公开(公告)号：US20070205271A1

公开(公告)日：2007-09-06

申请号：US11366668

申请日：2006-03-02

申请人： Sonia Gaillard ,  Nia Kelley ,  Kimberly Simon

发明人： Sonia Gaillard ,  Nia Kelley ,  Kimberly Simon

IPC分类号： G06F7/08 ,  G07F19/00

CPC分类号： G07F19/203 ,  G06Q20/381 ,  G07F19/20

摘要： The present invention provides a computer implemented method, apparatus, and computer usable program code to receive a request to withdraw money using a bank card. A determination is made as to whether a profile is present on the bank card. The money is dispensed using types of currency based on the profile in response to the determination that the profile is present on the bank card.

摘要翻译： 本发明提供了一种计算机实现的方法，装置和计算机可用程序代码，用于接收使用银行卡提款的请求。 确定银行卡上是否存在个人资料。 响应于该配置文件存在于银行卡上的确定，基于配置文件，使用货币类型分配货币。

公开(公告)号：US20070200671A1

公开(公告)日：2007-08-30

申请号：US11364622

申请日：2006-02-28

申请人： Nia Kelley ,  Guillermo Silva

发明人： Nia Kelley ,  Guillermo Silva

IPC分类号： B60R25/00

CPC分类号： B60R25/257

摘要： Methods, systems, and media for remote control of a vehicle device and vehicle lockout notification are disclosed. Embodiments comprise a method of creating a secure bidirectional communication link between a remote access device and a central locking unit (CLU) of a vehicle, enabling the central locking unit to authenticate a user of the remote access device to manipulate a device of the vehicle. In some embodiments, the CLU may wait for an access attempt from a mobile device. In other embodiments, the CLU monitor vehicle conditions, detect a lockout condition, and alert the user before authenticating and granting vehicle access. Embodiments utilize private and shared key encryption methods to facilitate securely passing an access code between the CLU and the remote access device. Some embodiments authenticate the user by voice verification, while other embodiments may use personal identification numbers.

摘要翻译： 公开了用于远程控制车辆装置和车辆锁定通知的方法，系统和媒体。 实施例包括在远程访问设备和车辆的中央锁定单元（CLU）之间创建安全双向通信链路的方法，使得中央锁定单元能够认证远程访问设备的用户来操纵车辆的设备。 在一些实施例中，CLU可以等待来自移动设备的访问尝试。 在其他实施例中，CLU监视车辆状态，检测锁定状态，并且在认证和授予车辆通道之前警告用户。 实施例利用专用和共享密钥加密方法来促进在CLU和远程访问设备之间安全地传递访问代码。 一些实施例通过语音验证认证用户，而其他实施例可以使用个人识别号码。

公开(公告)号：US20060026418A1

公开(公告)日：2006-02-02

申请号：US10902669

申请日：2004-07-29

申请人： Steven Bade ,  Ryan Catherman ,  James Hoff ,  Nia Kelley ,  Emily Ratliff

发明人： Steven Bade ,  Ryan Catherman ,  James Hoff ,  Nia Kelley ,  Emily Ratliff

IPC分类号： H04L9/00

CPC分类号： H04L63/20 ,  G06F21/57 ,  H04L9/3247 ,  H04L63/102 ,  H04L2209/127 ,  H04L2209/805

摘要： A method, apparatus, and computer program product are described for implementing a trusted computing environment within a data processing system. The data processing system includes multiple different service processor-based hardware platforms. Multiple different trusted platform modules (TPMs) are provided in the data processing system. Each TPM provides trust services to only one of the service processor-based hardware platforms. Each TPM provides its trust services to only a portion of the entire data processing system.

摘要翻译： 描述了用于在数据处理系统内实现可信计算环境的方法，装置和计算机程序产品。 数据处理系统包括多个不同的基于服务处理器的硬件平台。 在数据处理系统中提供了多个不同的可信平台模块（TPM）。 每个TPM仅向基于服务处理器的硬件平台之一提供信任服务。 每个TPM仅向整个数据处理系统的一部分提供信任服务。

公开(公告)号：US20050246521A1

公开(公告)日：2005-11-03

申请号：US10835350

申请日：2004-04-29

申请人： Steven Bade ,  Ryan Catherman ,  James Hoff ,  Nia Kelley ,  Emily Ratliff

发明人： Steven Bade ,  Ryan Catherman ,  James Hoff ,  Nia Kelley ,  Emily Ratliff

IPC分类号： G06F21/24 ,  G06F1/00 ,  G06F3/00 ,  G06F12/00 ,  G06F12/14 ,  G06F21/00 ,  G06F21/22

CPC分类号： G06F21/53

摘要： A method is presented for implementing a trusted computing environment within a data processing system. A hypervisor is initialized within the data processing system, and the hypervisor supervises a plurality of logical, partitionable, runtime environments within the data processing system. The hypervisor reserves a logical partition for a hypervisor-based trusted platform module (TPM) and presents the hypervisor-based trusted platform module to other logical partitions as a virtual device via a device interface. Each time that the hypervisor creates a logical partition within the data processing system, the hypervisor also instantiates a logical TPM within the reserved partition such that the logical TPM is anchored to the hypervisor-based TPM. The hypervisor manages multiple logical TPM's within the reserved partition such that each logical TPM is uniquely associated with a logical partition.

摘要翻译： 呈现一种用于在数据处理系统内实现可信计算环境的方法。 在数据处理系统内初始化管理程序，并且管理程序监视数据处理系统内的多个逻辑，可分割的运行时环境。 虚拟机管理程序为基于虚拟机管理程序的可信平台模块（TPM）预留逻辑分区，并通过设备接口将基于虚拟机管理程序的可信平台模块作为虚拟设备呈现给其他逻辑分区。 每当虚拟机管理程序在数据处理系统内创建一个逻辑分区时，管理程序也会在保留的分区内实例化一个逻辑TPM，使得逻辑TPM被锚定到基于管理程序的TPM。 虚拟机管理程序管理保留分区内的多个逻辑TPM，使得每个逻辑TPM与逻辑分区唯一相关联。

公开(公告)号：US20070192597A1

公开(公告)日：2007-08-16

申请号：US11352762

申请日：2006-02-13

申请人： Steven Bade ,  Thomas Dewkett ,  Nia Kelley ,  Siegfried Sutter ,  Helmut Weber

发明人： Steven Bade ,  Thomas Dewkett ,  Nia Kelley ,  Siegfried Sutter ,  Helmut Weber

IPC分类号： H04L9/00

CPC分类号： G06F21/57

摘要： A computer implemented method for recovering a partition context in the event of a system or hardware device failure. Upon receiving a command from a partition to modify context data in a trusted platform module (TPM) hardware device, a trusted platform module input/output host partition (TMPIOP) provides an encrypted copy of the context data and the command to the TPM hardware device, which processes the command and updates the context data. If the TPM hardware device successfully processes the command, the TMPIOP receives the updated context data from the TPM hardware device and stores the updated context data received in encrypted form in a context data cache or a non-volatile storage off-board the TPM hardware device. If the TPM hardware device fails to successfully process the command, the TMPIOP uses a last valid copy of the context data to retry processing of the command on a different TPM hardware device.

摘要翻译： 一种用于在系统或硬件设备故障的情况下恢复分区上下文的计算机实现的方法。 信任平台模块输入/输出主机分区（TMPIOP）在接收到来自分区的命令以修改可信平台模块（TPM）硬件设备中的上下文数据时，将上下文数据的加密副本提供给TPM硬件设备 ，它处理命令并更新上下文数据。 如果TPM硬件设备成功地处理该命令，则TMPIOP从TPM硬件设备接收更新的上下文数据，并将以加密形式接收到的更新的上下文数据存储在上行数据高速缓存或TPM硬件设备的非易失性存储器 。 如果TPM硬件设备无法成功处理该命令，则TMPIOP将使用上一个上下文数据的最后一个有效副本来重试不同TPM硬件设备上的命令处理。

公开(公告)号：US20060026693A1

公开(公告)日：2006-02-02

申请号：US10902712

申请日：2004-07-29

申请人： Steven Bade ,  Ryan Catherman ,  James Hoff ,  Nia Kelley ,  Emily Ratliff

发明人： Steven Bade ,  Ryan Catherman ,  James Hoff ,  Nia Kelley ,  Emily Ratliff

IPC分类号： G06F11/00

CPC分类号： G06F21/34 ,  G06F21/57 ,  G06F21/575 ,  G06F2221/2129

摘要： A method, apparatus, and computer program product are described for asserting physical presence in a trusted computing environment included within a data processing system. The trusted computing environment includes a trusted platform module (TPM). The data processing system is coupled to a hardware management console. The trusted platform module determines whether the hardware management console is a trusted entity. The trusted platform module also determines whether the hardware management console has knowledge of a secret key that is possessed by the TPM. If the TPM determines that the hardware management console is a trusted entity and has knowledge of the secret key, the TPM determines that physical presence has been asserted. Otherwise, if the TPM determines that either the hardware management console is not a trusted entity or the TPM determines that the hardware management console does not have knowledge of the secret key, the TPM determines that physical presence has not been asserted and will not execute commands that require the successful assertion of “physical presence”.

公开(公告)号：US20060026422A1

公开(公告)日：2006-02-02

申请号：US10902711

申请日：2004-07-29

申请人： Steven Bade ,  Thomas Dewkett ,  Nia Kelley ,  Siegfried Sutter ,  Helmut Weber

发明人： Steven Bade ,  Thomas Dewkett ,  Nia Kelley ,  Siegfried Sutter ,  Helmut Weber

IPC分类号： H04L9/00

CPC分类号： H04L63/104 ,  H04L9/0877 ,  H04L9/0897 ,  H04L63/20 ,  H04L2209/805

摘要： A method, apparatus, and computer program product are described for implementing a trusted computing environment within a data processing system. The data processing system includes a primary hardware trusted platform module (TPM) and a secondary hardware backup TPM. The data processing system also includes multiple logical partitions. The primary hardware TPM is used to provide trusted computing services to the logical partitions. A determination is made as to whether the primary hardware TPM is malfunctioning. If a determination is made that the primary hardware TPM is malfunctioning, the secondary hardware TPM is designated as a new primary hardware TPM and is utilized instead of the primary TPM to provide trusted computing services to the logical partitions.

摘要翻译： 描述了用于在数据处理系统内实现可信计算环境的方法，装置和计算机程序产品。 数据处理系统包括主硬件可信平台模块（TPM）和辅助硬件备份TPM。 数据处理系统还包括多个逻辑分区。 主要硬件TPM用于向逻辑分区提供可信计算服务。 确定主要硬件TPM是否发生故障。 如果确定主硬件TPM出现故障，则辅助硬件TPM被指定为新的主要硬件TPM，并且被使用而不是主TPM来向逻辑分区提供可信计算服务。

公开(公告)号：US20060026419A1

公开(公告)日：2006-02-02

申请号：US10902670

申请日：2004-07-29

申请人： Richard Arndt ,  Steven Bade ,  Thomas Dewkett ,  Charles Gainey ,  Nia Kelley ,  Siegfried Sutter ,  Helmut Weber

发明人： Richard Arndt ,  Steven Bade ,  Thomas Dewkett ,  Charles Gainey ,  Nia Kelley ,  Siegfried Sutter ,  Helmut Weber

IPC分类号： H04L9/00

CPC分类号： H04L63/20 ,  G06F21/57 ,  H04L63/0876 ,  H04L63/102

摘要： A method, apparatus, and computer program product are described for implementing a trusted computing environment within a data processing system where the data processing system includes a single hardware trusted platform module (TPM). Multiple logical partitions are provided in the data processing system. A unique context is generated for each one of the logical partitions. When one of the logical partitions requires access to the hardware TPM, that partition's context is required to be stored in the hardware TPM. The hardware TPM includes a finite number of storage locations, called context slots, for storing contexts. Each context slot can store one partition's context. Each one of the partitions is associated with one of the limited number of context storage slots in the hardware TPM. At least one of the context slots is simultaneously associated with more than one of the logical partitions. Contexts are swapped into and out of the hardware TPM during runtime of the data processing system so that when ones of the partitions require access to the hardware TPM, their required contexts are currently stored in the hardware TPM.

摘要翻译： 描述了一种在数据处理系统内实现可信计算环境的方法，装置和计算机程序产品，其中数据处理系统包括单个硬件可信平台模块（TPM）。 在数据处理系统中提供了多个逻辑分区。 为每个逻辑分区生成唯一的上下文。 当其中一个逻辑分区需要访问硬件TPM时，该分区的上下文需要存储在硬件TPM中。 硬件TPM包括有限数量的存储位置，称为上下文时隙，用于存储上下文。 每个上下文时隙都可以存储一个分区的上下文。 每个分区与硬件TPM中的有限数量的上下文存储时隙中的一个相关联。 至少一个上下文时隙同时与多于一个的逻辑分区相关联。 在数据处理系统的运行期间，上下文交换进出硬件TPM，以便当这些分区中的一个需要访问硬件TPM时，其所需的上下文当前存储在硬件TPM中。

公开(公告)号：US20050234909A1

公开(公告)日：2005-10-20

申请号：US10825187

申请日：2004-04-15

申请人： Steven Bade ,  Ryan Catherman ,  James Hoff ,  Nia Kelley ,  Emily Ratliff

发明人： Steven Bade ,  Ryan Catherman ,  James Hoff ,  Nia Kelley ,  Emily Ratliff

IPC分类号： G06F7/00 ,  G06F21/00

CPC分类号： G06F21/64 ,  G06F21/552 ,  G06F21/57 ,  G06F2221/2129

摘要： A method, computer program product, and a data processing system for logging audit events in a data processing system. A sequence of audit records including a final audit record are written to a first log file stored by a data processing system. A respective first hash value of each audit record is calculated. Responsive to calculating each respective first hash value, a corresponding second hash value is calculated from the first hash value and a value of a register associated with the data processing system. The second hash value is written to the register. A second log file is opened in response to closing the first log file. A final second hash value corresponding to a first hash value of the final audit record is written to a first record of the second log file.

摘要翻译： 一种用于在数据处理系统中记录审核事件的方法，计算机程序产品和数据处理系统。 包括最终审核记录在内的一系列审核记录被写入由数据处理系统存储的第一个日志文件。 计算每个审计记录的相应的第一哈希值。 响应于计算每个相应的第一散列值，从第一散列值和与数据处理系统相关联的寄存器的值计算相应的第二散列值。 第二个哈希值被写入寄存器。 打开第二个日志文件以响应关闭第一个日志文件。 对应于最终审核记录的第一散列值的最终的第二散列值被写入第二个日志文件的第一个记录。