公开(公告)号：US06952489B1

公开(公告)日：2005-10-04

申请号：US09675530

申请日：2000-09-29

申请人： Michael F. Angelo ,  Manuel Novoa ,  Richard Churchill

发明人： Michael F. Angelo ,  Manuel Novoa ,  Richard Churchill

IPC分类号： G06K9/00 ,  H04N17/00

CPC分类号： G06K9/00114

摘要： A fingerprint verification method having band detection is provided. In one embodiment, the method includes capturing a fingerprint image and processing the image to determine if it includes bands attributable to changes in illumination intensity during image capture. If such bands are detected, the method preferably aborts the creation of a fingerprint template. Otherwise, if this and other security screens are passed, the method preferably includes the creation of a fingerprint template which may be compared to a stored fingerprint template to verify user identity. If such verification is established, the user is granted access privileges. One embodiment of a system implementing this method includes a fingerprint scanner for capturing fingerprint images, and an interface card having a digital signal processor (DSP) or other suitable mechanisms including software or electronics for processing the fingerprint images and generating a fingerprint template representative of the images. The system may further include a general purpose computer coupled to the interface and configured to receive the fingerprint template. The general purpose computer can then use the fingerprint template to verify the identity of the user.

摘要翻译： 提供了具有频带检测的指纹验证方法。 在一个实施例中，该方法包括捕获指纹图像并处理图像以确定其是否包括归因于图像捕获期间照明强度变化的波段。 如果检测到这样的频带，则该方法优选地中止指纹模板的创建。 否则，如果这个和其他安全屏幕被传递，该方法优选地包括创建指纹模板，其可以与存储的指纹模板进行比较以验证用户身份。 如果这样的验证被建立，用户被授予访问权限。 实施该方法的系统的一个实施例包括用于捕获指纹图像的指纹扫描器，以及具有数字信号处理器（DSP）或包括用于处理指纹图像的软件或电子设备的其它适当机构的接口卡，并且生成代表 图片。 该系统还可以包括耦合到接口并被配置为接收指纹模板的通用计算机。 通用计算机然后可以使用指纹模板来验证用户的身份。

公开(公告)号：US06886109B2

公开(公告)日：2005-04-26

申请号：US09860266

申请日：2001-05-18

申请人： Sompong P. Olarig ,  Michael F. Angelo ,  Chai S. Heng

发明人： Sompong P. Olarig ,  Michael F. Angelo ,  Chai S. Heng

IPC分类号： G06F9/445 ,  G06F11/22 ,  G06F11/00

CPC分类号： G06F9/4401 ,  G06F11/2284

摘要： A computer system includes multiple controllers that assist in executing the Power-On Self Test (POST) sequence to minimize the time required to complete system initialization. By shifting some of the responsibilities for executing the POST sequence to other controllers within the system, the testing and initialization of system devices can proceed concurrently. The controllers interface with peripheral devices, and include a register set that includes command information for initializing the testing and initialization of associated peripherals. The register set also includes dedicated bits for indicating the status of testing and initialization cycles, which can be read by the CPU to determine if testing or initialization is in progress, if it has completed, and if any errors have occurred. The register set also includes a configuration register for indicating configuration information and operating parameters of the initialized drive or peripheral. By distributing the testing and initialization responsibilities to the controllers, execution of the BIOS system software or system initialization software can be expedited, thus minimizing down time caused by initializing the computer system.

摘要翻译： 计算机系统包括多个控制器，它们有助于执行开机自检（POST）顺序，以最小化完成系统初始化所需的时间。 通过将执行POST序列的一些职责转移到系统内的其他控制器，系统设备的测试和初始化可以同时进行。 控制器与外围设备接口，并包括一个寄存器集，其中包含用于初始化相关外设测试和初始化的命令信息。 寄存器集还包括用于指示测试和初始化周期状态的专用位，CPU可以读取它们，以确定测试或初始化是否正在进行，如果已经完成，并且发生任何错误。 寄存器集还包括用于指示初始化的驱动器或外围设备的配置信息和操作参数的配置寄存器。 通过将测试和初始化职责分配给控制器，可以加快执行BIOS系统软件或系统初始化软件，从而最小化由初始化计算机系统造成的停机时间。

公开(公告)号：US06609204B1

公开(公告)日：2003-08-19

申请号：US09280314

申请日：1999-03-29

申请人： Sompong P. Olarig ,  Michael F. Angelo ,  Chi Kim Sides

发明人： Sompong P. Olarig ,  Michael F. Angelo ,  Chi Kim Sides

IPC分类号： H04L900

CPC分类号： H04B3/542 ,  H04B2203/5408 ,  H04B2203/5445 ,  H04B2203/5458

摘要： A computer system and method in which an electrically controlled “hoodlock,” which prevents the computer's chassis from unauthorized opening, can be remotely accessed through powerline communications.

摘要翻译： 可以通过电力线通信来远程访问防止计算机机箱未经授权打开的电控“遮罩”的计算机系统和方法。

公开(公告)号：US06363449B1

公开(公告)日：2002-03-26

申请号：US09280313

申请日：1999-03-29

申请人： Chi Kim Sides ,  Michael F. Angelo ,  Sompong P. Olarig

发明人： Chi Kim Sides ,  Michael F. Angelo ,  Sompong P. Olarig

IPC分类号： G06F1300

CPC分类号： H04B3/546 ,  H04B3/548 ,  H04B2203/5445 ,  H04B2203/5458

摘要： A method and system of interchassis and intrachassis computer component command and control. The existing power rail is used for network connectivity for intrachassis command and control. An existing common power mains can be used for interchassis command and control. Further, a protocol, for example, the Consumer Electronic Bus (CEBus) protocol (or a CEBus protocol modified for the particular power rail) can be used to provide interchassis and intrachassis platform management functionality. This management functionality is similar to that provided by the proposed Intelligent Platform Management Interface (IPMI) specification. A chassis bridge controller is used to interface the intrachassis power rail command and control infrastructure to an exterior network. External systems (interchassis communications) can communicate to the bridge via the particular protocol over an existing common power mains as a secondary channel exterior network. However, the management functionality is implemented intrachassis, that is, it is applied to the internal components of the machine.

摘要翻译： 一种机架和机载计算机组件命令和控制的方法和系统。 现有的电力轨道用于网络连接，用于intrachassis命令和控制。 现有的公共电源可用于机架间的指令和控制。 此外，可以使用诸如消费电子总线（CEBus）协议（或针对特定电力轨道修改的CEBus协议）的协议来提供机架间和平台内平台管理功能。 该管理功能类似于所提出的智能平台管理界面（IPMI）规范。 机箱桥控制器用于将机载电源指挥和控制基础设施连接到外部网络。 外部系统（机架间通信）可以通过特定协议通过现有公共电源作为辅助信道外部网络与桥接器进行通信。 但是，管理功能是在内部实现的，也就是应用于机器的内部组件。

公开(公告)号：US5859911A

公开(公告)日：1999-01-12

申请号：US840795

申请日：1997-04-16

申请人： Michael F. Angelo ,  Sompong P. Olarig ,  George D. Wisecup

发明人： Michael F. Angelo ,  Sompong P. Olarig ,  George D. Wisecup

IPC分类号： G06F12/14 ,  G06F21/00 ,  H04K1/00

CPC分类号： G06F21/572 ,  G06F12/1408 ,  G06F2211/1097

摘要： In a computer system having a receiving computer and a source computer, a method for the remote flashing of the BIOS in the receiving computer including the steps of transferring the flash information from the source computer to the receiving computer, with the flash information including the flash code, the flash code instructions and an encrypted digital signature corresponding to the flash code. The receiving computer is operably placed in a secure mode. A hash value corresponding to the flash information is calculated, and the hash value from the flash information is decrypted. The flash code is validated by comparing the decrypted hash value of the flash information to the calculated hash value, and if validated, the BIOS if flashed with the new flash code.

摘要翻译： 在具有接收计算机和源计算机的计算机系统中，用于在接收计算机中远程闪烁BIOS的方法包括以下步骤：将闪存信息从源计算机传送到接收计算机，闪存信息包括闪存 代码，闪存代码指令和对应于闪存代码的加密数字签名。 接收计算机可操作地置于安全模式。 计算与闪光信息对应的散列值，对来自闪光灯信息的哈希值进行解密。 闪存代码通过将闪存信息的解密散列值与计算出的散列值进行比较来验证，如果验证，则BIOS将使用新的闪存代码闪烁。

公开(公告)号：US5850559A

公开(公告)日：1998-12-15

申请号：US693458

申请日：1996-08-07

申请人： Michael F. Angelo ,  Craig A. Miller

发明人： Michael F. Angelo ,  Craig A. Miller

IPC分类号： G06F1/00 ,  G06F1/26 ,  G06F1/30 ,  G06F21/00 ,  G06F11/00

CPC分类号： G06F1/26 ,  G06F1/30 ,  G06F21/81

摘要： A computer system that automatically and securely executes registered programs immediately prior to a transition to a reduced energy consumption state. A registrar table specifying registered programs and a secure modification detection value for each registered program are maintained in system management mode memory or other secure memory space in the computer system. A system management interrupt is generated following a request to remove power from the computer system or the occurrence of an event that triggers an energy saving mode. The system management interrupt handler routine then generates a current modification detection value for each registered program. The current modification detection values are compared with the secure modification detection values. Execution of a registered program is permitted if the values match. After all registered programs have been executed, the computer system automatically powers down or enters an energy saving mode. The computer system thereby allows secure and convenient execution of programs or commands that would typically interfere with normal computer use.

摘要翻译： 一种计算机系统，其在转换到降低的能量消耗状态之前立即自动且安全地执行注册的程序。 在计算机系统中的系统管理模式存储器或其他安全存储器空间中保持指定注册程序的登记器表和每个注册程序的安全修改检测值。 在从计算机系统移除电力的请求或触发节能模式的事件的发生之后，产生系统管理中断。 然后，系统管理中断处理程序例程为每个注册的程序生成当前的修改检测值。 将当前修改检测值与安全修改检测值进行比较。 如果值匹配，则允许执行注册的程序。 所有注册程序执行完毕后，电脑系统会自动关机或进入节能模式。 因此，计算机系统允许安全和方便地执行通常会干扰正常计算机使用的程序或命令。

公开(公告)号：US5748940A

公开(公告)日：1998-05-05

申请号：US516276

申请日：1995-08-17

申请人： Michael F. Angelo ,  Craig A. Miller ,  David R. Wooten

发明人： Michael F. Angelo ,  Craig A. Miller ,  David R. Wooten

IPC分类号： G06F1/00 ,  G06F11/00 ,  G06F12/14 ,  G06F21/00 ,  G06F12/16

CPC分类号： G06F21/56 ,  G06F11/004 ,  G06F21/572 ,  G06F12/1433 ,  G06F2211/1097

摘要： A secure start-up system for a computer enables a flash memory to be reset in a secured way. Various operations are carried out to make sure that the reset is an authorized one, and to avoid unauthorized, e.g. virus, infiltration. These operations include multiple tests to avoid the probability of the reset being unauthorized. Any one or more than one of the following can be used. Flashing is only authorized when a special flash enable bit is set in the non-volatile memory. This flash enable bit is reset during every startup cycle. Flashing is only authorized from a cold boot as opposed from a warm boot. This minimizes the possibility of a computer routine authorizing flashing by a software reset. Flashing is only authorized from a floppy. This prevents a virus from writing the flashing routine to the boot sector of a non-removable disc. The user is warned prior to flashing, and asked to confirm. Finally, contents of the flashing routine can be checked using some kind of checking algorithm such as a secure hash algorithm.