公开(公告)号：US07818567B2

公开(公告)日：2010-10-19

申请号：US11535542

申请日：2006-09-27

Applicant: Rod D. Waltermann ,  David C. Challener ,  Philip L. Childs ,  Norman A. Dion, II ,  James Hunt ,  Nathan J. Peterson ,  David Rivera ,  Randall S. Springfield ,  Arnold S. Weksler

Inventor： Rod D. Waltermann ,  David C. Challener ,  Philip L. Childs ,  Norman A. Dion, II ,  James Hunt ,  Nathan J. Peterson ,  David Rivera ,  Randall S. Springfield ,  Arnold S. Weksler

IPC: H04L29/06

CPC classification number: G06F21/575 ,  G06F21/6209 ,  G06F2221/2107 ,  H04L9/0897 ,  H04L2209/127

Abstract: A method for protecting Security Accounts Manager (SAM) files within a Windows® operating system is disclosed. A SAM file encryption key is generated by encrypting a SAM file via a syskey utility provided within the Windows® operating system. The SAM file encryption key is then stored in a virtual floppy disk by selecting an option to store SAM file encryption key to a floppy disk under the syskey utility. A blob is generated by performing a Trusted Platform Module (TPM) Seal command against the SAM file encryption key along with a value stored in a Performance Control Register and a TPM Storage Root Key. The blob is stored in a non-volatile storage area of a computer.

Abstract translation: 披露了一种在Windows®操作系统中保护安全帐户管理器（SAM）文件的方法。 通过在Windows®操作系统中提供的syskey实用程序加密SAM文件来生成SAM文件加密密钥。 然后，SAM文件加密密钥存储在虚拟软盘中，方法是选择将SAM文件加密密钥存储到syskey实用程序下的软盘中。 通过对SAM文件加密密钥执行可信平台模块（TPM）密封命令以及存储在性能控制寄存器和TPM存储根密钥中的值来生成blob。 斑点存储在计算机的非易失性存储区域中。

公开(公告)号：US07818553B2

公开(公告)日：2010-10-19

申请号：US11535538

申请日：2006-09-27

Applicant: Rod D. Waltermann ,  Daryl Cromer ,  Howard J. Locker ,  Randall S. Springfield

Inventor： Rod D. Waltermann ,  Daryl Cromer ,  Howard J. Locker ,  Randall S. Springfield

IPC: G06F15/177 ,  G06F9/00

CPC classification number: G06F21/10 ,  G06F21/55 ,  G06F2221/0737 ,  G06F2221/0775 ,  G06F2221/2135

Abstract: A method for preventing unauthorized modifications to a rental computer system is disclosed. During boot up of the rental computer system, a determination is made whether or not a time-day card is bound to the rental computer system. If the time-day card is bound to the rental computer system, another determination is made whether or not a time/date value on the time-day card is less than a secure time/date value stored in a secure storage location during the most recent power down. If the time/date value on the time-day card is not less than the secure time/date value, yet another determination is made whether or not the secure time/date value is less than an end time/date rental value. If the secure time/date value is less than the end time/date rental value, the rental computer system continues to boot.

Abstract translation: 公开了一种防止对租赁计算机系统的未经授权的修改的方法。 在租赁计算机系统的引导期间，确定时间日卡是否绑定到租赁计算机系统。 如果时间日卡被绑定到租赁计算机系统，则另外确定时间日卡上的时间/日期值是否小于最多存储在安全存储位置中的安全时间/日期值 最近掉电。 如果时间日卡上的时间/日期值不小于安全时间/日期值，则另外确定安全时间/日期值是否小于结束时间/日期租赁值。 如果安全时间/日期值小于结束时间/日期租金值，则租用计算机系统将继续启动。

公开(公告)号：US07702777B2

公开(公告)日：2010-04-20

申请号：US11024122

申请日：2004-12-28

Applicant: Daryl C. Cromer ,  Howard J. Locker ,  Randall S. Springfield ,  Rod D. Waltermann

Inventor： Daryl C. Cromer ,  Howard J. Locker ,  Randall S. Springfield ,  Rod D. Waltermann

IPC: G06F15/173 ,  G06F15/16

CPC classification number: G06F8/60

Abstract: A method and system are disclosed in which a management module (MM) designates an idle blade in a client blade farm to be an “administrative blade” that has administrator access to the virtual images of all users. The MM identifies when a particular user image is, or is not, in use and conveys this information to the administrative blade. The administrative blade performs virus scans, backups, defrags, patch installs, software upgrades, and other such maintenance functions on user images when they are inactive, thereby eliminating the performance impact to active users.

Abstract translation: 公开了一种方法和系统，其中管理模块（MM）将客户机刀片服务器场中的空闲刀片指定为具有对所有用户的虚拟映像的管理员访问权限的“管理刀片”。 MM识别特定用户图像何时或未使用，并将该信息传送给管理刀片。 管理刀片在不活动时对用户图像执行病毒扫描，备份，defrags，修补程序安装，软件升级和其他此类维护功能，从而消除对活动用户的性能影响。

公开(公告)号：US20090249485A1

公开(公告)日：2009-10-01

申请号：US12054531

申请日：2008-03-25

Applicant: David Rivera ,  David C. Challener ,  Rod D. Waltermann

Inventor： David Rivera ,  David C. Challener ,  Rod D. Waltermann

IPC: G06F21/00

CPC classification number: G06F21/88

Abstract: A technique for identifying a user of a device includes receiving a tracking mechanism trigger and capturing (e.g., periodically) identifying information on the user of the device in response to the trigger.

Abstract translation: 用于识别设备的用户的技术包括响应于触发而接收跟踪机制触发和捕获（例如，周期性地）标识关于设备的用户的信息。

公开(公告)号：US20090201164A1

公开(公告)日：2009-08-13

申请号：US12028556

申请日：2008-02-08

Applicant: Arnold S. Weksler ,  Scott E. Kelso ,  Nathan J. Peterson ,  Rod D. Waltermann

Inventor： Arnold S. Weksler ,  Scott E. Kelso ,  Nathan J. Peterson ,  Rod D. Waltermann

IPC: G08B21/00

CPC classification number: H04M1/72527 ,  H04M2250/12

Abstract: A technique for preventing damage to a portable device includes detecting movement of a portable device and determining whether a port of the portable device is attached to an external device. When the external device is attached to the port, a notification is provided to a user of the portable device that the external device requires detachment from the portable device (e.g., assuming that the notification is not masked).

Abstract translation: 用于防止对便携式设备的损坏的技术包括检测便携式设备的移动并确定便携式设备的端口是否附接到外部设备。 当外部设备附接到端口时，向便携式设备的用户提供通知，外部设备需要从便携式设备拆卸（例如，假设通知未被屏蔽）。

公开(公告)号：US20080133905A1

公开(公告)日：2008-06-05

申请号：US11565452

申请日：2006-11-30

Applicant: David Carroll Challener ,  Seiichi Kawano ,  Randall Scott Springfield ,  Rod D. Waltermann

Inventor： David Carroll Challener ,  Seiichi Kawano ,  Randall Scott Springfield ,  Rod D. Waltermann

IPC: H04L9/32

CPC classification number: H04L9/0822 ,  H04L9/3226

Abstract: An apparatus, system, and method are disclosed for remotely accessing a shared password. A storage module stores identifiers, passwords, and keys within a secure key structure of a client. The passwords and keys include a shared password encrypted with a shared password key that is encrypted with a service structure key. The storage module also stores the service structure key encrypted with a key derived from a service password on a trusted server. An input/output module accesses the trusted server from the client with a prospective service password and receives the encrypted service structure key from the trusted server if a hash of the prospective service password is equivalent to the service password. An encryption module may decrypt the service structure key with the prospective service password, the shared password key with the service structure key, and the shared password with the shared password key.

Abstract translation: 公开了用于远程访问共享密码的装置，系统和方法。 存储模块在客户端的安全密钥结构内存储标识符，密码和密钥。 密码和密钥包括使用通过服务结构密钥加密的共享密码密钥加密的共享密码。 存储模块还将在服务密码上导出的密钥加密的服务结构密钥存储在可信服务器上。 输入/输出模块从客户端接收可信服务密码，如果预期服务密码的散列等于服务密码，则从可信服务器接收加密的服务结构密钥。 加密模块可以利用预期服务密码，具有服务结构密钥的共享密码密钥和具有共享密码密钥的共享密码对服务结构密钥进行解密。

公开(公告)号：US20080104416A1

公开(公告)日：2008-05-01

申请号：US11529795

申请日：2006-09-29

Applicant: David C. Challener ,  John H. Nicholson ,  Joseph Pennisi ,  Rod D. Waltermann

Inventor： David C. Challener ,  John H. Nicholson ,  Joseph Pennisi ,  Rod D. Waltermann

IPC: H04L9/00 ,  G06F12/14 ,  H04L9/32 ,  G06F11/30

CPC classification number: H04L9/0894 ,  G06F21/51 ,  H04L9/3234 ,  H04L9/3236 ,  H04L2209/127

Abstract: Method and apparatus for enabling applications on security processors of computer systems. In one aspect, a security processor apparatus includes a processor and a memory coupled to the processor and operative to store a secure table. The secure table stores different certified endorsement keys and different values, each value associated with one of the endorsement keys. Each stored value is derived from a different application that is certified by the associated endorsement key to be executed on the processor.

Abstract translation: 用于在计算机系统的安全处理器上实现应用的方法和装置。 在一个方面，一种安全处理器装置包括处理器和耦合到处理器并可操作以存储安全表的存储器。 安全表存储不同的认证密钥和不同的值，每个值与一个认可密钥相关联。 每个存储的值都是从由处理器执行的相关认可密钥认证的不同应用程序导出的。

公开(公告)号：US20080082811A1

公开(公告)日：2008-04-03

申请号：US11529900

申请日：2006-09-29

Applicant: Mark C. Davis ,  Scott E. Kelso ,  Ling Ma ,  Nathan J. Peterson ,  Rod D. Waltermann

Inventor： Mark C. Davis ,  Scott E. Kelso ,  Ling Ma ,  Nathan J. Peterson ,  Rod D. Waltermann

IPC: G06F9/00

CPC classification number: G06F9/4401 ,  G06F9/45533 ,  G06F2009/45583

Abstract: A system and method for loading programs during a system boot using stored configuration data in a predetermined file system from a prior session and providing the stored configuration data to a guest operating system capable of communication with a host operating system, during start-up, within a computing environment having a hypervisor, in a predetermined manner.

Abstract translation: 一种用于在系统引导期间使用来自先前会话的预定文件系统中的存储配置数据加载程序的系统和方法，并且将所存储的配置数据提供给能够在启动期间在主机操作系统内与客户操作系统通信的客户操作系统 具有管理程序的计算环境，以预定的方式。

公开(公告)号：US20080028321A1

公开(公告)日：2008-01-31

申请号：US11461422

申请日：2006-07-31

Applicant: Arnold S. Weksler ,  Scott E. Kelso ,  John C. Mese ,  Nathan J. Peterson ,  Rod D. Waltermann

Inventor： Arnold S. Weksler ,  Scott E. Kelso ,  John C. Mese ,  Nathan J. Peterson ,  Rod D. Waltermann

IPC: G06F3/00

CPC classification number: G06F3/0486 ,  G06Q10/10

Abstract: The collaborative sharing of resources on demand based on proximity, within a group or network of computers. Broadly contemplated herein the “tiling” of a collection of logically adjacent individual graphical desktops in a virtual desktop. In such a setting, the action of dragging a window or icon off of one desktop and onto another would effectively transfer user interactability, and/or perceived ownership of the object, to the desktop where the window or icon graphically “lands”.

Abstract translation: 基于邻近度，在计算机的组或网络内的按需资源的协同共享。 广泛地考虑了虚拟桌面中逻辑上相邻的单独图形桌面的集合的“平铺”。 在这样的设置中，将窗口或图标从一个桌面拖动到另一个桌面上的动作将有效地将用户与物体的交互性和/或感知的所有权转移到窗口或图标以图形方式“登陆”的桌面上。

公开(公告)号：US20080024963A1

公开(公告)日：2008-01-31

申请号：US11461433

申请日：2006-07-31

Applicant: Arnold S. Weksler ,  Scott E. Kelso ,  John C. Mese ,  Nathan J. Peterson ,  Rod D. Waltermann

Inventor： Arnold S. Weksler ,  Scott E. Kelso ,  John C. Mese ,  Nathan J. Peterson ,  Rod D. Waltermann

IPC: G06F1/16

CPC classification number: G06F1/1616 ,  G06F1/1637 ,  G06F1/1684

Abstract: An arrangement for supporting a flat panel display wherein an actuating arrangement responsively alters a physical disposition of the supporting arrangement in a manner to avert physical damage to said flat panel display. Preferably, a flat panel display cover on a laptop will “bow” or arch in a direction away from the flat panel display and the actuating arrangement can be embodied, e.g., by a lattice or grid of wiring, or by a bimetallic sheet. Electronic or mechanical actuation is conceivable and the actuating arrangement can be triggered by, e.g., the imposition of a potentially damaging object and/or by closure of the laptop. While a laptop embodiment is broadly contemplated, other applications are possible.

Abstract translation: 一种用于支撑平板显示器的装置，其中致动装置以以避免对所述平板显示器的物理损坏的方式响应地改变支撑装置的物理布置。 优选地，膝上型计算机上的平板显示器盖子将以远离平板显示器的方向“弯曲”或拱形，并且致动装置可以例如由格子或格子布线或双金属片体现。 可以想到电子或机械致动，并且可以通过例如施加潜在的有害物体和/或通过关闭膝上型计算机来触发致动装置。 虽然广泛地考虑了笔记本电脑的实施例，但是其他应用也是可能的。