公开(公告)号：US20210073386A1

公开(公告)日：2021-03-11

申请号：US16980884

申请日：2018-05-31

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Vali Ali ,  Richard Bramley ,  Ronald Rod Ferreira ,  Endrigo Pinheiro

IPC: G06F21/57 ,  G06F9/4401 ,  G06F16/22

Abstract: An example computer system includes a memory having a computer program, a set of data containing a cryptographic first hash protected by a code, and a set of trusted security guidelines for operating an electronic device; a trusted platform module device to store a second hash associated with the computer program; a trusted application computing agent to establish that a hardware initialization sequence of the electronic device is trusted upon matching the first hash with the second hash; and a controller to operate the computer program on the electronic device according to the set of trusted security guidelines.

公开(公告)号：US20200159929A1

公开(公告)日：2020-05-21

申请号：US16478986

申请日：2017-08-08

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY L.P.

Inventor： Christopher H Stewart ,  Baraneedharan Anbazhagen ,  Lan Wang ,  Stanley Hyojun Park ,  Vali Ali ,  Wei Ze Liu ,  Mark A Piwonka

IPC: G06F21/57 ,  G06F21/60 ,  G06F9/4401 ,  G06F8/654

Abstract: Examples associated with basic input/output system (BIOS) up-dates are described. One example method includes system management mode locking a first pre-extensible firmware interface initialization (PEI) region and a driver execution environment (DXE) region of a shared serial peripheral (SPI) chip of a BIOS of a computer. A second PEI region of the shared SPI chip is chipset locked. A record in a system management random access memory associated with a video option read only memory (ROM) is created. The video option ROM is loaded. The first PEI region is updated, and periodic graphical updates regarding the progress of updating the first PEI region are provided using the video option ROM.

公开(公告)号：US20190065747A1

公开(公告)日：2019-02-28

申请号：US15770537

申请日：2016-02-03

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Marcelo Gomes de Oliveira ,  Diogo Cesa Rosa ,  Fernando Ferretto ,  Charles R Staub ,  Lan Wang ,  Vali Ali ,  James R Waldron ,  Tiago V de Quadros Weber ,  Julio Cesar Sa Campao

IPC: G06F21/57 ,  H04L9/32 ,  H04L9/06 ,  H04L9/30 ,  H04L9/08 ,  G06F21/55

Abstract: Examples associated with heartbeat signal verification are disclosed. One example includes verifying a provisioning key using a trusted key. The provisioning key is received from a remote device via an intermediary process. An intermediate key provided by the intermediary process is verified using the provisioning key. A session identifier encrypted using the intermediate key and provided to the intermediary process. A first heartbeat signal is received from intermediary process. The heartbeat signal is generated based on the session identifier.

公开(公告)号：US09547765B2

公开(公告)日：2017-01-17

申请号：US14953065

申请日：2015-11-27

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Jeff Jeansonne ,  Vali Ali ,  James M. Mann

IPC: G06F21/00 ,  G06F21/53 ,  G06F9/455 ,  G06F21/50 ,  G06F21/56

CPC classification number: G06F21/53 ,  G06F9/45533 ,  G06F21/50 ,  G06F21/56 ,  G06F2009/45579 ,  G06F2009/45587 ,  G06F2221/034

Abstract: A plurality of virtual domains are isolated from one another by a virtual machine monitor (VMM), the plurality of virtual domains including a first guest domain and a privileged domain. Peripheral related instructions are isolated from the first guest domain. The privileged domain is to cause execution of the peripheral related instructions, where the peripheral related instructions upon execution validate a type of the peripheral device.

Abstract translation: 多个虚拟域通过虚拟机监视器（VMM）彼此隔离，所述多个虚拟域包括第一来宾域和特权域。 外围相关指令与第一个访客域隔离。 特权域是执行外围设备相关指令，其中执行时的外围设备相关指令验证外围设备的类型。