公开(公告)号：US20090248845A1

公开(公告)日：2009-10-01

申请号：US12059968

申请日：2008-03-31

Applicant: Rod D. Waltermann ,  Howard Locker ,  Joseph Michael Pennisi ,  Mark Charles Davis

Inventor： Rod D. Waltermann ,  Howard Locker ,  Joseph Michael Pennisi ,  Mark Charles Davis

IPC: G06F15/173

CPC classification number: H04L47/10 ,  H04L47/765 ,  H04L47/803 ,  H04L49/356 ,  H04L67/1097

Abstract: Network bandwidth is allocated to storage access requests as a function of a client system activities. Client system activities that produce network access requests and remote storage access requests are monitored. The network bandwidth allocation between network access requests and storage access requests is modified as a function of the monitored client system activities.

Abstract translation: 作为客户端系统活动的功能，网络带宽被分配给存储访问请求。 监视产生网络访问请求和远程存储访问请求的客户端系统活动。 网络访问请求和存储访问请求之间的网络带宽分配被修改为受监视的客户端系统活动的功能。

公开(公告)号：US20080162932A1

公开(公告)日：2008-07-03

申请号：US11647932

申请日：2006-12-29

Applicant: David Carroll Challener ,  John H. Nicholson ,  Joseph Michael Pennisi ,  Rod D. Waltermann

Inventor： David Carroll Challener ,  John H. Nicholson ,  Joseph Michael Pennisi ,  Rod D. Waltermann

IPC: H04L9/14

CPC classification number: G06F21/57 ,  G06F21/51 ,  H04L9/0897 ,  H04L9/3236

Abstract: A system and method for authenticating suspect code includes steps of: receiving the suspect code for a first instance of a trusted platform module; loading the suspect code into a trusted platform module device operatively associated with a processor, wherein the suspect code is loaded outside of a shielded location within the trusted platform module device; retrieving a validation public key from a table and storing it in a register in the trusted platform module device, the validation public key indexed by the suspect code; and retrieving a hash algorithm from the table, the hash algorithm indexed by the suspect code. The hash algorithm is run to derive a first hash value; then, using the validation public key, the second hash value is decrypted to derive a second decrypted hash value. The two hash values are compared; and upon determining a match, the suspect code is loaded into the shielded location of the processor for execution by the processor.

Abstract translation: 用于认证可疑代码的系统和方法包括以下步骤：接收可信平台模块的第一实例的可疑代码; 将可疑代码加载到与处理器可操作地相关联的可信任的平台模块设备中，其中可疑代码被加载到可信平台模块设备内的屏蔽位置之外; 从表中检索验证公钥并将其存储在可信平台模块设备中的寄存器中，由可疑代码索引的验证公钥; 并从表中检索散列算法，由可疑代码索引的哈希算法。 运行散列算法以导出第一散列值; 然后，使用验证公钥，解密第二哈希值以导出第二解密哈希值。 比较两个哈希值; 并且在确定匹配时，可疑代码被加载到处理器的屏蔽位置以供处理器执行。

公开(公告)号：US20080148389A1

公开(公告)日：2008-06-19

申请号：US11612092

申请日：2006-12-18

Applicant: Howard Locker ,  Daryl Cromer ,  Randall S. Springfield ,  Rod D. Waltermann

Inventor： Howard Locker ,  Daryl Cromer ,  Randall S. Springfield ,  Rod D. Waltermann

IPC: G06F7/04

CPC classification number: G06F21/575

Abstract: A method for providing centralized user authorization to allow secure sign-on to a computer system is disclosed. In response to a user attempting to boot up a computer system, a message is sent to a trusted server by a hypervisor within the computer to request a new hard drive password for the computer system. If the user is not authorized to access the computer system, a packet is sent by the trusted server to instruct the hypervisor to stop any boot process on the computer system. If the user is authorized to access the computer system, a packet containing a partial hard drive password is sent by the trusted server to the computer system. The packet is then encrypted with a system public key by the computer system to yield the partial hard drive password. The computer system subsequently combines the partial hard drive password with a user password to generate a new complete hard drive password to continue with the boot process.

Abstract translation: 公开了一种用于提供集中式用户授权以允许对计算机系统进行安全登录的方法。 响应于尝试启动计算机系统的用户，由计算机内的虚拟机管理程序向可信服务器发送消息，以请求计算机系统的新的硬盘驱动器密码。 如果用户没有权限访问计算机系统，则可信服务器发送一个数据包，以指示管理程序停止计算机系统上的任何引导过程。 如果用户被授权访问计算机系统，则包含部分硬盘驱动器密码的分组由可信服务器发送到计算机系统。 然后，计算机系统使用系统公钥对数据包进行加密，以产生部分硬盘驱动器密码。 计算机系统随后将部分硬盘驱动器密码与用户密码相结合，以生成新的完整硬盘驱动器密码，以继续引导过程。

公开(公告)号：US20080077785A1

公开(公告)日：2008-03-27

申请号：US11535538

申请日：2006-09-27

Applicant: Rod D. Waltermann ,  Daryl Cromer ,  Howard J. Locker ,  Randall S. Springfield

Inventor： Rod D. Waltermann ,  Daryl Cromer ,  Howard J. Locker ,  Randall S. Springfield

IPC: G06F15/177 ,  G06F9/00

CPC classification number: G06F21/10 ,  G06F21/55 ,  G06F2221/0737 ,  G06F2221/0775 ,  G06F2221/2135

Abstract: A method for preventing unauthorized modifications to a rental computer system is disclosed. During boot up of the rental computer system, a determination is made whether or not a time-day card is bound to the rental computer system. If the time-day card is bound to the rental computer system, another determination is made whether or not a time/date value on the time-day card is less than a secure time/date value stored in a secure storage location during the most recent power down. If the time/date value on the time-day card is not less than the secure time/date value, yet another determination is made whether or not the time/date value is less than an end time/date rental value. If the time/date value is less than the end time/date rental value, the rental computer system continues to boot.

Abstract translation: 公开了一种防止对租赁计算机系统的未经授权的修改的方法。 在租赁计算机系统的引导期间，确定时间日卡是否绑定到租赁计算机系统。 如果时间日卡被绑定到租赁计算机系统，则另外确定时间日卡上的时间/日期值是否小于最多存储在安全存储位置中的安全时间/日期值 最近掉电。 如果时间日卡上的时间/日期值不小于安全时间/日期值，则另外确定时间/日期值是否小于结束时间/日期租赁值。 如果时间/日期值小于结束时间/日期租金值，则租用计算机系统将继续启动。

公开(公告)号：US20080002372A1

公开(公告)日：2008-01-03

申请号：US11476438

申请日：2006-06-28

Applicant: Scott Edwards Kelso ,  John Carl Mese ,  Nathan J. Peterson ,  Rod D. Waltermann ,  Arnold S. Weksler

Inventor： Scott Edwards Kelso ,  John Carl Mese ,  Nathan J. Peterson ,  Rod D. Waltermann ,  Arnold S. Weksler

IPC: H05K1/14

CPC classification number: G06K19/07309 ,  H05K1/0272 ,  H05K3/22 ,  H05K2203/0776 ,  H05K2203/1163 ,  H05K2203/178

Abstract: A card formed with a cavity located within the card. The cavity is used to hold one or more liquid chemicals. Additional hollow regions abut the visual and magnetic versions of the sensitive data and are normally separated from the chemicals. When the card is sharply folded, the chemicals are released from the cavity and flow in the hollow regions abutting the stored data. The chemicals render the data unreadable, such as by obscuring the visual display with an opaque film. Additionally, in at least some embodiments, the magnetic strip on the credit card is implemented in such a way that there are two separate portions, with the encoded data divided in such a way that both portions are required in order to be decoded.

Abstract translation: 形成有位于卡内的腔的卡。 空腔用于容纳一种或多种液体化学品。 附加的空心区域与敏感数据的视觉和磁性版本相邻，通常与化学品分离。 当卡被急剧地折叠时，化学物质从空腔中释放出来并在与所存储的数据邻接的中空区域中流动。 化学物质使数据不可读，例如用不透明的胶片掩盖视觉显示。 此外，在至少一些实施例中，信用卡上的磁条以这样的方式实现，即存在两个分开的部分，其中编码数据被划分成两个部分以便被解码的方式。

公开(公告)号：US20070294465A1

公开(公告)日：2007-12-20

申请号：US11472494

申请日：2006-06-20

Applicant: Arnold S. Weksler ,  Neal R. Caliendo ,  Jeffrey M. Estroff ,  Scott E. Kelso ,  John C. Mese ,  Nathan J. Peterson ,  Jose R. Ruiz ,  Rod D. Waltermann

Inventor： Arnold S. Weksler ,  Neal R. Caliendo ,  Jeffrey M. Estroff ,  Scott E. Kelso ,  John C. Mese ,  Nathan J. Peterson ,  Jose R. Ruiz ,  Rod D. Waltermann

IPC: G06F12/00 ,  G06F9/46

CPC classification number: G06F9/4411 ,  G06F8/63

Abstract: The present invention relates to a method for removing the driver map component from being stored on the service partition and placing it on a server for retrieval at a later time. Only the actual device drivers that are required for that system will be provided. A central repository will be provided for applications and device drivers that would leverage the AMT area. The AMT IDE-R would be used to store the hook to network install, for example an IT administrator initiated network install to an unpowered system. Two situations exist in which this method will be used. The first situation involves supplying ImageUltra content to a system that is connected to the Local Area Network while ImageUltra is running. The second situation involves supplying ImageUltra content to a system that is not connected to the Local Area Network while ImageUltra is running.

Abstract translation: 本发明涉及一种用于将驱动程序映射组件移除存储在服务分区上并将其放置在服务器上以便稍后进行检索的方法。 仅提供该系统所需的实际设备驱动程序。 将为使用AMT区域的应用程序和设备驱动程序提供中央存储库。 AMT IDE-R将用于存储钩子到网络安装，例如IT管理员启动网络安装到无动力系统。 存在使用这种方法的两种情况。 第一种情况是在ImageUltra运行时将ImageUltra内容提供给连接到局域网的系统。 第二种情况是在ImageUltra正在运行时，将ImageUltra内容提供给未连接到局域网的系统。

公开(公告)号：US20070283169A1

公开(公告)日：2007-12-06

申请号：US11446737

申请日：2006-06-05

Applicant: Howard J. Locker ,  Daryl C. Cromer ,  Randall S. Springfield ,  Rod D. Waltermann

Inventor： Howard J. Locker ,  Daryl C. Cromer ,  Randall S. Springfield ,  Rod D. Waltermann

IPC: H04L9/00 ,  G06F12/14 ,  H04L9/32 ,  G06F11/30

CPC classification number: G06F12/1475 ,  G06F21/78

Abstract: A method for controlling file access on computer systems is disclosed. Initially, a virtual machine manager (VMM) is provided in a computer system. In response to a write request, the VMM determines whether or not a location field is valid. If the location field is not valid, then the VMM writes the write request information to a storage device; but if the location field is valid, then the VMM encrypts the write request information before writing the write request information to the storage device. In response to a read request, the VMM again determines whether or not a location field is valid. If the location field is not valid, then the VMM sends the read request information to a read requester; but, if the location field is valid, then the VMM decrypts the read request information before sending the read request information to the read requester.

Abstract translation: 公开了一种用于控制计算机系统上的文件访问的方法。 最初，在计算机系统中提供虚拟机管理器（VMM）。 响应于写入请求，VMM确定位置字段是否有效。 如果位置字段无效，则VMM将写请求信息写入存储设备; 但是如果位置字段有效，则VMM在将写入请求信息写入存储设备之前对写入请求信息进行加密。 响应于读取请求，VMM再次确定位置字段是否有效。 如果位置字段无效，则VMM将读取请求信息发送给读取请求者; 但是，如果位置字段有效，则VMM在将读取请求信息发送给读取请求者之前解密读取请求信息。

公开(公告)号：US10368233B2

公开(公告)日：2019-07-30

申请号：US11772221

申请日：2007-06-30

Applicant: Rod D. Waltermann ,  Scott E. Kelso ,  John C. Mese ,  Nathan J. Peterson ,  Arnold S. Weksler

Inventor： Rod D. Waltermann ,  Scott E. Kelso ,  John C. Mese ,  Nathan J. Peterson ,  Arnold S. Weksler

IPC: H04W4/02 ,  G08B13/14 ,  H04W8/00 ,  H04W8/24 ,  H04W64/00

Abstract: An arrangement for employing a host of receivers that may already be present in a laptop, to enable the laptop to collect a significant amount of data about its location. Once the system then finds a readily available connection, it can then transmit information about its location as well as other information to help pinpoint the location of the laptop.

公开(公告)号：US09262042B2

公开(公告)日：2016-02-16

申请号：US13189788

申请日：2011-07-25

Applicant: Karen R. Kluttz ,  James A. Hunt ,  David Rivera ,  Rod D. Waltermann

Inventor： Karen R. Kluttz ,  James A. Hunt ,  David Rivera ,  Rod D. Waltermann

IPC: G06F3/0481 ,  G06F17/30

CPC classification number: G06F3/0481 ,  G06F17/30126

Abstract: Devices, methods and products are described that provide file transfer applications. One aspect provides a method including opening a file transfer application on an information handling device having an internal storage device; providing a source display area indicating a source storage device; providing a destination display area indicating a destination storage device; responsive to movement of one or more file icons a predetermined threshold amount beyond a boundary separating said source display area and said destination display area, change one or more indications to indicate to a user a destination storage device to which one or more files is to be transferred, said changing further comprising modifying screen brightness of the source display area; and responsive to movement of said one or more file icons a predetermined threshold amount beyond said boundary, transferring said one or more files to said destination storage device. Other embodiments are described.

Abstract translation: 描述了提供文件传输应用的设备，方法和产品。 一方面提供一种方法，包括在具有内部存储装置的信息处理装置上打开文件传送应用程序; 提供指示源存储装置的源显示区域; 提供指示目的地存储装置的目的地显示区域; 响应于一个或多个文件图标的移动超过分隔所述源显示区域和所述目的地显示区域的边界的预定阈值量，改变一个或多个指示以向用户指示将要存在一个或多个文件的目的地存储设备 所述改变进一步包括改变所述源显示区域的屏幕亮度; 并且响应于所述一个或多个文件图标的移动超过所述边界的预定阈值量，将所述一个或多个文件传送到所述目的地存储设备。 描述其他实施例。

公开(公告)号：US09182970B2

公开(公告)日：2015-11-10

申请号：US13435379

申请日：2012-03-30

Applicant: Nathan J. Peterson ,  Rod D. Waltermann ,  Richard Paul Cornwell ,  Bruce Douglas Gress ,  Jun Li

Inventor： Nathan J. Peterson ,  Rod D. Waltermann ,  Richard Paul Cornwell ,  Bruce Douglas Gress ,  Jun Li

IPC: G06F9/44 ,  G06F9/445

CPC classification number: G06F8/63 ,  G06F8/60

Abstract: Systems, methods and products directed toward creating device preloads via employing base and additional image content. One aspect includes communicating an aspect of an information handling device, and assimilating additional image content at the information handling device responsive to communication of the aspect of the device, wherein a base image and the additional image content are combined to form a unitary device image. Other embodiments are described herein.

Abstract translation: 系统，方法和产品旨在通过采用基础和附加图像内容来创建设备预加载。 一个方面包括传达信息处理设备的方面，以及响应于设备的方面的通信，在信息处理设备中吸收附加图像内容，其中基本图像和附加图像内容被组合以形成单一设备图像。 本文描述了其它实施例。