-
公开(公告)号:US08677117B2
公开(公告)日:2014-03-18
申请号:US10749583
申请日:2003-12-31
申请人: Daryl Carvis Cromer , Richard Alan Dayan , Joseph Wayne Freeman , Steven Dale Goodman , Eric Richard Kern , Howard Jeffrey Locker , Randall Scott Springfield
发明人: Daryl Carvis Cromer , Richard Alan Dayan , Joseph Wayne Freeman , Steven Dale Goodman , Eric Richard Kern , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: H04L29/06
CPC分类号: G06F9/4416 , G06F9/4401 , G06F9/4406 , G06F9/4408 , G06F15/177 , H04L29/12235 , H04L67/34 , H04N21/443
摘要: Systems and arrangements for remotely selecting a bootable image via a WOL packet for a wake-on-LAN (WOL) capable computer are contemplated. Server-side embodiments include hardware and/or software for determining a client to be managed, determining whether the client is active on the network, and transmitting a WOL packet having a vector, or operating system partition identification (OSPID), to describe a bootable image accessible by the WOL capable computer. Some embodiments may include an OSPID that points to a secure bootable image such as a bootable image on a hard drive, a compact disk (CD) connected to the computer, or other local resource. Client-side embodiments may receive the WOL packet at, for instance, a network interface card (NIC), recognize that the WOL packet includes an OSPID that describes the bootable image to boot, and implement an alternative boot sequence to boot from that bootable image.
-
72.发明授权System and method for protecting hidden protected area of HDD during operation 有权操作期间保护HDD隐藏保护区的系统和方法公开(公告)号:US07827376B2
公开(公告)日:2010-11-02
申请号:US11168088
申请日:2005-06-27
申请人: Nathan J. Peterson , Joseph Wayne Freeman , Rod David Waltermann , Randall Scott Springfield , Mark Charles Davis , Steven Dale Goodman , Howard Jeffrey Locker , Daryl Carvis Cromer
发明人: Nathan J. Peterson , Joseph Wayne Freeman , Rod David Waltermann , Randall Scott Springfield , Mark Charles Davis , Steven Dale Goodman , Howard Jeffrey Locker , Daryl Carvis Cromer
CPC分类号: G06F21/80
摘要: A “setmax” command is issued in BIOS to hide the service area (HPA) of a HDD during normal operation, so that the HPA cannot be accessed or erased inadvertently by the user or by a virus. Pressing a special key (e.g., F11) during booting permits access to the HPA.
摘要翻译: 在BIOS中发出“setmax”命令,以在正常操作期间隐藏HDD的服务区(HPA),使得HPA无法被用户或病毒无意中访问或擦除。 在启动过程中按特殊键(例如F11),可以访问HPA。
-
公开(公告)号:US07590870B2
公开(公告)日:2009-09-15
申请号:US10411454
申请日:2003-04-10
申请人: Ryan Charles Catherman , Steven Dale Goodman , James Patrick Hoff , Randall Scott Springfield , James Peter Ward
发明人: Ryan Charles Catherman , Steven Dale Goodman , James Patrick Hoff , Randall Scott Springfield , James Peter Ward
IPC分类号: G06F1/28
CPC分类号: G06F21/57 , G06F21/575
摘要: A computer system is presented which provides a trusted platform by which operations can be performed with an increased level trust and confidence. The basis of trust for the computer system is established by an encryption coprocessor and by code which interfaces with the encryption coprocessor and establishes root of trust metrics for the platform. The encryption coprocessor is built such that certain critical operations are allowed only if physical presence of an operator has been detected. Physical presence is determined by inference based upon the status of registers in the core chipset.
摘要翻译: 提出了一种计算机系统,其提供可信赖的平台,通过该平台可以以更高级别的信任和置信度执行操作。 计算机系统的信任基础由加密协处理器和与加密协处理器接口的代码建立,并为平台建立信任度量的根。 构建加密协处理器,使得仅当检测到操作者的物理存在时才允许某些关键操作。 基于核心芯片组中寄存器的状态的推理确定物理存在。
-
74.发明申请REDUCING THE BOOT TIME OF A TCPA BASED COMPUTING SYSTEM WHEN THE CORE ROOT OF TRUST MEASUREMENT IS EMBEDDED IN THE BOOT BLOCK CODE 有权当信任度测量的核心嵌入在引导块代码中时,减少基于TCP的计算系统的引导时间公开(公告)号:US20090204822A1
公开(公告)日:2009-08-13
申请号:US12426519
申请日:2009-04-20
CPC分类号: G06F21/572 , G06F21/575
摘要: A method, computer program product and system for reducing the boot time of a TCPA based computing system. A flash memory in the TCPA based computing system may include a register comprising bits configured to indicate whether the segments of the flash memory have been updated. The flash memory may further include a table configured to store measurements of the segments of the flash memory. The flash memory may further include a boot block code that includes a Core Root of Trust for Measurement (CRTM). The CRTM may read the bits in the register to determine if any of the segments of the flash memory have been updated. The CRTM may further obtain the measurement values in the table for those segments that store the POST BIOS code that have not been updated thereby saving time from measuring the POST BIOS code and consequently reducing the boot time.
摘要翻译: 一种用于减少基于TCPA的计算系统的启动时间的方法,计算机程序产品和系统。 基于TCPA的计算系统中的闪速存储器可以包括寄存器,其包括被配置为指示闪速存储器的段是否已被更新的位。 闪存可以进一步包括被配置为存储闪存的片段的测量的表。 闪速存储器还可以包括引导块代码,其包括用于测量的信任核心根(CRTM)。 CRTM可以读取寄存器中的位,以确定闪存中的任何段是否已更新。 CRTM可以进一步获得存储POST BIOS代码的那些片段的表中的测量值,从而节省了测量POST BIOS代码的时间,从而减少了引导时间。
-
公开(公告)号:US20080155075A1
公开(公告)日:2008-06-26
申请号:US11955886
申请日:2007-12-13
申请人: Daryl Carvis Cromer , Richard Alan Dayan , Joseph Wayne Freeman , Steven Dale Goodman , Eric Richard Kern , Howard Jeffrey Locker , Randall Scott Springfield
发明人: Daryl Carvis Cromer , Richard Alan Dayan , Joseph Wayne Freeman , Steven Dale Goodman , Eric Richard Kern , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: G06F15/177
CPC分类号: G06F9/4416 , G06F9/4401 , G06F9/4406 , G06F9/4408 , G06F15/177 , H04L29/12235 , H04L67/34 , H04N21/443
摘要: Systems and arrangements for remotely selecting a bootable image via a WOL packet for a wake-on-LAN (WOL) capable computer are contemplated. Server-side embodiments include hardware and/or software for determining a client to be managed, determining whether the client is active on the network, and transmitting a WOL packet having a vector, or operating system partition identification (OSPID), to describe a bootable image accessible by the WOL capable computer. Some embodiments may include an OSPID that points to a secure bootable image such as a bootable image on a hard drive, a compact disk (CD) connected to the computer, or other local resource. Client-side embodiments may receive the WOL packet at, for instance, a network interface card (NIC), recognize that the WOL packet includes an OSPID that describes the bootable image to boot, and implement an alternative boot sequence to boot from that bootable image.
摘要翻译: 可以考虑通过用于具有LAN唤醒(WOL)功能的计算机的WOL分组来远程选择可启动图像的系统和布置。 服务器端实施例包括用于确定要管理的客户机的硬件和/或软件,确定客户端是否在网络上是活动的,以及发送具有向量的WOL分组或操作系统分区标识(OSPID)来描述可引导的 WOL功能的计算机可访问的图像。 一些实施例可以包括指向安全可启动图像的OSPID,例如硬盘驱动器上的可引导映像,连接到计算机的光盘(CD)或其他本地资源。 客户端实施例可以在例如网络接口卡(NIC)处接收WOL分组,识别WOL分组包括描述可启动图像引导的OSPID,并且实现替代引导顺序以从该可启动图像引导 。
-
76.发明授权System and method for loading programs from HDD independent of operating system 有权从独立于操作系统的HDD加载程序的系统和方法公开(公告)号:US07366887B2
公开(公告)日:2008-04-29
申请号:US11179127
申请日:2005-07-11
申请人: Rod David Waltermann , Nathan J. Peterson , Joseph Wayne Freeman , Randall Scott Springfield , Mark Charles Davis , Steven Dale Goodman , Isaac Karpel , Scott Edwards Kelso
发明人: Rod David Waltermann , Nathan J. Peterson , Joseph Wayne Freeman , Randall Scott Springfield , Mark Charles Davis , Steven Dale Goodman , Isaac Karpel , Scott Edwards Kelso
IPC分类号: G06F7/00
CPC分类号: G06F9/4406
摘要: A method for booting into computer memory a non-operating system (O.S.) program from a hard disk drive (HDD) prior to booting into memory an O.S. from the HDD. The method includes establishing a table of contents (TOC) on the HDD that contains entries for special O.S. programs. A pointer to the TOC is placed in non-volatile memory of the computer that is associated with the HDD, and when BIOS of the computer is prompted to load into memory one of the special O.S. programs, the pointer is accessed and used to locate the TOC, which in turn is accessed to load the special O.S. program.
摘要翻译: 一种在引导到存储器之前从硬盘驱动器(HDD)引导到计算机存储器的非操作系统(O.S.)程序的方法。 从硬盘。 该方法包括在HDD上建立内容表(TOC),其中包含特殊O.S.的条目。 程式。 指向TOC的指针被放置在与HDD相关联的计算机的非易失性存储器中,并且当计算机的BIOS被提示加载到存储器中时,特别的O.S. 程序中,指针被访问并用于定位TOC,而后者又被访问以加载特殊的O.S. 程序。
-
公开(公告)号:US06925557B2
公开(公告)日:2005-08-02
申请号:US10055452
申请日:2001-10-26
申请人: Daryl Carvis Cromer , Joseph Wayne Freeman , Steven Dale Goodman , Eric Richard Kern , Randall Scott Springfield
发明人: Daryl Carvis Cromer , Joseph Wayne Freeman , Steven Dale Goodman , Eric Richard Kern , Randall Scott Springfield
IPC分类号: G06F9/445 , G06F15/177 , G06F21/57 , G06F13/00
CPC分类号: G06F21/575 , G06F9/4406 , G06F15/177
摘要: A method, system and computer readable medium containing programming instructions for booting a computer system having a plurality of devices is disclosed. They include provisions for initiating a boot sequence in the computer system and determining whether a device of the plurality of devices is either a bootable device or a nonbootable device. If the device is a nonbootable device, a clean restart of the boot sequence is performed, wherein the nonbootable device is bypassed during the clean restart.
摘要翻译: 公开了一种包含用于启动具有多个设备的计算机系统的编程指令的方法,系统和计算机可读介质。 它们包括在计算机系统中启动引导顺序并确定多个设备中的设备是可引导设备还是不可引导设备的规定。 如果设备是不可引导设备,则执行启动顺序的干净重新启动,其中在干净重新启动期间将绕过不可引导设备。
-
78.发明授权公开(公告)号:US06892305B1
公开(公告)日:2005-05-10
申请号:US09689460
申请日:2000-10-12
申请人: Richard Alan Dayan , Steven Dale Goodman , Joseph Michael Pennisi , Randall Scott Springfield , James Peter Ward , Joseph Wayne Freeman
发明人: Richard Alan Dayan , Steven Dale Goodman , Joseph Michael Pennisi , Randall Scott Springfield , James Peter Ward , Joseph Wayne Freeman
CPC分类号: G06F21/575
摘要: A method and system for booting up a computer system in a secure fashion is disclosed. The method and system comprise determining the presence of a security feature element during an initialization of the computer system wherein the security feature element includes a public key and a corresponding private key, storing a portion of the public key in a nonvolatile memory within the computer system if the security feature element is present and utilizing an algorithm to determine the presence of the security feature element prior to a subsequent boot-up of the computer system. Through the use of the present invention, a computer system is capable of being booted up whereby the computer system determines if a security feature element was previously present in the system. If a security feature element was previously present in the computer system, any stored keys, along with the secrets that they protect, are prevented from being compromised. It is also an object of the present invention to preclude the system from compromising any keys and associated secrets if a security feature element in the system was not previously present in the system.
摘要翻译: 公开了一种以安全方式引导计算机系统的方法和系统。 该方法和系统包括在计算机系统的初始化期间确定安全特征元素的存在,其中安全特征元素包括公共密钥和相应的私钥,将公钥的一部分存储在计算机系统内的非易失性存储器中 如果存在安全特征元素并且利用算法来确定在计算机系统的后续引导之前的安全特征元素的存在。 通过使用本发明,计算机系统能够被启动,由此计算机系统确定安全特征元素是否先前存在于系统中。 如果安全特征元素以前存在于计算机系统中,则防止任何存储的密钥以及它们保护的秘密被泄露。 如果系统中的安全特征元素先前不存在于系统中,则本发明的另一个目的是排除系统损害任何密钥和相关联的秘密。
-
79.发明授权Method of providing enhanced security in a remotely managed computer system 有权在远程管理的计算机系统中提供增强的安全性的方法公开(公告)号:US06823464B2
公开(公告)日:2004-11-23
申请号:US09793239
申请日:2001-02-26
申请人: Daryl Carvis Cromer , Joseph Wayne Freeman , Steven Dale Goodman , Randall Scott Springfield , James Peter Ward
发明人: Daryl Carvis Cromer , Joseph Wayne Freeman , Steven Dale Goodman , Randall Scott Springfield , James Peter Ward
IPC分类号: G06F124
CPC分类号: G06F21/305 , G06F21/57
摘要: Authentication of an entity remotely managing a data processing system is enabled to allow changes by the remote entity to hard-locked critical security information normally accessible only during the POST and only to trusted entities such as the system BIOS. The remote entity builds a change request and generates a hash from the change request with a current password appended. The change request and the hash are stored in a lockable non-volatile buffer which, once locked, requires a system reset to access. During the next POST, a trusted entity such as the system BIOS reads the change request, generates an authentication hash from the change request and the current password within the hard-locked security information, and compares the buffered hash with the generated hash. If a match is determined, the security information is updated; otherwise a tamper error is reported.
摘要翻译: 允许远程管理数据处理系统的实体的认证允许远程实体更改硬锁定通常只能在POST期间可访问的关键安全性信息,并且只允许受信任的实体(如系统BIOS)。 远程实体构建更改请求,并从附加当前密码的更改请求生成哈希值。 更改请求和哈希存储在可锁定的非易失性缓冲区中,该缓冲区一旦被锁定就需要系统重置才能访问。 在下一个POST期间,诸如系统BIOS的受信任的实体读取更改请求,从改变请求中生成认证散列,并在硬锁定的安全信息内生成当前密码,并将缓冲的散列与生成的散列进行比较。 如果确定匹配,则更新安全信息; 否则报告篡改错误。
-
公开(公告)号:US09354857B2
公开(公告)日:2016-05-31
申请号:US12051301
申请日:2008-03-19
CPC分类号: G06F8/65 , G06F3/0601 , G06F2003/0697 , Y02D10/42
摘要: A system, method, and program product is provided that updates the firmware on a hybrid drive by reserving a memory area within the hybrid disk drive's nonvolatile memory buffer. The firmware update is then stored in the reserved memory area. The next time the platters of the hybrid disk drive spin up, the firmware update that is stored in the reserved memory area is identified. The identified update is then written to a firmware memory of a firmware that controls the operation of the hybrid drive. In one embodiment, the update is written to the firmware memory by flashing the firmware's memory. After the firmware is updated, the hybrid drive is reset. Resetting of the hybrid drive includes executing the updated firmware.
摘要翻译: 提供了一种系统,方法和程序产品,其通过在混合磁盘驱动器的非易失性存储器缓冲器内预留存储器区域来更新混合驱动器上的固件。 然后将固件更新存储在保留的存储器区域中。 混合磁盘驱动器的下一次盘旋时,识别存储在保留存储器区域中的固件更新。 然后将所识别的更新写入控制混合驱动器的操作的固件的固件存储器。 在一个实施例中,通过闪烁固件的存储器将更新写入固件存储器。 固件更新后,混合驱动器将被复位。 混合驱动器的复位包括执行更新的固件。
-
-
-
-
-
-
-
-
-
搜索结果
170 条记录 (耗时 0.034 秒)
