input output system (BIOS) stored therein. The BIOS is effective for responding to the energization of the computer system by initiating a power on self test (POST). The BIOS is further operative on completion of the POST for transferring a portion of BIOS from the module to the RAM and for transferring control of the of the computer system to the BIOS portion. The portion of BIOS is operative to load a protected mode operating system (OS) into RAM and transfer control to the OS. The system further includes a logic circuit coupled to the flash memory module and the IO bus for allowing the BIOS in flash memory to be accessed while the protected mode OS is running.

Abstract translation: 公开了一种个人计算机系统，其包括耦合到直接存取存储装置（DASD）和随机存取存储器（RAM）的中央处理单元（CPU）。 闪存模块耦合到CPU和输入/输出（IO）总线，并且包括存储在其中的基本输入输出系统（BIOS）。 BIOS通过启动电源自检（POST）来响应计算机系统的通电。 在完成POST以将BIOS的一部分从模块传送到RAM并用于将计算机系统的控制传送到BIOS部分的同时，BIOS进一步操作。 BIOS的部分操作是将保护模式操作系统（OS）加载到RAM中，并将控制传输到OS。 该系统还包括耦合到闪速存储器模块和IO总线的逻辑电路，用于在保护模式OS正在运行时允许访问闪存中的BIOS。

公开(公告)号：US09323956B2

公开(公告)日：2016-04-26

申请号：US11865049

申请日：2007-09-30

Applicant: David C. Challener ,  Daryl Cromer ,  Howard Locker ,  Randall S. Springfield

Inventor： David C. Challener ,  Daryl Cromer ,  Howard Locker ,  Randall S. Springfield

IPC: G06F12/14 ,  G06F21/80 ,  G06F21/79

CPC classification number: G06F21/80 ,  G06F21/79

Abstract: Methods and arrangements for managing a flash drive, hard disk, or connection between the two, in a manner to ensure that sensitive data is not decrypted at any time when it would be vulnerable. Accordingly, in a first implementation, the data may preferably be encrypted as it first goes into a flash drive and decrypted when it comes out of the flash drive. In another implementation, the flash drive may be logically bound to the hard disk, so that they would both use the same encryption key. In yet another implementation, if a hard disk is moved to another system, then the flash drive may also preferably be simultaneously moved.

Abstract translation: 用于管理闪存驱动器，硬盘或两者之间的连接的方法和布置，以确保敏感数据在易受攻击的任何时候不被解密。 因此，在第一实现中，数据可以优选地被加密，因为它们首先进入闪存驱动器并且当它从闪存驱动器出来时被解密。 在另一个实现中，闪存驱动器可以逻辑地绑定到硬盘，使得它们都将使用相同的加密密钥。 在又一实施方式中，如果将硬盘移动到另一系统，则闪存驱动器也可以优选地同时移动。

公开(公告)号：US09015078B2

公开(公告)日：2015-04-21

申请号：US12748423

申请日：2010-03-28

Applicant: David C. Challener ,  Richard W. Cheston ,  Randall S. Springfield ,  Howard J. Locker

Inventor： David C. Challener ,  Richard W. Cheston ,  Randall S. Springfield ,  Howard J. Locker

IPC: G06Q20/00 ,  G06Q20/40 ,  G06Q20/38 ,  G06Q40/02 ,  G06Q50/26 ,  G06Q40/00

CPC classification number: G06Q20/40 ,  G06Q20/38215 ,  G06Q20/3825 ,  G06Q40/02 ,  G06Q40/12 ,  G06Q50/265

Abstract: An exemplary method includes transmitting, via a network interface, at least a currency amount in an attempt to confirm a financial transaction; responsive to the transmitting, receiving a confirmation indicator for the financial transaction; storing at least the currency amount in non-volatile memory; hashing at least the currency amount to generate a hash and storing the hash in a secure non-volatile memory; hashing at least the currency amount stored in the non-volatile memory to generate a verification hash; and in an attempt to verify at least the financial transaction, comparing the verification hash to the hash stored in the secure non-volatile memory. Various other apparatuses, systems, methods, etc., are also disclosed.

Abstract translation: 一种示例性方法包括经由网络接口​​至少发送货币金额来尝试确认金融交易; 响应于发送，接收金融交易的确认指标; 将至少存储在非易失性存储器中的货币量; 至少散列货币量以产生散列并将散列存储在安全的非易失性存储器中; 至少散列存储在非易失性存储器中的货币量以产生验证散列; 并且尝试至少验证金融交易，将验证散列与存储在安全非易失性存储器中的散列进行比较。 还公开了各种其它装置，系统，方法等。

公开(公告)号：US08898355B2

公开(公告)日：2014-11-25

申请号：US11693515

申请日：2007-03-29

Applicant: Randall S. Springfield ,  Daryl Cromer ,  Howard Locker ,  Rod D. Waltermann

Inventor： Randall S. Springfield ,  Daryl Cromer ,  Howard Locker ,  Rod D. Waltermann

IPC: G06F13/12 ,  G06F13/38 ,  G06F3/00 ,  G06F5/00 ,  G06F9/44

CPC classification number: G06F9/4416

Abstract: An arrangement for facilitating remote booting in diskless client systems as just described. To this end, there is broadly contemplated herein the employment of a hypervisor that can freely accommodate a variety of booting arrangements for a given OS. This then ensures that few if any modifications, especially costly ones, would need to be made to the OS to ensure greater versatility.

Abstract translation: 一种用于在无盘客户端系统中进行远程启动的方案，如上所述。 为此，在这里广泛考虑到使用可以自由地适应给定OS的各种启动布置的管理程序。 这样就可以确保很少如果需要对操作系统进行任何修改，特别是昂贵的修改，以确保更多的通用性。

公开(公告)号：US08566600B2

公开(公告)日：2013-10-22

申请号：US12040535

申请日：2008-02-29

Applicant: David C. Challener ,  Howard Locker ,  Randall S. Springfield

Inventor： David C. Challener ,  Howard Locker ,  Randall S. Springfield

IPC: G06F21/00

CPC classification number: G06F21/31 ,  G06F21/575

Abstract: In accordance with at least one presently preferred embodiment of the present invention, there is broadly contemplated herein the managing of a POP not solely in the BIOS but at least partly in a more secure location. In accordance with a particularly preferred embodiment of the present invention, this location could be in a NVRAM (non-volatile random access memory) inside a TPM (trusted platform module). Most preferably, this location will contain code that the BIOS preferably will need to access and employ in order to complete the booting of the system.

Abstract translation: 根据本发明的至少一个目前优选的实施例，这里广泛考虑到不仅在BIOS中管理POP，而且至少部分地在更安全的位置。 根据本发明的特别优选的实施例，该位置可以在TPM（可信平台模块）内的NVRAM（非易失性随机存取存储器）中。 最优选地，该位置将包含BIOS优选地需要访问和应用以便完成系统引导的代码。