摘要:
A platform including a security system is described. The security system comprises, in one embodiment, a multi-state system having a plurality of modes, available whenever the platform has a source of power. The modes comprise an unarmed mode, in which the security system is not protecting the platform, an armed mode, in which the platform is protected, the armed mode reached from the unarmed mode, after an arming command, and a suspecting mode, in which the platform is suspecting theft, the suspecting mode reached from the armed mode, when a risk behavior is detected.
摘要:
A platform to support verification of the contents of an input-output device. The platform includes a platform hardware, which may verify the contents of the I/O device. The platform hardware may comprise components such as manageability engine and verification engine that are used to verify the contents of the I/O device even before the contents of the I/O device are exposed to an operating system supported by a host. The platform components may delete the infected portions of the contents of I/O device if the verification process indicates that the contents of the I/O device include the infected portions.
摘要:
Embodiments of apparatuses and methods for memory event notification are disclosed. In one embodiment, a processor includes address translation hardware and memory event hardware. The address translation hardware is to support translation of a first address, used by software to access a memory, to a second address, used by the processor to access the memory. The memory event hardware is to detect an access to a registered portion of memory.
摘要:
In accordance with some embodiments, software may be downloaded to an end point, even when that said end point is not fully functional. An indication that software is available for distribution may be stored in a dedicated location within a non-volatile memory. That location may be checked for software to download, for example, on each boot up. The software may then be downloaded and verified. Thereafter, the location is marked to indicate that the software has already been downloaded.
摘要:
A method and device for providing a secure scan of a data storage device from a remote server are disclosed. In some embodiments, a computing device may include an in-band processor configured to execute an operating system and at least one host driver, communication circuitry configured to communicate with a remote server, and an out-of-band (OOB) processor capable of communicating with the remote server using the communication circuitry irrespective of the state of the operating system. The OOB processor may be configured to receive a block read request from the remote server, instruct the at least one host driver to send a storage command to a data storage device, receive data retrieved from the data storage device and authentication metadata generated by the data storage device, and transmit the data and the authentication metadata to the remote server.
摘要:
A management engine may be used to trap configuration cycles during the boot process and thereafter in response to operating system enumeration. As a result, a virtual bus device can be created. The bus device may be used to provision software to the platform even when the operating system is corrupted or non-functional.
摘要:
Embodiments of apparatuses, methods for partitioning systems, and partitionable and partitioned systems are disclosed. In one embodiment, a system includes processors and a partition manager. The partition manager is to allocate a subset of the processors to a first partition and another subset of the processors to a second partition. The first partition is to execute first operating system level software and the second partition is to execute second operating system level software. The first operating system level software is to manage the processors in the first partition as resources individually accessible to the first operating system level software, and the second operating system level software is to manage the processors in the second partition as resources individually accessible to the second operating system level software. The partition manager is also to present the second partition, including the second operating system level software, to the first operating system level software as platform level functionality embedded in the system.
摘要:
A method and device allowing a scan of a data storage device from a remote server are disclosed. In some embodiments, a computing device may include an out-of-band (OOB) configured to compute a first hash value for data stored in one or more sectors of a data storage device at a first time; receive, using communication circuitry, a request to transmit a portion of the data stored in the one or more sectors of the data storage device at a second time, the second time being subsequent to the first time; compute a second hash value for the data stored in the one or more sectors of the data storage device at the second time; and transmit, using the communication circuitry, the requested portion of the data, only if the second hash value does not match the first hash value.
摘要:
In accordance with some embodiments, software may be downloaded to an end point, even when that said end point is not fully functional. An indication that software is available for distribution may be stored in a dedicated location within a non-volatile memory. That location may be checked for software to download, for example, on each boot up. The software may then be downloaded and verified. Thereafter, the location is marked to indicate that the software has already been downloaded.
摘要:
In a many core system, receiving a call to a graphics driver; translating the call into a command executable on a core of the many core system; and executing the translated call on the core.