Computing device limiting mechanism
    1.
    发明申请
    Computing device limiting mechanism 有权
    计算设备限制机制

    公开(公告)号:US20070136570A1

    公开(公告)日:2007-06-14

    申请号:US11515410

    申请日:2006-08-31

    IPC分类号: G06F15/177 G06F9/00

    摘要: Described is a technology by which a computing device is booted into a normal mode of operation or a limited mode of operation, depending on whether the computing device was operating correctly (e.g., with respect to policy) prior to a reboot. The reboot may be forced. Examples of incorrect state include an overdue payment on a leased computer, or improper execution of certain important software. A metering mechanism evaluates the state of the computing device, and when an incorrect state is detected, configures the computing device for operation in the limited mode, by setting the computing device to boot via one boot path (e.g., a limited-mode BIOS) instead of another boot path (e.g., a normal-mode BIOS). A BIOS selector switches to the limited BIOS on the next reboot, wherein the computing device is restricted to the limited mode of operation (regardless of subsequent reboots) until the correct state is restored.

    摘要翻译: 描述了根据计算设备在重新启动之前是否正确地操作(例如,关于策略)是否将计算设备引导到正常操作模式或有限操作模式的技术。 重启可能会被强制。 错误状态的示例包括租用计算机上的逾期付款或某些重要软件的不当执行。 计量机构评估计算装置的状态,并且当检测到不正确的状态时,通过将计算装置通过一个引导路径(例如,限制模式BIOS)来设置计算装置来配置在限制模式中操作的计算装置, 而不是另一个引导路径(例如,普通模式BIOS)。 BIOS选择器在下一次重新启动时切换到有限的BIOS,其中计算设备被限制到有限的操作模式(不管后续重新启动),直到恢复正确的状态。

    Disaggregated secure execution environment
    2.
    发明申请
    Disaggregated secure execution environment 有权
    分解的安全执行环境

    公开(公告)号:US20070192825A1

    公开(公告)日:2007-08-16

    申请号:US11353675

    申请日:2006-02-14

    IPC分类号: H04L9/00

    摘要: An electronic device, such as, a computer, may be adapted for self-monitoring for compliance to an operating policy. The operating policy may specify a pay-per-use or subscription business model and measurements associated with compliant usage. A secure execution environment may measure usage in accordance with the business model as well as monitor and enforce compliance to the operating policy. To increase the difficulty of attacking or otherwise disabling the secure execution environment, elements of the secure execution environment may be distributed. The distribution points may include other functional elements of the computer, such as interface circuits, or may even be remotely located over a network. An implementation method for disaggregating the secure execution environment is also disclosed.

    摘要翻译: 诸如计算机的电子设备可以适于自我监视以符合操作策略。 操作策略可以指定按使用付费或订阅业务模式以及与合规使用相关联的测量。 安全执行环境可以根据业务模式来测量使用情况,并监视和实施对操作策略的遵守。 为了增加攻击或以其他方式禁用安全执行环境的难度,可以分发安全执行环境的元素。 分发点可以包括计算机的其他功能元件,例如接口电路,或者甚至可以远程位于网络上。 还公开了用于分解安全执行环境的实现方法。

    Method and apparatus for provisioning software
    5.
    发明授权
    Method and apparatus for provisioning software 失效
    用于配置软件的方法和装置

    公开(公告)号:US07610631B2

    公开(公告)日:2009-10-27

    申请号:US10989122

    申请日:2004-11-15

    IPC分类号: G06F21/00

    摘要: A dynamic software provisioning system allows provisioning software on a number of different computing devices based upon a desired business process. The dynamic software provisioning system allows a user to request usage of the operating system for a specific period of time, for a specific amount of usage, or in any other desired manner from an operating system provisioning service or from a third party. The provisioning service processes the request from the user or from the third party to provision the use of the operating system and in response to the request provisions use of the operating system for a specific device specified by the request. The dynamic software activation system also includes a local provisioning module located on the device using the operating system, wherein the local provisioning module activates and deactivates the operating system based on instructions received from the provisioning service.

    摘要翻译: 动态软件供应系统允许基于期望的业务过程在许多不同的计算设备上配置软件。 动态软件供应系统允许用户在特定时间段,特定的使用量或以任何其它期望的方式从操作系统供应服务或第三方请求操作系统的使用。 供应服务处理来自用户或来自第三方的请求以提供操作系统的使用,并响应于请求规定对由请求指定的特定设备使用操作系统。 动态软件激活系统还包括使用操作系统位于设备上的本地供应模块,其中本地供应模块基于从供应服务接收到的指令来激活和停用操作系统。

    Hardware-aided software code measurement
    6.
    发明申请
    Hardware-aided software code measurement 有权
    硬件辅助软件代码测量

    公开(公告)号:US20070107056A1

    公开(公告)日:2007-05-10

    申请号:US11418710

    申请日:2006-05-05

    IPC分类号: G06F12/14

    CPC分类号: G06F11/0751 G06F11/0706

    摘要: Described is an independent computation environment that is built into one or more hardware components of a computer system, wherein the independent computation environment hosts a logic that measures the health of other software code that executes in memory. Examples of ways to measure health include performing a mathematical computation such as a computing a hash/digital signature on the software code in the memory, and/or evaluating statistical information related to the execution of the code and/or the code's being loaded into memory. By executing the logic in an independent computation environment, the health of software code may be measured against policy/metadata in a tamper-proof or tamper-resistant environment. When the software code measurement does not comply with the policy, some action may be taken action to penalize the computer system.

    摘要翻译: 描述了内置在计算机系统的一个或多个硬件组件中的独立计算环境,其中独立计算环境承载测量在存储器中执行的其他软件代码的健康状况的逻辑。 衡量健康的方法的示例包括执行诸如在存储器中的软件代码上计算散列/数字签名的数学计算,和/或评估与代码的执行相关的统计信息和/或被加载到存储器中的代码 。 通过在独立的计算环境中执行逻辑,可以根据防篡改或防篡改环境中的策略/元数据来衡量软件代码的健康状况。 当软件代码测量不符合该策略时,可采取一些行动来惩罚计算机系统。

    Special PC mode entered upon detection of undesired state
    7.
    发明申请
    Special PC mode entered upon detection of undesired state 有权
    检测到不良状态时进入特殊PC模式

    公开(公告)号:US20060107329A1

    公开(公告)日:2006-05-18

    申请号:US11152214

    申请日:2005-06-14

    IPC分类号: H04N7/16

    摘要: A system and method for monitoring a computer, particularly a pay-per-use computer, uses an isolated computing environment or supervisor. The isolated computing environment boots prior to any boot device associated with an operating system, runs concurrently with the operating system and monitors and measures the computer in operation. Once the isolated computing environment determines the computer is not in compliance with the required policies, the isolated computing environment may either impose an impediment to use such as slowing clock speed or completely disable the operating system. The user may have to return the computer to a service provider to restore it from the offending condition and reset the computer to an operational state.

    摘要翻译: 用于监视计算机的系统和方法,特别是按使用付费的计算机,使用隔离的计算环境或主管。 隔离的计算环境在与操作系统相关联的任何引导设备之前启动,与操作系统并发运行,并监视和测量运行中的计算机。 一旦隔离的计算环境确定计算机不符合所需的策略,孤立的计算环境可能会施加障碍,例如减慢时钟速度或完全禁用操作系统。 用户可能必须将计算机返回给服务提供商以将其从违规状态恢复,并将计算机重置为操作状态。

    Prepaid or pay-as-you-go software, content and services delivered in a secure manner
    8.
    发明申请
    Prepaid or pay-as-you-go software, content and services delivered in a secure manner 审中-公开
    以安全的方式提供的预付费或即付即用软件,内容和服务

    公开(公告)号:US20070061268A1

    公开(公告)日:2007-03-15

    申请号:US11224651

    申请日:2005-09-12

    IPC分类号: G06Q99/00

    CPC分类号: G06Q30/04

    摘要: A computer participates in a system for licensing use in a metered fashion using individual licenses cryptographically linked to the computer and a particular service provider or underwriter. The computer may have a cryptographic unit, secure memory, sanction and metering functions as part of a secure execution environment for enabling metered operation and conformance to a security policy. Payment for licenses may be made through a payment system with licenses generated at a server with access to cryptographic functions for verification of requests, certificate/key pair generation, and signing licenses.

    摘要翻译: 计算机使用与计算机和特定服务提供商或承销商密码相关联的个人许可来参与用于以计量方式许可使用的系统。 计算机可以具有加密单元,安全存储器,制裁和计量功能,作为用于实现计量操作和符合安全策略的安全执行环境的一部分。 许可证的支付可以通过支付系统进行,该系统具有在具有用于验证请求,证书/密钥对生成和签名许可证的加密功能的服务器上生成的许可证。

    Business method for pay-as-you-go computer and dynamic differential pricing
    10.
    发明申请
    Business method for pay-as-you-go computer and dynamic differential pricing 审中-公开
    现金付费计算机的业务方法和动态差异定价

    公开(公告)号:US20060165005A1

    公开(公告)日:2006-07-27

    申请号:US11006837

    申请日:2004-12-08

    IPC分类号: H04J1/16 H04J3/14

    CPC分类号: G06Q30/06 G06Q30/0284

    摘要: A system for supplying computers with little or no upfront payment has a service provider, a computer, and an optional funding account. The computer is adapted to render itself substantially useless unless provisioned by the service provider. The service provider has a capability to collect funds from the user and to provide the data necessary for continued operation of the computer. Cryptographic means may be employed to generate and receive the data necessary for continued operation of the computer. The computer's self-imposed sanctions may include slowed operation, reduced graphics capability, limited communication, and limited access to peripherals.

    摘要翻译: 用于提供几乎没有或没有预付款的计算机的系统具有服务提供商,计算机和可选的资金账户。 除非由服务提供商提供,否则该计算机适于使其本身基本上无用。 服务提供商有能力从用户那里收集资金并提供计算机持续运行所需的数据。 可以使用加密手段来生成和接收计算机的继续操作所需的数据。 计算机的自制制裁可能包括操作速度减慢,图形能力下降,通信有限以及对外设的访问受限。