-
71.发明申请APPARATUS, SYSTEM, AND METHOD FOR AUTHENTICATION OF A CORE ROOT OF TRUST MEASUREMENT CHAIN 有权用于认证信任测量链的核心的装置,系统和方法公开(公告)号:US20080148064A1
公开(公告)日:2008-06-19
申请号:US11612367
申请日:2006-12-18
IPC分类号: G06F12/14
CPC分类号: G06F21/57 , G06F2221/2153
摘要: An apparatus, system, and method are disclosed for authentication of a core root of trust measurement chain. The apparatus for authentication of a CRTM chain is provided with a plurality of modules configured to carry out the steps of retrieving a decryption key from a predetermined location on the device selected for authentication, decrypting an authentication signal using the decryption key, and communicating the decrypted authentication signal to a user. In the described embodiments, these modules include a retrieval module, a decryption module, and a communication module. Beneficially, such an apparatus, system, and method would reliably verify that a link in the CRTM chain has not been corrupted, modified, or infected with a computer virus. Specifically, such an apparatus, system, and method would enable verification that the hypervisor has not been corrupted, modified, or infected with a computer virus.
摘要翻译: 公开了用于认证信任度量链核心根的装置,系统和方法。 用于认证CRTM链的装置设置有多个模块,其被配置为执行从所选择的用于认证的设备上的预定位置检索解密密钥的步骤,使用解密密钥解密认证信号,以及传送解密密钥 认证信号给用户。 在所描述的实施例中,这些模块包括检索模块,解密模块和通信模块。 有利的是,这样的装置,系统和方法可以可靠地验证CRTM链中的链路没有被破坏,修改或感染计算机病毒。 具体来说,这样的装置,系统和方法将能够验证管理程序没有被计算机病毒破坏,修改或感染。
-
72.发明申请Apparatus and method for assuring secure disposal of a hard disk drive unit 有权用于确保硬盘驱动单元的安全处理的装置和方法公开(公告)号:US20080046998A1
公开(公告)日:2008-02-21
申请号:US11493952
申请日:2006-07-27
IPC分类号: G06F12/14
CPC分类号: G06F21/805 , G06F2221/2143
摘要: A hard disk drive unit includes a microprocessor programmed to erase data stored within the drive unit if it is determined that a process potentially leading to a misuse of the data stored within the drive unit, and if secure disposal configuration data stored in nonvolatile storage within the drive indicates that the data is to be erased. Such a process includes initializing the drive unit for operation without providing a password matching a password stored in the drive unit, initializing the drive unit in a system not having CMOS configuration data matching the drive unit, and determining that a failure rate within the drive unit exceeds a threshold level.
摘要翻译: 如果确定可能导致误用存储在驱动单元内的数据的过程,以及如果存储在驱动单元内的非易失性存储器中的安全处理配置数据,则硬盘驱动器单元包括被编程为擦除存储在驱动单元内的数据的微处理器 驱动器指示要擦除的数据。 这样的处理包括初始化用于操作的驱动单元,而不提供与存储在驱动单元中的密码匹配的密码,在不具有与驱动单元匹配的CMOS配置数据的系统中初始化驱动单元,以及确定驱动单元内的故障率 超过阈值水平。
-
公开(公告)号:US09495562B2
公开(公告)日:2016-11-15
申请号:US13189837
申请日:2011-07-25
申请人: David Rivera , Rod D. Waltermann
发明人: David Rivera , Rod D. Waltermann
CPC分类号: G06F21/78 , G06F3/0614 , G06F3/0644 , G06F2221/2105
摘要: Devices, methods and products are described that provide removable storage device data protection. One aspect provides a method comprising: ascertaining a protected removable storage device connected to an information handling device, said protected removable storage device having a first partition for storing data according to a first file system type, and a second partition for storing user data according to a second file system type; and responsive to said information handling device recognizing said second file system type, querying for user credentials to decrypt a data encryption key used to encrypt said user data of said second partition. Other embodiments are described.
摘要翻译: 描述了提供可移动存储设备数据保护的设备,方法和产品。 一个方面提供一种方法,包括:确定连接到信息处理装置的受保护的可移动存储装置,所述受保护的可移除存储装置具有根据第一文件系统类型存储数据的第一分区,以及根据第一文件系统类型存储用户数据的第二分区 第二种文件系统类型; 并且响应于所述信息处理设备识别所述第二文件系统类型,查询用户凭证来解密用于加密所述第二分区的所述用户数据的数据加密密钥。 描述其他实施例。
-
公开(公告)号:US08898355B2
公开(公告)日:2014-11-25
申请号:US11693515
申请日:2007-03-29
CPC分类号: G06F9/4416
摘要: An arrangement for facilitating remote booting in diskless client systems as just described. To this end, there is broadly contemplated herein the employment of a hypervisor that can freely accommodate a variety of booting arrangements for a given OS. This then ensures that few if any modifications, especially costly ones, would need to be made to the OS to ensure greater versatility.
摘要翻译: 一种用于在无盘客户端系统中进行远程启动的方案,如上所述。 为此,在这里广泛考虑到使用可以自由地适应给定OS的各种启动布置的管理程序。 这样就可以确保很少如果需要对操作系统进行任何修改,特别是昂贵的修改,以确保更多的通用性。
-
公开(公告)号:US08190823B2
公开(公告)日:2012-05-29
申请号:US12233264
申请日:2008-09-18
IPC分类号: G06F12/00
CPC分类号: G06F12/0873 , G06F12/0868 , G06F2212/263
摘要: An apparatus, system, and method are disclosed for deduplicating storage cache data. A storage cache partition table has at least one entry associating a specified storage address range with one or more specified storage partitions. A deduplication module creates an entry in the storage cache partition table wherein the specified storage partitions contain identical data to one another within the specified storage address range thus requiring only one copy of the identical data to be cached in a storage cache. A read module accepts a storage address within a storage partition of a storage subsystem, to locate an entry wherein the specified storage address range contains the storage address, and to determine whether the storage partition is among the one or more specified storage partitions if such an entry is found.
摘要翻译: 公开了用于重复数据删除存储高速缓存数据的装置,系统和方法。 存储高速缓存分区表具有至少一个将指定的存储地址范围与一个或多个指定的存储分区相关联的条目。 重复数据消除模块在存储高速缓存分区表中创建条目,其中指定的存储分区在指定的存储地址范围内彼此包含相同的数据,因此仅需要将相同数据的一个副本缓存在存储高速缓存中。 读取模块接受存储子系统的存储分区内的存储地址,以定位其中指定的存储地址范围包含存储地址的条目,并且如果这样的一个或多个存储分区 找到条目。
-
76.发明申请METHOD AND APPARATUS FOR MAINTAINING OPERABILITY WITH A CLOUD COMPUTING ENVIRONMENT 有权用于保持云计算环境的可操作性的方法和装置公开(公告)号:US20120084355A1
公开(公告)日:2012-04-05
申请号:US12897549
申请日:2010-10-04
IPC分类号: G06F15/16
CPC分类号: G06F8/60
摘要: A method and apparatus for maintaining operability with a cloud computing environment. The apparatus includes a storage module and a local environment module. The storage module may store cloud computing data from a cloud computing environment onto a local storage device. The storage module may communicate with the cloud computing environment through a remote connection. The local environment module may operate a local cloud computing environment from the local storage device while the remote connection to the cloud computing environment is unavailable. The local cloud environment may replicate at least a portion of the cloud computing environment and may be operated from the stored cloud computing data.
摘要翻译: 一种用于通过云计算环境维护可操作性的方法和装置。 该装置包括存储模块和本地环境模块。 存储模块可以将来自云计算环境的云计算数据存储到本地存储设备上。 存储模块可以通过远程连接与云计算环境进行通信。 本地环境模块可以在与云计算环境的远程连接不可用的情况下从本地存储设备操作本地云计算环境。 本地云环境可以复制至少一部分云计算环境,并且可以从存储的云计算数据中进行操作。
-
77.发明申请公开(公告)号:US20110246985A1
公开(公告)日:2011-10-06
申请号:US12750287
申请日:2010-03-30
CPC分类号: G06F9/445 , G06F9/44557
摘要: Systems, methods, apparatuses and computer program products provide alternative desktop computing solutions and generally provide client devices configured to utilize one of a local common base image and a common base image stored remotely, with a user-specific overlay image remotely storing user specific data. The clients can be configured to store the common base image locally.
摘要翻译: 系统,方法,装置和计算机程序产品提供替代桌面计算解决方案,并且通常提供被配置为利用远程存储的本地公共基本图像和公共基本图像之一的客户端设备与用户特定覆盖图像远程存储用户特定数据。 客户端可以配置为在本地存储公共基本映像。
-
公开(公告)号:US08024579B2
公开(公告)日:2011-09-20
申请号:US11647932
申请日:2006-12-29
IPC分类号: G06F11/30
CPC分类号: G06F21/57 , G06F21/51 , H04L9/0897 , H04L9/3236
摘要: A system and method for authenticating suspect code includes steps of: receiving the suspect code for a first instance of a trusted platform module; loading the suspect code into a trusted platform module device operatively associated with a processor, wherein the suspect code is loaded outside of a shielded location within the trusted platform module device; retrieving a validation public key from a table and storing it in a register in the trusted platform module device, the validation public key indexed by the suspect code; and retrieving a hash algorithm from the table, the hash algorithm indexed by the suspect code. The hash algorithm is run to derive a first hash value; then, using the validation public key, the second hash value is decrypted to derive a second decrypted hash value. The two hash values are compared; and upon determining a match, the suspect code is loaded into the shielded location of the processor for execution by the processor.
摘要翻译: 用于认证可疑代码的系统和方法包括以下步骤:接收可信平台模块的第一实例的可疑代码; 将可疑代码加载到与处理器可操作地相关联的可信任的平台模块设备中,其中可疑代码被加载到可信平台模块设备内的屏蔽位置之外; 从表中检索验证公钥并将其存储在可信平台模块设备中的寄存器中,由可疑代码索引的验证公钥; 并从表中检索散列算法,由可疑代码索引的哈希算法。 运行散列算法以导出第一散列值; 然后,使用验证公钥,解密第二哈希值以导出第二解密哈希值。 比较两个哈希值; 并且在确定匹配时,可疑代码被加载到处理器的屏蔽位置以供处理器执行。
-
79.发明申请公开(公告)号:US20100205375A1
公开(公告)日:2010-08-12
申请号:US12368882
申请日:2009-02-10
申请人: David Carroll Challener , Richard Wayne Cheston , Howard Locker , Randall Scott Springfield , Rod D. Waltermann
发明人: David Carroll Challener , Richard Wayne Cheston , Howard Locker , Randall Scott Springfield , Rod D. Waltermann
IPC分类号: G06F12/08
CPC分类号: G06F12/0868 , G06F2212/263 , G06F2212/314 , H04L29/08846 , H04L67/1097 , H04L67/2842
摘要: A method, apparatus, and system are disclosed of forward caching for a managed client. A storage module stores a software image on a storage device of a backend server. The backend server provides virtual disk storage on the storage device through a first intermediate network point for a plurality of diskless data processing devices. Each diskless data processing device communicates directly with the first intermediate network point. The storage module caches an image instance of the software image at the first intermediate network point. A tracking module detects an update to the software image on the storage device. The storage module copies the updated software image to the first intermediate network point as an updated image instance.
摘要翻译: 公开了一种用于被管理客户端的前向缓存的方法,装置和系统。 存储模块将软件映像存储在后端服务器的存储设备上。 后端服务器通过用于多个无盘数据处理设备的第一中间网络点在存储设备上提供虚拟磁盘存储。 每个无盘数据处理装置与第一中间网络点直接通信。 存储模块在第一中间网络点高速缓存软件映像的图像实例。 跟踪模块检测对存储设备上的软件映像的更新。 存储模块将更新的软件映像作为更新的图像实例复制到第一中间网络点。
-
公开(公告)号:US20100122250A1
公开(公告)日:2010-05-13
申请号:US12269668
申请日:2008-11-12
IPC分类号: G06F9/445 , G06F9/455 , G06F9/46 , G06F15/177
CPC分类号: G06F21/53 , G06F8/61 , G06F9/4401 , G06F9/45558 , G06F9/468 , G06F21/575 , G06F2009/45562 , G06F2009/45587
摘要: An apparatus, system, and method are disclosed for granting hypervisor privileges. An installation module installs a monitor hypervisor wherein only the monitor hypervisor is granted the hypervisor privileges by the computer. An authentication module authenticates a second hypervisor. An eviction module evicts the monitor hypervisor if the second hypervisor is authenticated. The installation module further installs the second hypervisor after the monitor hypervisor is evicted so that only the second hypervisor is granted hypervisor privileges by the computer
摘要翻译: 公开了用于授予管理程序特权的装置,系统和方法。 安装模块安装监视器管理程序,其中只有监视器管理程序被计算机授予管理程序的权限。 认证模块认证第二管理程序。 如果第二个管理程序被认证,驱逐模块将使监视器管理程序移走。 在监视器管理程序被驱逐之后,安装模块进一步安装第二管理程序,使得只有第二管理程序被计算机授予管理程序特权
-
-
-
-
-
-
-
-
-
搜索结果
136 条记录 (耗时 0.04 秒)
