-
公开(公告)号:US20080155277A1
公开(公告)日:2008-06-26
申请号:US11644686
申请日:2006-12-26
IPC分类号: G06F12/14
CPC分类号: G06F21/57 , G06F2221/2105
摘要: An apparatus, method, and system are disclosed. In one embodiment, the apparatus comprises a trusted platform module to store a plurality of contexts, wherein each context includes stored security information for one of a plurality of physical partitions in a computer system.
摘要翻译: 公开了一种装置,方法和系统。 在一个实施例中,该装置包括用于存储多个上下文的可信平台模块,其中每个上下文包括用于计算机系统中的多个物理分区之一的存储的安全信息。
-
公开(公告)号:US07127579B2
公开(公告)日:2006-10-24
申请号:US10107882
申请日:2002-03-26
申请人: Vincent J. Zimmer , Mallik Bulusu
发明人: Vincent J. Zimmer , Mallik Bulusu
IPC分类号: G06F12/00
CPC分类号: G06F21/57 , G06F12/1458
摘要: A method of system for hardening a firmware environment. A trusted core framework of firmware components are segregated from initially non-trustworthy extended firmware components such that the trusted core components are executed in a privileged processor mode, while the extended firmware components are executed in a non-privileged processor mode. An authentication of each extended firmware component is made to determine whether it is secure or non-secure. Through a memory code fault mechanism, memory accesses made by the extended firmware components are trapped, and a determination is made to whether the memory accesses should be allowed based on whether the extended firmware component is secure or non-secure and whether the requested memory page was allocated by the trusted core or a secure extended firmware component. This segregation scheme prevents non-trusted firmware from accessing privileged memory, thereby preventing rogue, errant, or malicious firmware from damaging the trusted core framework.
-
63.发明授权Enhanced network and local boot of Unified Extensible Firmware Interface images 有权增强的网络和本地启动的统一可扩展固件接口映像公开(公告)号:US08583908B2
公开(公告)日:2013-11-12
申请号:US11968032
申请日:2007-12-31
IPC分类号: G06F15/177 , G06F7/04
CPC分类号: G06F9/4401
摘要: Techniques and architectures to provide high assurance image invocation in a pre-boot environment. These techniques may augment implementations of the Unified Extensible Firmware Interface (UEFI) to invoke UEFI images using Trusted Execution Technology (TXT). This can operate to combine pre-boot secure flows, such as UEFI image invocation, with the secure launch instruction set extensions of TXT. This may entail combination of the UEFI StartImage instruction with the SMX leaf SENTER instruction. This may operate to allow original equipment manufacturer (OEM) firmware as a guard and that uses UEFI and TXT access control logic at the same instance to pass control to the operating system (OS).
摘要翻译: 技术和架构,可在预引导环境中提供高度保证的图像调用。 这些技术可以增加统一可扩展固件接口(UEFI)的实现,以使用可信执行技术(TXT)来调用UEFI图像。 这可以将预引导安全流(例如UEFI映像调用)与TXT的安全启动指令集扩展相结合。 这可能需要UEFI StartImage指令与SMX叶SENTER指令的组合。 这可能会使原始设备制造商(OEM)固件成为防护装置,并且在同一实例中使用UEFI和TXT访问控制逻辑将控制权传给操作系统(OS)。
-
公开(公告)号:US07647474B2
公开(公告)日:2010-01-12
申请号:US11236089
申请日:2005-09-27
CPC分类号: G06F11/1441 , G06F1/305
摘要: Embodiments of a method and system for saving system context after a power outage are disclosed herein. A power agent operates to reduce the possibility of data corruption due to partially written data during an unexpected power outage. The power agent can determine an amount of time remaining before a power store is depleted. Based on the amount of time, the power agent can store system context information. Correspondingly, the power agent can operate to save complete system context, partial system context, or flush (I/O) buffers. Once power is restored, the power agent can restore the system context based on the nature of the save. Other embodiments are described and claimed.
摘要翻译: 本文公开了在停电之后保存系统上下文的方法和系统的实施例。 电力代理人可以在意外停电期间减少部分写入的数据造成数据损坏的可能性。 电力代理可以确定电力储存耗尽之前的剩余时间。 基于时间量,电源代理可以存储系统上下文信息。 相应地,电源代理可以操作以保存完整的系统上下文,部分系统上下文或刷新(I / O)缓冲器。 一旦电源恢复,电源代理可以根据保存的性质恢复系统上下文。 描述和要求保护其他实施例。
-
65.发明申请ENHANCED NETWORK AND LOCAL BOOT OF UNIFIED EXTENSIBLE FIRMWARE INTERFACE IMAGES 有权增强的网络和本地引导统一的可扩展的固件界面图像公开(公告)号:US20090172381A1
公开(公告)日:2009-07-02
申请号:US11968032
申请日:2007-12-31
IPC分类号: G06F9/00
CPC分类号: G06F9/4401
摘要: Techniques and architectures to provide high assurance image invocation in a pre-boot environment. These techniques may augment implementations of the Unified Extensible Firmware Interface (UEFI) to invoke UEFI images using Trusted Execution Technology (TXT). This can operate to combine pre-boot secure flows, such as UEFI image invocation, with the secure launch instruction set extensions of TXT. This may entail combination of the UEFI StartImage instruction with the SMX leaf SENTER instruction. This may operate to allow original equipment manufacturer (OEM) firmware as a guard and that uses UEFI and TXT access control logic at the same instance to pass control to the operating system (OS).
摘要翻译: 技术和架构,可在预引导环境中提供高度保证的图像调用。 这些技术可以增加统一可扩展固件接口(UEFI)的实现,以使用可信执行技术(TXT)来调用UEFI图像。 这可以将预引导安全流(例如UEFI映像调用)与TXT的安全启动指令集扩展相结合。 这可能需要UEFI StartImage指令与SMX叶SENTER指令的组合。 这可能会使原始设备制造商(OEM)固件成为防护装置,并且在同一实例中使用UEFI和TXT访问控制逻辑将控制权传给操作系统(OS)。
-
66.发明授权Using multiple non-volatile memory devices to store data in a computer system 有权使用多个非易失性存储设备将数据存储在计算机系统中公开(公告)号:US07406560B2
公开(公告)日:2008-07-29
申请号:US11425685
申请日:2006-06-21
IPC分类号: G06F12/00
CPC分类号: G06F12/0891 , G06F12/0897 , G06F2212/2022 , G11C11/005 , G11C16/102
摘要: Provided are a method, system, and machine readable medium for using multiple non-volatile memory devices to store data in a computer system. Access to a first and second memory devices are managed. The first memory device has faster read access and slower write access relative to the second memory device and the second memory device has slower read access and faster write access relative to the first memory device. Write requests to the first memory device are cached in the second memory device.
摘要翻译: 提供了一种用于使用多个非易失性存储器设备在计算机系统中存储数据的方法,系统和机器可读介质。 管理对第一和第二存储器件的访问。 第一存储器设备相对于第二存储器设备具有更快的读取访问速度和较慢的写入访问,并且第二存储器设备具有相对于第一存储器设备的较慢的读取访问和更快的写入访问。 对第一存储器件的写请求被缓存在第二存储器件中。
-
67.发明授权Methods and apparatus for event based console variable coherence maintenance in a pre-boot environment 失效在预引导环境下,基于事件的控制台变量一致性维护的方法和装置公开(公告)号:US07143277B2
公开(公告)日:2006-11-28
申请号:US10223418
申请日:2002-08-19
申请人: Mallik Bulusu , Vincent J. Zimmer
发明人: Mallik Bulusu , Vincent J. Zimmer
IPC分类号: G06F11/00
CPC分类号: G06F9/4406
摘要: Methods and apparatus for event based console management in a pre-boot environment are disclosed. For example, an event handler is provided for use in a computer having a processor. The example event handler includes a console maintenance agent in communication with the controller to monitor the computer and a driver monitor in communication with the controller to monitor a first driver. The event handler also includes an error monitor in communication with the controller to monitor the computer for a system error and a driver loader in communication with the controller to load a second driver for a console.
摘要翻译: 公开了在预引导环境中用于基于事件的控制台管理的方法和装置。 例如,提供了一种用于具有处理器的计算机中的事件处理程序。 示例事件处理程序包括与控制器通信以监视计算机的控制台维护代理和与控制器通信的驱动器监视器以监视第一驱动程序。 事件处理程序还包括与控制器通信的错误监视器,以监视计算机的系统错误,以及与控制器通信的驱动程序加载器,以加载控制台的第二个驱动程序。
-
公开(公告)号:US08533526B2
公开(公告)日:2013-09-10
申请号:US13647154
申请日:2012-10-08
申请人: Robert C. Swanson , Mallik Bulusu
发明人: Robert C. Swanson , Mallik Bulusu
IPC分类号: G06F11/07
CPC分类号: G06F11/1666 , G06F11/1658 , G06F11/20
摘要: In one embodiment, the present invention includes a method for receiving an indication of a loss of redundancy with respect to a pair of mirrored memory regions of a partially redundant memory system, determining new mirrored memory regions, and dynamically migrating information stored in the original mirrored memory regions to the new mirrored memory regions. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,本发明包括一种用于接收相对于部分冗余存储器系统的一对镜像存储器区域的冗余丢失的指示的方法,确定新的镜像存储器区域以及动态迁移存储在原始镜像中的信息 内存区域到新的镜像内存区域。 描述和要求保护其他实施例。
-
公开(公告)号:US20110154103A1
公开(公告)日:2011-06-23
申请号:US12643345
申请日:2009-12-21
申请人: Mallik Bulusu , Robert C. Swanson
发明人: Mallik Bulusu , Robert C. Swanson
CPC分类号: G06F11/1666 , G06F11/1658 , G06F11/20
摘要: In one embodiment, the present invention includes a method for receiving an indication of a loss of redundancy with respect to a pair of mirrored memory regions of a partially redundant memory system, determining new mirrored memory regions, and dynamically migrating information stored in the original mirrored memory regions to the new mirrored memory regions. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,本发明包括一种用于接收相对于部分冗余存储器系统的一对镜像存储器区域的冗余丢失的指示的方法,确定新的镜像存储器区域以及动态迁移存储在原始镜像中的信息 内存区域到新的镜像内存区域。 描述和要求保护其他实施例。
-
公开(公告)号:US20130031322A1
公开(公告)日:2013-01-31
申请号:US13647154
申请日:2012-10-08
申请人: Mallik Bulusu , Robert C. Swanson
发明人: Mallik Bulusu , Robert C. Swanson
IPC分类号: G06F12/16
CPC分类号: G06F11/1666 , G06F11/1658 , G06F11/20
摘要: In one embodiment, the present invention includes a method for receiving an indication of a loss of redundancy with respect to a pair of mirrored memory regions of a partially redundant memory system, determining new mirrored memory regions, and dynamically migrating information stored in the original mirrored memory regions to the new mirrored memory regions. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,本发明包括一种用于接收相对于部分冗余存储器系统的一对镜像存储器区域的冗余丢失的指示的方法,确定新的镜像存储器区域以及动态迁移存储在原始镜像中的信息 内存区域到新的镜像内存区域。 描述和要求保护其他实施例。
-
-
-
-
-
-
-
-
-
搜索结果
104 条记录 (耗时 0.029 秒)
