公开(公告)号：US08473747B2

公开(公告)日：2013-06-25

申请号：US13049050

申请日：2011-03-16

Applicant: Randall S. Springfield ,  Joseph M. Pennisi ,  Howard Locker ,  Kenneth S. Seethaler

Inventor： Randall S. Springfield ,  Joseph M. Pennisi ,  Howard Locker ,  Kenneth S. Seethaler

IPC: G06F21/00

CPC classification number: G06F21/575

Abstract: Systems, methods and products are described that provide secure boot with a minimum number of re-boots. One aspect provides a method including receiving an indication to boot from a power off state at a computing device; responsive to authenticating a user at one or more input devices, releasing a value derived from authenticating the user at the one or more input devices; responsive to releasing the value, unlocking one or more encrypted drives with a previously established alternate credential; and thereafter proceeding to boot from the power off state. By not having to call the non-BIOS software each boot, this minimizes the number of reboots for each boot cycle.

Abstract translation: 描述了系统，方法和产品，提供了最少数量的重新启动的安全启动。 一方面提供一种方法，包括从计算设备处的关闭电源状态接收指示以引导; 响应于在一个或多个输入设备处认证用户，释放在所述一个或多个输入设备处认证用户导出的值; 响应于释放该值，用先前建立的替代证书解锁一个或多个加密的驱动器; 然后从断电状态开始引导。 通过不必每次启动都调用非BIOS软件，这样可以最大限度地减少每个启动周期的重新启动次数。

公开(公告)号：US08397231B2

公开(公告)日：2013-03-12

申请号：US11394655

申请日：2006-03-31

Applicant: Howard J. Locker ,  Daryl Cromer ,  Randall S. Springfield ,  Rod D. Walterman

Inventor： Howard J. Locker ,  Daryl Cromer ,  Randall S. Springfield ,  Rod D. Walterman

IPC: G06F9/455 ,  G06F11/00

CPC classification number: G06F11/0712 ,  G06F11/0757

Abstract: Hypervisors are a new technology in the industry that enable multiple Operating Systems to co-exist on a single client. The use of a hypervisor provides a novel approach to determining the operability of an Operating System. Each Operating System is a virtualized Operating System, with its own IP address. According to a preferred embodiment, the capability Operating System has an application that is a monitor program that runs and provides information that is sent to the maintenance Operating System. The monitor program sends a status packet at regular intervals, which contains system power state and is a confirmation that the system is not hung. If the maintenance Operating System does not receive a packet at a regular interval, or in response to a query, then the maintenance Operating System will be aware that the capability Operating System is hung and will take appropriate measures.

Abstract translation: 管理程序是行业中的一项新技术，可使多个操作系统在单个客户端上共存。 使用管理程序提供了一种确定操作系统可操作性的新颖方法。 每个操作系统都是一个虚拟化的操作系统，具有自己的IP地址。 根据优选实施例，能力操作系统具有作为运行并提供发送到维护操作系统的信息的监视程序的应用程序。 监控程序定期发送状态数据包，其中包含系统电源状态，并确认系统未挂起。 如果维护操作系统没有定期接收数据包或响应查询，则维护操作系统将会意识到操作系统的功能挂起并将采取适当的措施。

公开(公告)号：US08205248B2

公开(公告)日：2012-06-19

申请号：US11865048

申请日：2007-09-30

Applicant: David C. Challener ,  Daryl Cromer ,  Howard Locker ,  Randall S. Springfield

Inventor： David C. Challener ,  Daryl Cromer ,  Howard Locker ,  Randall S. Springfield

IPC: G06F7/04 ,  H04L9/32

CPC classification number: G06F21/57 ,  H04L63/12

Abstract: In a system with a main memory, a network adapter, and a display, a transaction security module in communication with the network adapter. The transaction security module acts to: establish a secure identification item with an entity which positively identifies the entity; accept an application OS of the entity; and initiate a guest OS with the entity; the network adapter acting to connect with the entity subsequent to initiation of a guest OS; and the display acting to display the secure identification item subsequent to connection with the entity.

Abstract translation: 在具有主存储器，网络适配器和显示器的系统中，与网络适配器通信的事务安全模块。 交易安全模块用于：建立一个安全的识别项目，该实体确实标识该实体; 接受实体的应用程序OS; 并与实体发起客户操作系统; 所述网络适配器在发起客户操作系统之后与所述实体进行连接; 以及显示器，用于在与所述实体连接之后显示所述安全识别项目。

公开(公告)号：US08151104B2

公开(公告)日：2012-04-03

申请号：US12147681

申请日：2008-06-27

Applicant: Randall S. Springfield ,  Howard Locker ,  David C. Challener ,  Joseph M. Pennisi

Inventor： Randall S. Springfield ,  Howard Locker ,  David C. Challener ,  Joseph M. Pennisi

IPC: G06F15/177

CPC classification number: G06F9/4401

Abstract: The employment of a process of applying user-defined defaults to a management engine or analogous arrangement, wherein a system BIOS calls or recalls such defaults, as needed, from NVRAM responsive to the need for a reset of defaults.

Abstract translation: 使用将用户定义的默认值应用于管理引擎或类似安排的过程，其中系统BIOS响应于需要重置默认值，根据需要从NVRAM中调用或调用这样的默认值。

公开(公告)号：US20110238541A1

公开(公告)日：2011-09-29

申请号：US12748423

申请日：2010-03-28

Applicant: David C. Challener ,  Richard W. Cheston ,  Randall S. Springfield ,  Howard J. Locker

Inventor： David C. Challener ,  Richard W. Cheston ,  Randall S. Springfield ,  Howard J. Locker

IPC: G06F21/24 ,  G06Q10/00 ,  G06Q40/00 ,  G06F9/455

CPC classification number: G06Q20/40 ,  G06Q20/38215 ,  G06Q20/3825 ,  G06Q40/02 ,  G06Q40/12 ,  G06Q50/265

Abstract: An exemplary method includes transmitting, via a network interface, at least a currency amount in an attempt to confirm a financial transaction; responsive to the transmitting, receiving a confirmation indicator for the financial transaction; storing at least the currency amount in non-volatile memory; hashing at least the currency amount to generate a hash and storing the hash in a secure non-volatile memory; hashing at least the currency amount stored in the non-volatile memory to generate a verification hash; and in an attempt to verify at least the financial transaction, comparing the verification hash to the hash stored in the secure non-volatile memory. Various other apparatuses, systems, methods, etc., are also disclosed.

Abstract translation: 一种示例性方法包括经由网络接口​​至少发送货币金额来尝试确认金融交易; 响应于发送，接收金融交易的确认指标; 将至少存储在非易失性存储器中的货币量; 至少散列货币量以产生散列并将散列存储在安全的非易失性存储器中; 至少散列存储在非易失性存储器中的货币量以产生验证散列; 并且尝试至少验证金融交易，将验证散列与存储在安全非易失性存储器中的散列进行比较。 还公开了各种其它装置，系统，方法等。

公开(公告)号：US20100250959A1

公开(公告)日：2010-09-30

申请号：US12415495

申请日：2009-03-31

Applicant: David C. Challener ,  Steven D. Goodman ,  Randall S. Springfield ,  Jeffrey R. Hobbet

Inventor： David C. Challener ,  Steven D. Goodman ,  Randall S. Springfield ,  Jeffrey R. Hobbet

IPC: G06F12/14 ,  H04L9/00 ,  G06F12/16

CPC classification number: H04L9/0897 ,  G06F11/1662 ,  G06F11/2094 ,  H04L9/3226

Abstract: The invention broadly contemplates a security solution for storage devices that is inexpensive and robust. The invention allows a store of system specific data to be used to release the hard disk key of full-disk encryption (FDE) drives. This system specific data is passed to the FDE drives and used to calculate the actual encryption key. This allows for safe disposal of an FDE drive containing confidential data, as the lack of available system specific decryption data makes decryption virtually impossible.

Abstract translation: 本发明广泛地考虑了廉价且鲁棒的存储设备的安全解决方案。 本发明允许存储系统特定数据以释放全盘加密（FDE）驱动器的硬盘密钥。 该系统的特定数据被传递到FDE驱动器并用于计算实际的加密密钥。 这允许安全处理包含机密数据的FDE驱动器，因为缺少可用的系统特定解密数据使解密几乎不可能。

公开(公告)号：US07765407B2

公开(公告)日：2010-07-27

申请号：US11612092

申请日：2006-12-18

Applicant: Howard Locker ,  Daryl Cromer ,  Randall S. Springfield ,  Rod D. Waltermann

Inventor： Howard Locker ,  Daryl Cromer ,  Randall S. Springfield ,  Rod D. Waltermann

IPC: G06F21/00

CPC classification number: G06F21/575

Abstract: A method for providing centralized user authorization to allow secure sign-on to a computer system is disclosed. In response to a user attempting to boot up a computer system, a message is sent to a trusted server by a hypervisor within the computer to request a new hard drive password for the computer system. If the user is not authorized to access the computer system, a packet is sent by the trusted server to instruct the hypervisor to stop any boot process on the computer system. If the user is authorized to access the computer system, a packet containing a partial hard drive password is sent by the trusted server to the computer system. The packet is then encrypted with a system public key by the computer system to yield the partial hard drive password. The computer system subsequently combines the partial hard drive password with a user password to generate a new complete hard drive password to continue with the boot process.

Abstract translation: 公开了一种用于提供集中式用户授权以允许对计算机系统进行安全登录的方法。 响应于尝试启动计算机系统的用户，由计算机内的虚拟机管理程序向可信服务器发送消息，以请求计算机系统的新的硬盘驱动器密码。 如果用户没有权限访问计算机系统，则可信服务器发送一个数据包，以指示管理程序停止计算机系统上的任何引导过程。 如果用户被授权访问计算机系统，则包含部分硬盘驱动器密码的分组由可信服务器发送到计算机系统。 然后，计算机系统使用系统公钥对数据包进行加密，以产生部分硬盘驱动器密码。 计算机系统随后将部分硬盘驱动器密码与用户密码相结合，以生成新的完整硬盘驱动器密码，以继续引导过程。

公开(公告)号：US20100083357A1

公开(公告)日：2010-04-01

申请号：US12242340

申请日：2008-09-30

Applicant: David C. Challener ,  Howard J. Locker ,  Mark C. Davis ,  Daryl C. Cromer ,  Randall S. Springfield

Inventor： David C. Challener ,  Howard J. Locker ,  Mark C. Davis ,  Daryl C. Cromer ,  Randall S. Springfield

IPC: G06F21/00

CPC classification number: G06F21/32 ,  G06F21/575 ,  G06F2221/2115

Abstract: Systems and arrangements for permitting the transmission of fingerprint authentication data to a system remotely, while also permitting the system to employ such data as well as passwords in order to operate a computer system, while ensuring a reliable level of security for any group or organization using such systems and arrangements.

Abstract translation: 允许将指纹认证数据远程传输到系统的系统和布置，同时还允许系统采用这样的数据和密码以操作计算机系统，同时确保任何组或组织使用可靠的安全级别 这样的系统和安排。

公开(公告)号：US20090222651A1

公开(公告)日：2009-09-03

申请号：US12040829

申请日：2008-02-29

Applicant: David C. Challener ,  Daryl Cromer ,  Justin T. Dubs ,  Howard Locker ,  James S. Rutledge ,  Randall S. Springfield ,  James J. Thrasher ,  Michael T. Vanover

Inventor： David C. Challener ,  Daryl Cromer ,  Justin T. Dubs ,  Howard Locker ,  James S. Rutledge ,  Randall S. Springfield ,  James J. Thrasher ,  Michael T. Vanover

IPC: G06F15/16 ,  G06F9/00

CPC classification number: G06F9/4418

Abstract: Arrangements for employing a system BIOS (basic input/output system) to handle email during a suspended state (such as an “S3” state as will be better understood herebelow). Preferably, the BIOS is employed to “jump” between two suspended images such that, e.g., two more powerful OS's can be employed to manage the mail function.

Abstract translation: 使用系统BIOS（基本输入/输出系统）在暂停状态下处理电子邮件（例如“S3”状态，以下将被更好地理解）的安排。 优选地，使用BIOS来在两个悬挂图像之间“跳转”，使得例如可以使用两个更强大的OS来管理邮件功能。

公开(公告)号：US20090089875A1

公开(公告)日：2009-04-02

申请号：US11865048

申请日：2007-09-30

Applicant: David C. Challener ,  Daryl Cromer ,  Howard Locker ,  Randall S. Springfield

Inventor： David C. Challener ,  Daryl Cromer ,  Howard Locker ,  Randall S. Springfield

IPC: H04L9/32

CPC classification number: G06F21/57 ,  H04L63/12

Abstract: In a system with a main memory, a network adapter, and a display, a transaction security module in communication with the network adapter. The transaction security module acts to: establish a secure identification item with an entity which positively identifies the entity; accept an application OS of the entity; and initiate a guest OS with the entity; the network adapter acting to connect with the entity subsequent to initiation of a guest OS; and the display acting to display the secure identification item subsequent to connection with the entity.

Abstract translation: 在具有主存储器，网络适配器和显示器的系统中，与网络适配器通信的事务安全模块。 交易安全模块用于：建立一个安全的识别项目，该实体确实标识该实体; 接受实体的应用程序OS; 并与实体发起客户操作系统; 所述网络适配器在发起客户操作系统之后与所述实体进行连接; 以及显示器，用于在与所述实体连接之后显示所述安全识别项目。