利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

170 条记录 (耗时 0.04 秒)

    System and Method for Securely Clearing Secret Data that Remain in a Computer System Memory
    81.
    发明申请
    System and Method for Securely Clearing Secret Data that Remain in a Computer System Memory 有权
    安全清除计算机系统内存中保密数据的系统和方法

    公开(公告)号:US20090222915A1

    公开(公告)日:2009-09-03

    申请号:US12040953

    申请日:2008-03-03

    申请人: David Carroll Challener Daryl Carvis Cromer Howard Jeffrey Locker Randall Scott Springfield

    发明人: David Carroll Challener Daryl Carvis Cromer Howard Jeffrey Locker Randall Scott Springfield

    IPC分类号: G06F21/00

    CPC分类号: G06F21/57 G06F21/79

    摘要: A system, method, and program product is provided that initializes a counter maintained in a nonvolatile memory of a security module to an initialization value. The security module receives requests for a secret from requesters. The security module releases the secret to the requesters and the released secrets are stored in memory areas allocated to the requesters. A counter is incremented when the secret is released. Requestors send notifications to the security module indicating that the requestor has removed the secret from the requestor's memory area. The security module decrements the counter each time a notification is received. When the computer system is rebooted, if the counter is not at the initialization value, the system memory is scrubbed erasing any secrets that remain in memory.

    摘要翻译: 提供了一种系统,方法和程序产品,其将维护在安全模块的非易失性存储器中的计数器初始化为初始化值。 安全模块从请求者接收到秘密的请求。 安全模块向请求者释放秘密,所发布的秘密存储在分配给请求者的内存区域中。 当秘密被释放时,计数器递增。 请求者向安全模块发送指示请求者已经从请求者的存储区域移除了秘密的通知。 每次接收到通知时,安全模块都会递减计数器。 当计算机系统重新启动时,如果计数器不在初始化值,系统内存将被擦除擦除留在内存中的任何秘密。

    System and Method for Secure Usage of Peripheral Devices Using Shared Secrets
    82.
    发明申请
    System and Method for Secure Usage of Peripheral Devices Using Shared Secrets 有权
    使用共享密码安全使用外围设备的系统和方法

    公开(公告)号:US20090119785A1

    公开(公告)日:2009-05-07

    申请号:US11934829

    申请日:2007-11-05

    申请人: David Carroll Challener Daryl Cromer Philip John Jakes Howard Jeffrey Locker Randall Scott Springfield

    发明人: David Carroll Challener Daryl Cromer Philip John Jakes Howard Jeffrey Locker Randall Scott Springfield

    IPC分类号: G06F21/04

    CPC分类号: G06F21/31 G06F21/78 G06F21/82 G06F2221/2129

    摘要: A system, method, and program product is provided that establishes a shared secret between a computer system and a peripheral device such as a removable nonvolatile storage device or a printer. After establishing the shared secret, the peripheral device is locked. After the peripheral device is locked, an unlock request is received and the shared secret is sent to the peripheral device. The peripheral device then attempts to verify the shared secret. If the shared secret is successfully verified, then the peripheral device is unlocked allowing use of the device by using an encryption key that is made available by the verified shared secret. On the other hand, if the shared secret is not verified, then the peripheral device remains locked and use of the device is prevented.

    摘要翻译: 提供了一种系统,方法和程序产品,其在计算机系统和诸如可移动的非易失性存储设备或打印机的外围设备之间建立共享秘密。 建立共享密钥后,外围设备被锁定。 在外围设备被锁定之后,接收到解锁请求并将共享密钥发送到外围设备。 然后,外围设备尝试验证共享密钥。 如果共享密钥被成功验证,则外围设备被解锁,允许使用由验证的共享秘密提供的加密密钥来使用该设备。 另一方面,如果未验证共享密钥,则外围设备保持锁定,并且防止了设备的使用。

    METHODS AND ARRANGEMENTS FOR EFFECTING SUPPLEMENTARY MAIL TRANSFER OR MANAGEMENT
    83.
    发明申请
    METHODS AND ARRANGEMENTS FOR EFFECTING SUPPLEMENTARY MAIL TRANSFER OR MANAGEMENT 有权
    对补充邮件传送或管理的方法和安排

    公开(公告)号:US20090089808A1

    公开(公告)日:2009-04-02

    申请号:US11865051

    申请日:2007-09-30

    申请人: Howard Locker David Challener Daryl Cromer James S. Rutledge Randall Scott Springfield James J. Thrasher Michael Vanover

    发明人: Howard Locker David Challener Daryl Cromer James S. Rutledge Randall Scott Springfield James J. Thrasher Michael Vanover

    IPC分类号: G06F9/44

    CPC分类号: G06F1/3225 G06Q10/107

    摘要: Arrangements for permitting incoming mail to be transferred from a WAN Drive to a notebook computer hard drive under conditions that are not stressful to the hard drive. Preferably, a WAN card is configured to wake a notebook when mail capacity is full or close to full. Mail is then preferably moved from the flash drive to the hard drive, subject to verification that this will not overly stress the hard drive. In a variant embodiment, the WAN card may preferably be configured to wake a notebook when mail is received at all. Again, mail is then preferably moved from the flash drive to the hard drive, subject to verification that this will not overly stress the hard drive. Once mail is moved to the hard drive, the system preferably runs an embedded email program that allows the user to employ an existing VPN infrastructure.

    摘要翻译: 允许接收邮件在不受硬盘驱动器压力的条件下从WAN驱动器传输到笔记本电脑硬盘驱动器的安排。 优选地,WAN卡被配置为当邮件容量已满或接近满时唤醒笔记本电脑。 然后,邮件最好从闪存驱动器移动到硬盘驱动器,经验证,这不会过度强调硬盘驱动器。 在一个变型实施例中,WAN卡优选地被配置成完全在接收到邮件时唤醒笔记本电脑。 再次,邮件优选地从闪存驱动器移动到硬盘驱动器,经过验证,这不会过度强调硬盘驱动器。 一旦邮件移动到硬盘驱动器,系统最好运行嵌入式电子邮件程序,允许用户使用现有的VPN基础设施。

    Systems, methods, and media for remote wake-up and management of systems in a network
    85.
    发明授权
    Systems, methods, and media for remote wake-up and management of systems in a network 失效
    用于远程唤醒和管理网络中系统的系统,方法和媒体

    公开(公告)号:US07483966B2

    公开(公告)日:2009-01-27

    申请号:US10749257

    申请日:2003-12-31

    申请人: Daryl Carvis Cromer Howard Jeffrey Locker Randall Scott Springfield

    发明人: Daryl Carvis Cromer Howard Jeffrey Locker Randall Scott Springfield

    IPC分类号: G06F15/173

    CPC分类号: G06F1/3246 G06F1/26 G06F1/3203 H04L12/12 Y02D50/40 Y02D50/42

    摘要: Systems, methods, and media for providing remote wake-up and management of systems in a network are disclosed. More particularly, hardware and/or software for a server to receive feedback from a client as to the status of its wake-on-LAN functionality is disclosed. Embodiments include hardware and/or software for determining a client to be managed, determining whether the client is active on the network, transmitting a first network packet comprising a wake-on-LAN packet, and receiving a return wake-on-LAN packet, which comprises an indication of the address of the client and an indication of the status of the wake-on-LAN functionality of the client. Embodiments may also include transmitting a command to start a management session on the client.

    摘要翻译: 公开了用于在网络中提供远程唤醒和系统管理的系统,方法和媒体。 更具体地,公开了用于从客户端接收关于其唤醒LAN功能的状态的反馈的服务器的硬件和/或软件。 实施例包括用于确定要管理的客户端的硬件和/或软件,确定客户端是否在网络上是活动的,发送包括LAN唤醒分组的第一网络分组以及接收LAN上的返回唤醒分组, 其包括客户端的地址的指示和客户端的唤醒LAN功能的状态的指示。 实施例还可以包括发送命令以在客户端上启动管理会话。

    System and Method for Virtualized Hypervisor to Detect Insertion of Removable Media
    87.
    发明申请
    System and Method for Virtualized Hypervisor to Detect Insertion of Removable Media 有权
    虚拟化管理程序的系统和方法,用于检测可移动介质的插入

    公开(公告)号:US20080127309A1

    公开(公告)日:2008-05-29

    申请号:US11564832

    申请日:2006-11-29

    申请人: David Carroll Challener Daryl Cromer Howard Jeffrey Locker Randall Scott Springfield

    发明人: David Carroll Challener Daryl Cromer Howard Jeffrey Locker Randall Scott Springfield

    IPC分类号: G06F21/20

    CPC分类号: H04L63/10 G06F21/552 G06F2221/2153

    摘要: A system and method for using a client-side hypervisor in conjunction with a secure network-side monitoring mechanism to detect removable media insertions since a client's last network session with the secure network is presented. The hypervisor uses a “client-side insertion value” to track the number of times that a user inserts removable media into a socket located on the client. When the client is connected to the secure network, the client's hypervisor notifies the secure network of each insertion and the secure network increments a “secure network-side tracker value.” For each login request, the client includes the client-side insertion value, which the secure network compares against its secure network-side tracker value. When the two values are different, the secure network sends an action request to the client, such as a request to perform a full system scan. Once the client performs the action, the client's hypervisor resets its client-side insertion value and attempts to logon to the secure network again.

    摘要翻译: 提出了客户端管理程序与安全网络侧监视机制结合使用以检测可移动介质插入的系统和方法,因为客户端与安全网络的最后一次网络会话。 管理程序使用“客户端插入值”来跟踪用户将可移动媒体插入位于客户端上的套接字的次数。 当客户端连接到安全网络时,客户端的管理程序会将安全网络通知每个插入,并且安全网络会增加“安全网络侧跟踪器值”。 对于每个登录请求,客户端包括客户端插入值,安全网络与安全网络侧跟踪器值进行比较。 当两个值不同时,安全网络向客户端发送动作请求,例如执行完整系统扫描的请求。 一旦客户端执行操作,客户端的管理程序将重置其客户端插入值,并尝试再次登录到安全网络。

    Apparatus, system, and method for secure mass storage backup
    88.
    发明授权
    Apparatus, system, and method for secure mass storage backup 有权
    用于安全大容量存储备份的装置,系统和方法

    公开(公告)号:US07330977B2

    公开(公告)日:2008-02-12

    申请号:US10748062

    申请日:2003-12-30

    申请人: Daryl Carvis Cromer Howard Jeffrey Locker Randall Scott Springfield

    发明人: Daryl Carvis Cromer Howard Jeffrey Locker Randall Scott Springfield

    IPC分类号: H04L9/00

    CPC分类号: G06F21/78 G06F11/1458 G06F11/1469

    摘要: An apparatus for securely backing up data using a cryptographic module includes a mass storage device having a first accessible portion and a second encrypted portion. The mass storage device is initialized to only decrypt the encrypted portion on the system that first created the encrypted portion. The cryptographic module may be a Trusted Platform Module (TPM) based on specifications from the Trusted Computer Group. The mass storage device comprises a trusted platform interface module configured to communicate with the TPM. The system may include a motherboard having a TPM, and the mass storage device. The method in one embodiment comprises providing a computer readable mass storage device, initializing a password module, transmitting an encrypted password to the cryptographic module, authenticating the encrypted password, decrypting the encrypted password, transmitting the decrypted password to the computer readable medium, and decrypting the second encrypted portion using the decrypted password.

    摘要翻译: 使用加密模块安全地备份数据的装置包括具有第一可访问部分和第二加密部分的大容量存储设备。 大容量存储设备被初始化为仅对首先创建加密部分的系统上的加密部分进行解密。 加密模块可以是基于可信计算机组的规范的可信平台模块(TPM)。 大容量存储设备包括被配置为与TPM通信的可信平台接口模块。 该系统可以包括具有TPM的主板和大容量存储设备。 在一个实施例中的方法包括提供计算机可读大容量存储设备,初始化密码模块,向加密模块发送加密密码,认证加密密码,解密加密密码,将解密的密码发送到计算机可读介质,以及解密 使用解密密码的第二加密部分。

    Method and system for secure, one-time password override during password-protected system boot
    89.
    发明授权
    Method and system for secure, one-time password override during password-protected system boot 有权
    在密码保护的系统启动期间安全的一次密码替换的方法和系统

    公开(公告)号:US07210166B2

    公开(公告)日:2007-04-24

    申请号:US10967761

    申请日:2004-10-16

    申请人: Mark Charles Davis Randall Scott Springfield

    发明人: Mark Charles Davis Randall Scott Springfield

    IPC分类号: H04L9/00 G06F15/177 G06F17/30

    CPC分类号: H04L9/3228 G06F21/31 G06F21/575 H04L9/0863 H04L9/0869 H04L9/0897 H04L63/083 H04L2463/081

    摘要: A method, system, and program product for enabling administrative recovery of a user's lost/forgotten boot-up passwords without compromising the administrative/master password(s). A restricted-use password is dynamically generated from a first hash of a random number generated on a client system and a secret retrieved from a secure device associated with the client system. The restricted-use password operates as a master password but is not the administrative password of the client system. Once the password is generated, it is provided to the user/client system to enable user access to said client system and hardfile and reset of the user passwords.

    摘要翻译: 一种方法,系统和程序产品,用于在不影响管理/主密码的情况下实现对用户丢失/遗忘启动密码的管理恢复。 从客户端系统上产生的随机数的第一个哈希值和从与客户机系统相关联的安全设备检索的秘密,动态地生成受限制的密码。 受限使用的密码作为主密码操作,但不是客户端系统的管理密码。 一旦生成密码,就将它提供给用户/客户端系统,以使用户能够访问所述客户端系统,并且硬文件和用户密码的复位。

    Apparatus, system, and method for securing I/O communications between a blade and a peripheral interface device of a blade-based computer system
    90.
    发明申请
    Apparatus, system, and method for securing I/O communications between a blade and a peripheral interface device of a blade-based computer system 审中-公开
    用于保护刀片和基于刀片的计算机系统的外围接口设备之间的I / O通信的装置,系统和方法

    公开(公告)号:US20060184785A1

    公开(公告)日:2006-08-17

    申请号:US11058987

    申请日:2005-02-16

    申请人: David Carroll Challener Daryl Carvis Cromer Steven Dale Goodman Howard Jeffery Locker Randall Scott Springfield

    发明人: David Carroll Challener Daryl Carvis Cromer Steven Dale Goodman Howard Jeffery Locker Randall Scott Springfield

    IPC分类号: H04L9/00

    CPC分类号: G06F21/606 G06F21/85

    摘要: An apparatus, system, and method are disclosed for securing I/O communications between a blade and peripheral interface device. The apparatus includes a determination module, a source security module, and a source communication module. The determination module identifies I/O data configured for transmission to a destination module configured to receive secure I/O data. The source security module encrypts the I/O data to generate secured I/O data such that subsequent decryption of the secured I/O data is restricted to a destination module. The source communication module transmits the secured I/O data over a vulnerable communication link to the destination module. The vulnerable communication link comprises a message intercept vulnerability. The destination module is configured to unencrypt the secure I/O data for a destination device such as a display device.

    摘要翻译: 公开了用于保护刀片和外围接口设备之间的I / O通信的装置,系统和方法。 该装置包括确定模块,源安全模块和源通信模块。 确定模块识别配置为传输到配置为接收安全I / O数据的目标模块的I / O数据。 源安全模块加密I / O数据以产生安全的I / O数据,使得安全I / O数据的后续解密被限制到目的地模块。 源通信模块通过易受攻击的通信链路将目标模块的安全I / O数据发送到目标模块。 脆弱的通信链路包括消息拦截漏洞。 目的地模块被配置为对诸如显示设备的目的地设备的安全I / O数据进行解密。