-
公开(公告)号:US08850562B2
公开(公告)日:2014-09-30
申请号:US12821197
申请日:2010-06-23
申请人: David R. Wooten
发明人: David R. Wooten
摘要: Architecture that utilizes logical combinations (e.g., of Boolean logic) of authorizations as a logical authorization expression that is computed through a proofing process to a single proof value which equates to authorizing access to an intended entity. The authorizations are accumulated and processed incrementally according to an evaluation order defined in the authorization expression. The logical combinations can include Boolean operations that evaluate to a proof value associated with a sum of products expression (e.g., combinations of AND, OR, etc.). The incremental evaluations output corresponding hash values as statistically unique identifiers used in a secure hash algorithm that when evaluated in order allow execution of a specific command to access the entity. The architecture, employed in a trust module, uses minimal internal trust module state, and can be employed as part of a device system that handles trust processing to obtain authorization to access the intended entity.
摘要翻译: 使用授权的逻辑组合(例如,布尔逻辑)作为逻辑授权表达式的架构,其通过校验过程被计算为单个证明值,这相当于授权对预期实体的访问。 根据授权表达式中定义的评估顺序对授权进行累加和处理。 逻辑组合可以包括评估与产品表达式(例如AND,OR等的组合)相关联的证明值的布尔运算。 增量评估输出相应的散列值作为在安全散列算法中使用的统计唯一标识符,当按照特定命令进行评估时,可以执行访问实体。 在信任模块中使用的架构使用最小的内部信任模块状态,并且可以用作处理信任处理以获得访问预期实体的授权的设备系统的一部分。
-
公开(公告)号:US08200952B2
公开(公告)日:2012-06-12
申请号:US11586283
申请日:2006-10-25
申请人: David R. Wooten , Eric Holt , Stefan Thom , Tony Ureche , Dan Sledz , Douglas M. Maclver
发明人: David R. Wooten , Eric Holt , Stefan Thom , Tony Ureche , Dan Sledz , Douglas M. Maclver
IPC分类号: G06F21/00
CPC分类号: G07F7/1008 , G06F21/34 , G06F21/575 , G06Q20/3415 , G06Q20/3563 , G06Q20/388 , G06Q20/40 , G06Q20/409
摘要: Firmware of a system is configured to allow secondary devices, such as a smart card, to be used for authentication. In an example embodiment, the secondary device is a CCID smart card in compliance with the ISO 7816 specification. The smart card is inserted into a card reader coupled to the system prior to booting the system. The firmware comprises an emulator and driver configured to allow authentication information from the smart card to be utilized to allow execution of the boot process. In an example embodiment, the smart card comprises external keys for use with BITLOCKER™. The secondary device is compatible with systems implementing a BIOS and with systems implementing EFI. Authentication also can be accomplished via devices that do not provide data storage, such as a biometric device or the like.
摘要翻译: 系统的固件被配置为允许诸如智能卡的辅助设备用于认证。 在示例实施例中,辅助设备是符合ISO 7816规范的CCID智能卡。 在引导系统之前,将智能卡插入耦合到系统的读卡器。 固件包括仿真器和驱动器,其被配置为允许来自智能卡的认证信息被用于允许执行引导过程。 在示例实施例中,智能卡包括用于与BITLOCKER TM一起使用的外部键。 辅助设备与实施BIOS的系统以及实施EFI的系统兼容。 认证也可以通过不提供数据存储的设备来实现,例如生物测定设备等。
-
公开(公告)号:US20090100516A1
公开(公告)日:2009-04-16
申请号:US11872220
申请日:2007-10-15
IPC分类号: H04L9/32 , G06F15/177
CPC分类号: G06F15/177 , G06F9/4418 , G06F21/31 , G06F21/81
摘要: Procedures for resumption from a low activity condition are discussed. In implementations, a persistent state file, or a portion thereof, is secured via an encryption algorithm, with the decryption key secured via the operating system (OS) login user credentials. Once a user is authenticated via the OS login, the persistent state file may be decrypted and inserted in the OS boot path with resumption occurring through the persistent state file.
摘要翻译: 讨论从低活动条件恢复的程序。 在实现中,经由加密算法来保护持久状态文件或其一部分,其中解密密钥通过操作系统(OS)登录用户凭证得到保护。 一旦用户通过OS登录认证,持久状态文件可以被解密并插入到OS引导路径中,并通过持久状态文件进行恢复。
-
公开(公告)号:US06529984B1
公开(公告)日:2003-03-04
申请号:US09537347
申请日:2000-03-29
IPC分类号: G06F1314
CPC分类号: G06F13/14 , G06F13/368
摘要: A multiphase IEEE 1394 network of nodes requires all nodes to broadcast their current understanding of the phase of the bus (e.g., odd or even). Even if a node is not requesting ownership of the bus, it must send a message that indicates which phase that node believes to be the current phase of the network. If a node that does not need ownership of the bus believes the bus currently is in the odd phase, then that node will transmit a “None_odd” message indicating the node's understanding that the bus is in the odd phase. Similarly, if a node that does not need the bus believes the bus currently is in the even phase, then that node will transmit a “None_even” message indicating the node's understanding that the bus is in the even phase. Preferably, the current bus owner will not switch the phase of the bus until all nodes have a correct understanding of the current phase of the bus.
摘要翻译: 多节点IEEE 1394节点网络要求所有节点广播他们目前对总线相位的理解(例如奇数或偶数)。 即使节点没有请求总线的所有权,它也必须发送一条消息,指示该节点认为是网络当前阶段的哪个阶段。 如果不需要总线所有权的节点相信总线当前处于奇数阶段,那么该节点将发送一个“None_odd”消息,指示节点了解总线处于奇数阶段。 类似地,如果不需要总线的节点相信总线当前处于偶数阶段,则该节点将发送一个“无限制”消息,指示节点了解总线处于偶数阶段。 优选地,当前总线所有者将不会切换总线的相位,直到所有节点正确理解总线的当前阶段为止。
-
公开(公告)号:US06327308B1
公开(公告)日:2001-12-04
申请号:US08858774
申请日:1997-05-19
申请人: David R. Wooten
发明人: David R. Wooten
IPC分类号: H04B300
CPC分类号: H04L25/49
摘要: Information is sent on a pair of conductors by sending some of the information by driving the pair of conductors in accordance with a primary signaling character set having two distinct information-carrying characters, and sending other information by driving the pair of conductors in accordance with a third distinct information-carrying character represented by a predefined state of the pair of conductors.
摘要翻译: 通过根据具有两个不同的信息携带字符的主信令字符集驱动一对导体,通过发送一些信息来发送信息,并通过根据一个导体来驱动该对导体来发送其他信息 由该对导体的预定状态表示的第三不同的信息载体。
-
6.发明授权Computer system and method for storing data in a buffer which crosses page boundaries utilizing beginning and ending buffer pointers 失效用于使用开始和结束缓冲器指针将数据存储在跨越页边界的缓冲器中的计算机系统和方法
公开(公告)号:US5911152A
公开(公告)日:1999-06-08
申请号:US711357
申请日:1996-09-05
申请人: David R. Wooten
发明人: David R. Wooten
CPC分类号: G06F5/10 , G06F13/387
摘要: A computer system and method for storing data in pages of memory according to a data structure which is stored within the memory and identifies the pages of data. The data structure includes a beginning buffer pointer and an ending buffer pointer. The beginning and ending buffer pointers have page address portions and base address portions. The base address portion of the beginning buffer pointer is changed each time a data location is accessed. The page address portion of the beginning buffer pointer is replaced with the page address portion of the ending buffer pointer when the base address portion of the beginning buffer pointer reaches a page boundary.
摘要翻译: 一种计算机系统和方法,用于根据存储在存储器内并识别数据页面的数据结构存储存储器页面中的数据。 数据结构包括一个起始缓冲区指针和一个结束缓冲区指针。 开始和结束缓冲区指针具有页面地址部分和基址部分。 每次访问数据位置时,开始缓冲区指针的基址部分都会更改。 当开始缓冲区指针的基址部分到达页面边界时,开始缓冲区指针的页面地址部分被替换为结束缓冲区指针的页面地址部分。
-
公开(公告)号:US5712875A
公开(公告)日:1998-01-27
申请号:US485814
申请日:1995-06-07
申请人: David R. Wooten
发明人: David R. Wooten
CPC分类号: H04L25/49
摘要: Information is sent on a pair of conductors by sending some of the information by driving the pair of conductors in accordance with a primary signaling character set having two distinct information-carrying characters, and sending other information by driving the pair of conductors in accordance with a third distinct information-carrying character represented by a predefined state of the pair of conductors.
摘要翻译: 通过根据具有两个不同的信息携带字符的主信令字符集驱动一对导体,通过发送一些信息来发送信息,并通过根据一个导体来驱动该对导体来发送其他信息 由该对导体的预定状态表示的第三不同的信息载体。
-
8.发明授权
公开(公告)号:US5590292A
公开(公告)日:1996-12-31
申请号:US7333
申请日:1993-01-21
申请人: David R. Wooten , Craig A. Miller , Kevin B. Leigh , Robert B. Costley , Christopher E. Simonich
发明人: David R. Wooten , Craig A. Miller , Kevin B. Leigh , Robert B. Costley , Christopher E. Simonich
CPC分类号: G06F13/4022
摘要: A point to point connection architecture for a computer I/O subsystem, resulting in a scalable tree structure. A Master I/O Concentrator (MIOC) is connected to the host bus and handles conversion between a bus oriented structure and the tree structure of the I/O subsystem. Ports away from the host bus are downstream ports and conform to a simple byte wide message protocol. Various IOCs and devices can be attached to one of the downstream ports on the MIOC. The MIOC directs transmissions to the appropriate channel based on a geographical addressing scheme. The IOC connections act as further points of branching. Ultimately IOD or I/O devices are reached, having an upstream port for connection to the IOC and a downstream port and internal logic appropriate for the particular peripheral device. Various registers are present in the IOCs and the IODs to allow determination of the topology and particular devices present. Messages and commands are transferred in the I/O subsystem in defined packets. Various read, write and exchange commands are used, with a read response being utilized to allow split transaction read operations. Certain status and control commands are also present. Interrupts are handled by having the interrupt levels correspond to memory addresses of the programmable interrupt controller, thus allowing simple selection of interrupts to be generated by the devices and no need for separate wiring.
摘要翻译: 用于计算机I / O子系统的点对点连接架构,从而产生可扩展的树结构。 主I / O集中器(MIOC)连接到主机总线,处理面向总线的结构与I / O子系统的树结构之间的转换。 远离主机总线的端口是下游端口,符合简单的字节宽消息协议。 各种IOC和设备可以连接到MIOC的下游端口之一。 MIOC根据地理寻址方案将传输指向适当的信道。 IOC连接充当分支的进一步点。 最终达到IOD或I / O设备,具有用于连接到IOC的上行端口和下游端口以及适用于特定外围设备的内部逻辑。 各种寄存器存在于IOC和IOD中,以允许确定拓扑和存在的特定设备。 消息和命令在I / O子系统中以定义的数据包传输。 使用各种读取,写入和交换命令,其中使用读取响应来允许分离事务读取操作。 还存在某些状态和控制命令。 中断通过使中断电平对应于可编程中断控制器的存储器地址来处理,从而允许简单地选择要由器件产生的中断,而不需要单独的布线。
-
公开(公告)号:US08924737B2
公开(公告)日:2014-12-30
申请号:US13218029
申请日:2011-08-25
CPC分类号: G06F21/575 , G06F21/602 , G06F21/73
摘要: In accordance with one or more aspects, a representation of a configuration of a firmware environment of a device is generated. A secret of the device is obtained, and a platform secret is generated based on both the firmware environment configuration representation and the secret of the device. One or more keys can be generated based on the platform secret.
摘要翻译: 根据一个或多个方面,生成设备的固件环境的配置的表示。 获得设备的秘密,并且基于固件环境配置表示和设备的秘密生成平台秘密。 可以基于平台秘密生成一个或多个密钥。
-
公开(公告)号:US20130054946A1
公开(公告)日:2013-02-28
申请号:US13218029
申请日:2011-08-25
CPC分类号: G06F21/575 , G06F21/602 , G06F21/73
摘要: In accordance with one or more aspects, a representation of a configuration of a firmware environment of a device is generated. A secret of the device is obtained, and a platform secret is generated based on both the firmware environment configuration representation and the secret of the device. One or more keys can be generated based on the platform secret.
摘要翻译: 根据一个或多个方面,生成设备的固件环境的配置的表示。 获得设备的秘密,并且基于固件环境配置表示和设备的秘密生成平台秘密。 可以基于平台秘密生成一个或多个密钥。
-
-
-
-
-
-
-
-
-
搜索结果
47 条记录 (耗时 0.02 秒)
