公开(公告)号：US07424745B2

公开(公告)日：2008-09-09

申请号：US11057804

申请日：2005-02-14

申请人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Howard Jeffrey Locker ,  Randall Scott Springfield

发明人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Howard Jeffrey Locker ,  Randall Scott Springfield

IPC分类号： G06F11/30 ,  G06F12/14 ,  G06F7/04 ,  G06F17/30 ,  H04L9/32 ,  G06K9/00 ,  G06F15/177 ,  G06F15/16 ,  G06F15/18 ,  G08B23/00

CPC分类号： G06F21/575 ,  G06F21/56 ,  G06F2221/2115 ,  H04L63/1433 ,  H04L63/145

摘要： A method and system is described for a wireless client computer to be connected via an access point to a network only if the wireless client computer has executed all requisite anti-virus programs. Where necessary, a signal from the access point notifies an anti-viral program server that an anti-virus needs to be immediately downloaded to the wireless client computer. An anti-virus fix is installed on the wireless client computer, and a full session is then initiated between the wireless client computer and a wireless network via the access point.

摘要翻译： 如果无线客户端计算机已经执行了所有必要的防病毒程序，则描述了一种无线客户端计算机通过接入点连接到网络的方法和系统。 必要时，来自接入点的信号通知反病毒程序服务器需要立即将防病毒下载到无线客户端计算机。 在无线客户端计算机上安装了防病毒修复程序，然后通过接入点在无线客户端计算机和无线网络之间启动完整会话。

公开(公告)号：US20080127309A1

公开(公告)日：2008-05-29

申请号：US11564832

申请日：2006-11-29

申请人： David Carroll Challener ,  Daryl Cromer ,  Howard Jeffrey Locker ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Daryl Cromer ,  Howard Jeffrey Locker ,  Randall Scott Springfield

IPC分类号： G06F21/20

CPC分类号： H04L63/10 ,  G06F21/552 ,  G06F2221/2153

摘要： A system and method for using a client-side hypervisor in conjunction with a secure network-side monitoring mechanism to detect removable media insertions since a client's last network session with the secure network is presented. The hypervisor uses a “client-side insertion value” to track the number of times that a user inserts removable media into a socket located on the client. When the client is connected to the secure network, the client's hypervisor notifies the secure network of each insertion and the secure network increments a “secure network-side tracker value.” For each login request, the client includes the client-side insertion value, which the secure network compares against its secure network-side tracker value. When the two values are different, the secure network sends an action request to the client, such as a request to perform a full system scan. Once the client performs the action, the client's hypervisor resets its client-side insertion value and attempts to logon to the secure network again.

摘要翻译： 提出了客户端管理程序与安全网络侧监视机制结合使用以检测可移动介质插入的系统和方法，因为客户端与安全网络的最后一次网络会话。 管理程序使用“客户端插入值”来跟踪用户将可移动媒体插入位于客户端上的套接字的次数。 当客户端连接到安全网络时，客户端的管理程序会将安全网络通知每个插入，并且安全网络会增加“安全网络侧跟踪器值”。 对于每个登录请求，客户端包括客户端插入值，安全网络与安全网络侧跟踪器值进行比较。 当两个值不同时，安全网络向客户端发送动作请求，例如执行完整系统扫描的请求。 一旦客户端执行操作，客户端的管理程序将重置其客户端插入值，并尝试再次登录到安全网络。

公开(公告)号：US07330977B2

公开(公告)日：2008-02-12

申请号：US10748062

申请日：2003-12-30

申请人： Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Randall Scott Springfield

发明人： Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Randall Scott Springfield

IPC分类号： H04L9/00

CPC分类号： G06F21/78 ,  G06F11/1458 ,  G06F11/1469

摘要： An apparatus for securely backing up data using a cryptographic module includes a mass storage device having a first accessible portion and a second encrypted portion. The mass storage device is initialized to only decrypt the encrypted portion on the system that first created the encrypted portion. The cryptographic module may be a Trusted Platform Module (TPM) based on specifications from the Trusted Computer Group. The mass storage device comprises a trusted platform interface module configured to communicate with the TPM. The system may include a motherboard having a TPM, and the mass storage device. The method in one embodiment comprises providing a computer readable mass storage device, initializing a password module, transmitting an encrypted password to the cryptographic module, authenticating the encrypted password, decrypting the encrypted password, transmitting the decrypted password to the computer readable medium, and decrypting the second encrypted portion using the decrypted password.

摘要翻译： 使用加密模块安全地备份数据的装置包括具有第一可访问部分和第二加密部分的大容量存储设备。 大容量存储设备被初始化为仅对首先创建加密部分的系统上的加密部分进行解密。 加密模块可以是基于可信计算机组的规范的可信平台模块（TPM）。 大容量存储设备包括被配置为与TPM通信的可信平台接口模块。 该系统可以包括具有TPM的主板和大容量存储设备。 在一个实施例中的方法包括提供计算机可读大容量存储设备，初始化密码模块，向加密模块发送加密密码，认证加密密码，解密加密密码，将解密的密码发送到计算机可读介质，以及解密 使用解密密码的第二加密部分。

公开(公告)号：US07319299B2

公开(公告)日：2008-01-15

申请号：US11167751

申请日：2005-06-27

申请人： Joseph Wayne Freeman ,  Steven Dale Goodman ,  Isaac Karpel ,  Randall Scott Springfield

发明人： Joseph Wayne Freeman ,  Steven Dale Goodman ,  Isaac Karpel ,  Randall Scott Springfield

IPC分类号： H02P5/00

CPC分类号： G06F1/20 ,  F04D27/00 ,  F04D27/001 ,  F04D29/582

摘要： A cooling fan, system and method for controlling cooling fans in a personal computer. A unique series of sensing points is placed on a rotating hub of a cooling fan in order to uniquely identify the particular type of cooling fan. A tachometer sensor mounted in the cooling fan detects the unique series of sensing points as the cooling fan rotates and generates a sequence of pulses corresponding to the detected sending points. This generated pulse signal may be transmitted by the sensor to the fan control code. The fan control code may determine a particular type of cooling fan that the cooling fan is based on the generated pulse signal. Once the fan control code determines the particular type of cooling fan that the cooling fan is, the fan control code uses particular control parameters set for that particular type of cooling fan to control the cooling fan so that it operates optimally.

摘要翻译： 一种用于控制个人计算机中的冷却风扇的冷却风扇，系统和方法。 为了唯一地识别特定类型的冷却风扇，将一系列传感点放置在冷却风扇的旋转轮毂上。 安装在冷却风扇中的转速计传感器在冷却风扇旋转时检测独特的感测点系列，并产生与检测到的发送点相对应的脉冲序列。 该生成的脉冲信号可以由传感器传输到风扇控制代码。 风扇控制代码可以确定冷却风扇基于生成的脉冲信号的特定类型的冷却风扇。 一旦风扇控制代码确定了冷却风扇的特定类型的冷却风扇，则风扇控制代码使用为特定类型的冷却风扇设置的特定控制参数来控制冷却风扇，使其最佳运行。

公开(公告)号：US07210166B2

公开(公告)日：2007-04-24

申请号：US10967761

申请日：2004-10-16

申请人： Mark Charles Davis ,  Randall Scott Springfield

发明人： Mark Charles Davis ,  Randall Scott Springfield

IPC分类号： H04L9/00 ,  G06F15/177 ,  G06F17/30

CPC分类号： H04L9/3228 ,  G06F21/31 ,  G06F21/575 ,  H04L9/0863 ,  H04L9/0869 ,  H04L9/0897 ,  H04L63/083 ,  H04L2463/081

摘要： A method, system, and program product for enabling administrative recovery of a user's lost/forgotten boot-up passwords without compromising the administrative/master password(s). A restricted-use password is dynamically generated from a first hash of a random number generated on a client system and a secret retrieved from a secure device associated with the client system. The restricted-use password operates as a master password but is not the administrative password of the client system. Once the password is generated, it is provided to the user/client system to enable user access to said client system and hardfile and reset of the user passwords.

摘要翻译： 一种方法，系统和程序产品，用于在不影响管理/主密码的情况下实现对用户丢失/遗忘启动密码的管理恢复。 从客户端系统上产生的随机数的第一个哈希值和从与客户机系统相关联的安全设备检索的秘密，动态地生成受限制的密码。 受限使用的密码作为主密码操作，但不是客户端系统的管理密码。 一旦生成密码，就将它提供给用户/客户端系统，以使用户能够访问所述客户端系统，并且硬文件和用户密码的复位。

公开(公告)号：US07177782B2

公开(公告)日：2007-02-13

申请号：US10871848

申请日：2004-06-18

申请人： Ohad Falik ,  Joseph Wayne Freeman ,  Isaac Karpel ,  James S. Rutledge ,  Randall Scott Springfield

发明人： Ohad Falik ,  Joseph Wayne Freeman ,  Isaac Karpel ,  James S. Rutledge ,  Randall Scott Springfield

IPC分类号： G06F15/00 ,  G06F12/00

CPC分类号： G06F11/348 ,  G06F11/0778 ,  G06F11/1666 ,  G06F11/2015

摘要： Methods and arrangements for capturing information related to operational conditions are disclosed. Embodiments include volatile memory to quickly record operational parameters via, e.g., basic input output system (BIOS) code, system management interrupt (SMI) code and/or executing applications. Many embodiments provide an alternative power source and a voltage switch to protect against loss of the information between storage in the volatile memory and storage in the non-volatile memory. Some embodiments include a read controller that provides access to the volatile memory when primary power is available. The read controller may also offer direct access to the non-volatile memory in case of a catastrophic failure that renders the processing device substantially non-functional. Further embodiments include a second processing device to generate a usage model and/or to perform diagnostics with the operational parameters.

摘要翻译： 公开了捕获与操作条件有关的信息的方法和布置。 实施例包括通过例如基本输入输出系统（BIOS）代码，系统管理中断（SMI）代码和/或执行应用程序来快速记录操作参数的易失性存储器。 许多实施例提供了替代电源和电压开关，以防止在易失性存储器中的存储器和非易失性存储器中的存储之间的信息丢失。 一些实施例包括在主电源可用时提供对易失性存储器的访问的读取控制器。 在导致处理设备基本上不起作用的灾难性故障的情况下，读控制器还可以提供对非易失性存储器的直接访问。 另外的实施例包括用于生成使用模型和/或使用操作参数执行诊断的第二处理装置。

公开(公告)号：US20060184785A1

公开(公告)日：2006-08-17

申请号：US11058987

申请日：2005-02-16

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Steven Dale Goodman ,  Howard Jeffery Locker ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Steven Dale Goodman ,  Howard Jeffery Locker ,  Randall Scott Springfield

IPC分类号： H04L9/00

CPC分类号： G06F21/606 ,  G06F21/85

摘要： An apparatus, system, and method are disclosed for securing I/O communications between a blade and peripheral interface device. The apparatus includes a determination module, a source security module, and a source communication module. The determination module identifies I/O data configured for transmission to a destination module configured to receive secure I/O data. The source security module encrypts the I/O data to generate secured I/O data such that subsequent decryption of the secured I/O data is restricted to a destination module. The source communication module transmits the secured I/O data over a vulnerable communication link to the destination module. The vulnerable communication link comprises a message intercept vulnerability. The destination module is configured to unencrypt the secure I/O data for a destination device such as a display device.

摘要翻译： 公开了用于保护刀片和外围接口设备之间的I / O通信的装置，系统和方法。 该装置包括确定模块，源安全模块和源通信模块。 确定模块识别配置为传输到配置为接收安全I / O数据的目标模块的I / O数据。 源安全模块加密I / O数据以产生安全的I / O数据，使得安全I / O数据的后续解密被限制到目的地模块。 源通信模块通过易受攻击的通信链路将目标模块的安全I / O数据发送到目标模块。 脆弱的通信链路包括消息拦截漏洞。 目的地模块被配置为对诸如显示设备的目的地设备的安全I / O数据进行解密。

公开(公告)号：US06993648B2

公开(公告)日：2006-01-31

申请号：US09931538

申请日：2001-08-16

申请人： Steven Dale Goodman ,  James Patrick Hoff ,  Randall Scott Springfield ,  James Peter Ward

发明人： Steven Dale Goodman ,  James Patrick Hoff ,  Randall Scott Springfield ,  James Peter Ward

IPC分类号： G06F9/24

CPC分类号： G06F9/4401 ,  G06F8/65

摘要： When a flash unlock routine unlocks the flash memory to permit updating of a BIOS image, a message is left in secure non-volatile memory, such as a EEPROM. Upon the next re-boot, the boot block code will detect the special message in the non-volatile memory and perform a signature verification of the next block of code that is to be executed during the POST process. This code block will check the remainder of the BIOS image before POST proceeds.

公开(公告)号：US06944867B2

公开(公告)日：2005-09-13

申请号：US09971942

申请日：2001-10-04

申请人： Richard Wayne Cheston ,  Daryl Carvis Cromer ,  Jeffrey Mark Estroff ,  James Anthony Hunt ,  Howard Jeffrey Locker ,  Joshua Neil Novak ,  Randall Scott Springfield ,  James Peter Ward ,  Arnold Stephen Weksler

发明人： Richard Wayne Cheston ,  Daryl Carvis Cromer ,  Jeffrey Mark Estroff ,  James Anthony Hunt ,  Howard Jeffrey Locker ,  Joshua Neil Novak ,  Randall Scott Springfield ,  James Peter Ward ,  Arnold Stephen Weksler

IPC分类号： G06F9/445 ,  G06F9/24

CPC分类号： G06F9/4406 ,  G06F9/4411

摘要： The hard disk drive of a computer system is loaded with a preloaded image including an operating system, a number of application programs, and a device driver installation routine, all of which are not dependent on the hardware configuration of the computer system. A hidden partition of the hard disk drive is also loaded with a number of device drivers, which are dependent upon the hardware configuration. During the first boot only of the preloaded image, the device drivers are installed by the device driver installation routine.

摘要翻译： 计算机系统的硬盘驱动器装载有包括操作系统，许多应用程序和设备驱动程序安装程序的预加载映像，所有这些都不依赖于计算机系统的硬件配置。 硬盘驱动器的隐藏分区还加载了许多设备驱动程序，这些驱动程序取决于硬件配置。 在首次引导仅预载图像的情况下，设备驱动程序由设备驱动程序安装程序安装。

公开(公告)号：US06862681B2

公开(公告)日：2005-03-01

申请号：US09906506

申请日：2001-07-16

申请人： Richard Wayne Cheston ,  Richard Alan Dayan ,  Randall Scott Springfield

发明人： Richard Wayne Cheston ,  Richard Alan Dayan ,  Randall Scott Springfield

IPC分类号： G06F9/445 ,  G06F15/177

CPC分类号： G06F9/4406 ,  G06F11/1417

摘要： A method and system for recovering a master boot record within a data processing system. In accordance with the method of the present invention, a master boot record recovery setup utility is invoked by a user. In response to invoking the master boot record recovery utility, the master boot record in a first bootable device is copied to an alternate non-volatile storage device. A recovery flag is set within BIOS indicating that the MBR has been securely copied. In response to a failed boot attempted from the first boot device, the copy of said master boot record within said alternate non-volatile storage device is accessed and utilized to boot the system.

摘要翻译： 一种在数据处理系统内恢复主引导记录的方法和系统。 根据本发明的方法，由用户调用主引导记录恢复设置实用程序。 响应于调用主引导记录恢复实用程序，第一个可引导设备中的主引导记录被复制到备用的非易失性存储设备。 在BIOS中设置恢复标志，指示MBR已被安全地复制。 响应于从第一启动设备尝试的失败的引导，所述备用非易失性存储设备内的所述主引导记录的副本被访问并用于引导系统。