公开(公告)号：US07765407B2

公开(公告)日：2010-07-27

申请号：US11612092

申请日：2006-12-18

Applicant: Howard Locker ,  Daryl Cromer ,  Randall S. Springfield ,  Rod D. Waltermann

Inventor： Howard Locker ,  Daryl Cromer ,  Randall S. Springfield ,  Rod D. Waltermann

IPC: G06F21/00

CPC classification number: G06F21/575

Abstract: A method for providing centralized user authorization to allow secure sign-on to a computer system is disclosed. In response to a user attempting to boot up a computer system, a message is sent to a trusted server by a hypervisor within the computer to request a new hard drive password for the computer system. If the user is not authorized to access the computer system, a packet is sent by the trusted server to instruct the hypervisor to stop any boot process on the computer system. If the user is authorized to access the computer system, a packet containing a partial hard drive password is sent by the trusted server to the computer system. The packet is then encrypted with a system public key by the computer system to yield the partial hard drive password. The computer system subsequently combines the partial hard drive password with a user password to generate a new complete hard drive password to continue with the boot process.

Abstract translation: 公开了一种用于提供集中式用户授权以允许对计算机系统进行安全登录的方法。 响应于尝试启动计算机系统的用户，由计算机内的虚拟机管理程序向可信服务器发送消息，以请求计算机系统的新的硬盘驱动器密码。 如果用户没有权限访问计算机系统，则可信服务器发送一个数据包，以指示管理程序停止计算机系统上的任何引导过程。 如果用户被授权访问计算机系统，则包含部分硬盘驱动器密码的分组由可信服务器发送到计算机系统。 然后，计算机系统使用系统公钥对数据包进行加密，以产生部分硬盘驱动器密码。 计算机系统随后将部分硬盘驱动器密码与用户密码相结合，以生成新的完整硬盘驱动器密码，以继续引导过程。

公开(公告)号：US20100058042A1

公开(公告)日：2010-03-04

申请号：US12200401

申请日：2008-08-28

Applicant: Howard Locker ,  Richard Wayne Cheston ,  Mark Charles Davis ,  Rod D. Waltermann

Inventor： Howard Locker ,  Richard Wayne Cheston ,  Mark Charles Davis ,  Rod D. Waltermann

IPC: G06F15/177 ,  G06F9/455

CPC classification number: G06F9/4416 ,  G06F9/45533

Abstract: A technique for booting a stateless client includes booting a virtual machine (VM) monitor on the client. The VM monitor is stored in a non-volatile memory area of a memory subsystem (of the client) and a first portion of an operating system (which does not include any state information for the operating system) is stored in the non-volatile memory area of the client. Booting of the operating system for the client is initiated and a remote storage (that stores a second portion of the operating system that includes state information for the operating system) is accessed via a communication link. Booting of the operating system for the client is completed using the second portion of the operating system.

Abstract translation: 用于引导无状态客户端的技术包括在客户机上引导虚拟机（VM）监视器。 VM监视器存储在客户端的存储器子系统的非易失性存储器区域中，并且操作系统的第一部分（其不包括用于操作系统的任何状态信息）存储在非易失性存储器中 客户区域。 启动用于客户端的操作系统的启动，并且经由通信链路访问远程存储（存储操作系统的第二部分，其包括操作系统的状态信息）。 使用操作系统的第二部分完成客户端操作系统的引导。

公开(公告)号：US20090222651A1

公开(公告)日：2009-09-03

申请号：US12040829

申请日：2008-02-29

Applicant: David C. Challener ,  Daryl Cromer ,  Justin T. Dubs ,  Howard Locker ,  James S. Rutledge ,  Randall S. Springfield ,  James J. Thrasher ,  Michael T. Vanover

Inventor： David C. Challener ,  Daryl Cromer ,  Justin T. Dubs ,  Howard Locker ,  James S. Rutledge ,  Randall S. Springfield ,  James J. Thrasher ,  Michael T. Vanover

IPC: G06F15/16 ,  G06F9/00

CPC classification number: G06F9/4418

Abstract: Arrangements for employing a system BIOS (basic input/output system) to handle email during a suspended state (such as an “S3” state as will be better understood herebelow). Preferably, the BIOS is employed to “jump” between two suspended images such that, e.g., two more powerful OS's can be employed to manage the mail function.

Abstract translation: 使用系统BIOS（基本输入/输出系统）在暂停状态下处理电子邮件（例如“S3”状态，以下将被更好地理解）的安排。 优选地，使用BIOS来在两个悬挂图像之间“跳转”，使得例如可以使用两个更强大的OS来管理邮件功能。

公开(公告)号：US20090089875A1

公开(公告)日：2009-04-02

申请号：US11865048

申请日：2007-09-30

Applicant: David C. Challener ,  Daryl Cromer ,  Howard Locker ,  Randall S. Springfield

Inventor： David C. Challener ,  Daryl Cromer ,  Howard Locker ,  Randall S. Springfield

IPC: H04L9/32

CPC classification number: G06F21/57 ,  H04L63/12

Abstract: In a system with a main memory, a network adapter, and a display, a transaction security module in communication with the network adapter. The transaction security module acts to: establish a secure identification item with an entity which positively identifies the entity; accept an application OS of the entity; and initiate a guest OS with the entity; the network adapter acting to connect with the entity subsequent to initiation of a guest OS; and the display acting to display the secure identification item subsequent to connection with the entity.

Abstract translation: 在具有主存储器，网络适配器和显示器的系统中，与网络适配器通信的事务安全模块。 交易安全模块用于：建立一个安全的识别项目，该实体确实标识该实体; 接受实体的应用程序OS; 并与实体发起客户操作系统; 所述网络适配器在发起客户操作系统之后与所述实体进行连接; 以及显示器，用于在与所述实体连接之后显示所述安全识别项目。

公开(公告)号：US20080244254A1

公开(公告)日：2008-10-02

申请号：US11694634

申请日：2007-03-30

Applicant: Daryl Cromer ,  Richard W. Cheston ,  Howard Locker ,  Randall S. Springfield

Inventor： Daryl Cromer ,  Richard W. Cheston ,  Howard Locker ,  Randall S. Springfield

IPC: G06F15/177

CPC classification number: G06F9/45533 ,  G06F9/4416

Abstract: A mobile device, such as a laptop or notebook computer, capable of booting from at least two environments. If a remote environment is present, the mobile device may boot from the remote environment. The mobile device may also boot from the local environment.

Abstract translation: 一种移动设备，例如笔记本电脑或笔记本电脑，能够从至少两个环境启动。 如果存在远程环境，则移动设备可以从远程环境引导。 移动设备也可以从本地环境引导。

公开(公告)号：US20080162805A1

公开(公告)日：2008-07-03

申请号：US11619293

申请日：2007-01-03

Applicant: Randall S. Springfield ,  Daryl Cromer ,  Howard Locker ,  Rod D. Waltermann

Inventor： Randall S. Springfield ,  Daryl Cromer ,  Howard Locker ,  Rod D. Waltermann

IPC: G06F12/08

CPC classification number: G06F12/0866 ,  G06F2212/1044 ,  G06F2212/311

Abstract: A method for using non-addressable memory of a computer system is disclosed. Any system memory above an addressable memory limit of a computer system (i.e., non-addressable memory) is initially converted to a disk cache by a hypervisor. In response to a read request, the hypervisor intercepts the read request, and then sends the data for the read request from the disk cache to a read requestor if the data for the read request is available in the disk cache. In response to a write request, the hypervisor intercepts the write request, and then writes the data for the write request to the disk cache and updating corresponding disk cache tables.

Abstract translation: 公开了一种使用计算机系统的不可寻址存储器的方法。 高于计算机系统的可寻址存储器限制（即，不可寻址存储器）的任何系统存储器最初由管理程序转换为磁盘高速缓存。 响应于读取请求，管理程序拦截读取请求，然后将读取请求的数据从磁盘缓存发送到读取请求者，如果读取请求的数据在磁盘缓存中可用。 响应于写请求，管理程序拦截写请求，然后将写请求的数据写入磁盘缓存并更新对应的磁盘缓存表。

公开(公告)号：US20070244708A1

公开(公告)日：2007-10-18

申请号：US11403752

申请日：2006-04-13

Applicant: Howard Locker ,  Daryl Cromer ,  Randall Springfield ,  Rod Waltermann

Inventor： Howard Locker ,  Daryl Cromer ,  Randall Springfield ,  Rod Waltermann

IPC: G06Q10/00 ,  G06Q30/00

CPC classification number: G06F21/575 ,  G06F21/725 ,  G06Q30/0645

Abstract: Hacking a rental computer to use it beyond purchased rental time is prevented by plugging a time card with internal counter into a DIMM socket of the motherboard and encrypting the register locations of the time card with the private key of the motherboard to bind the time card to the motherboard. Thus, if the time card is not detected at boot or if it is removed during operation the computer is disabled. The counter counts down the rented time period as it receives clocking signals, and at the elapse of the purchased period disables the computer.

Abstract translation: 将出租计算机用于超出购买的租赁时间的情况下，可以通过将带有内部计数器的时间卡插入主板的DIMM插槽，并用主板的私钥将时间卡的注册位置加密，将时间卡绑定到 主板。 因此，如果在启动时未检测到时间卡，或者在操作期间删除了时间卡，则计算机被禁用。 计数器会收到租用的时间段，因为它收到时钟信号，并且在购买的时间段过去禁用计算机。

公开(公告)号：US20070240149A1

公开(公告)日：2007-10-11

申请号：US11394276

申请日：2006-03-29

Applicant: Daryl Cromer ,  Scott Kelso ,  Howard Locker ,  John Mese ,  Nathan Peterson ,  Randall Springfield ,  Rod Waltermann ,  Arnold Weksler

Inventor： Daryl Cromer ,  Scott Kelso ,  Howard Locker ,  John Mese ,  Nathan Peterson ,  Randall Springfield ,  Rod Waltermann ,  Arnold Weksler

IPC: G06F9/44

CPC classification number: G06F9/45541 ,  G06F9/45558 ,  G06F2009/45579

Abstract: A hypervisor-based system and method for downloading device driver updates that prevents confusion on the part of the driver update software as to which driver, physical or virtual, is being updated.

Abstract translation: 一种基于虚拟机管理程序的系统和方法，用于下载设备驱动程序更新，以防止驱动程序更新软件对物理或虚拟驱动程序进行更新的混乱。

公开(公告)号：US20070239996A1

公开(公告)日：2007-10-11

申请号：US11384465

申请日：2006-03-20

Applicant: Daryl Cromer ,  Howard Locker ,  Randall Springfield ,  Rod Waltermann

Inventor： Daryl Cromer ,  Howard Locker ,  Randall Springfield ,  Rod Waltermann

IPC: G06F12/14

CPC classification number: G06F21/575 ,  G06F21/79 ,  G06F2221/2129

Abstract: Serial presence data in the EEPROM of a DIMM is encrypted with the private key of the motherboard with which the DIMM is intended to be used, so that only BIOS of the intended motherboard can decrypt the SPD to complete booting.

Abstract translation: DIMM的EEPROM中的串行存在数据将使用要使用DIMM的主板的专用密钥加密，以便只有预期主板的BIOS可以解密SPD才能完成启动。

公开(公告)号：US20070234073A1

公开(公告)日：2007-10-04

申请号：US11396267

申请日：2006-03-31

Applicant: Daryl Cromer ,  Howard Locker ,  Randall Springfield ,  Rod Waltermann

Inventor： Daryl Cromer ,  Howard Locker ,  Randall Springfield ,  Rod Waltermann

IPC: G06F12/14

CPC classification number: G06F21/575 ,  G06F2221/2129

Abstract: A system, method, and computer readable medium are disclosed. The method includes automatically generating a set of security data. The security data is stored in non-volatile memory. The set of security data is also programmed into the data storage device as a security code.

Abstract translation: 公开了一种系统，方法和计算机可读介质。 该方法包括自动生成一组安全数据。 安全数据存储在非易失性存储器中。 该组安全数据也被编程到数据存储设备中作为安全码。