-
公开(公告)号:US07424745B2
公开(公告)日:2008-09-09
申请号:US11057804
申请日:2005-02-14
申请人: Richard W. Cheston , Daryl Carvis Cromer , Mark Charles Davis , Howard Jeffrey Locker , Randall Scott Springfield
发明人: Richard W. Cheston , Daryl Carvis Cromer , Mark Charles Davis , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: G06F11/30 , G06F12/14 , G06F7/04 , G06F17/30 , H04L9/32 , G06K9/00 , G06F15/177 , G06F15/16 , G06F15/18 , G08B23/00
CPC分类号: G06F21/575 , G06F21/56 , G06F2221/2115 , H04L63/1433 , H04L63/145
摘要: A method and system is described for a wireless client computer to be connected via an access point to a network only if the wireless client computer has executed all requisite anti-virus programs. Where necessary, a signal from the access point notifies an anti-viral program server that an anti-virus needs to be immediately downloaded to the wireless client computer. An anti-virus fix is installed on the wireless client computer, and a full session is then initiated between the wireless client computer and a wireless network via the access point.
摘要翻译: 如果无线客户端计算机已经执行了所有必要的防病毒程序,则描述了一种无线客户端计算机通过接入点连接到网络的方法和系统。 必要时,来自接入点的信号通知反病毒程序服务器需要立即将防病毒下载到无线客户端计算机。 在无线客户端计算机上安装了防病毒修复程序,然后通过接入点在无线客户端计算机和无线网络之间启动完整会话。
-
公开(公告)号:US07752659B2
公开(公告)日:2010-07-06
申请号:US11057795
申请日:2005-02-14
IPC分类号: G06F17/00
CPC分类号: H04L63/145
摘要: A method and system is described for selectively downloading antidotes onto a client computer. The client computer is connected via a network interface card (NIC) to a network that contains an anti-virus server. The NIC is initially logically isolated from the client computer, thus permitting the NIC to autonomously examine packets to and from the client computer and the network. The NIC selectively accepts packets only from trusted Internet Protocol (IP) addresses that conform to a security format such as Internet Protocol Security (IPSec).
摘要翻译: 描述了用于有选择地将解毒剂下载到客户端计算机上的方法和系统。 客户端计算机通过网络接口卡(NIC)连接到包含防病毒服务器的网络。 NIC最初在逻辑上与客户端计算机隔离,从而允许NIC自主地检查到客户端计算机和网络的数据包。 NIC选择性地仅接收来自符合诸如因特网协议安全(IPSec)之类的安全格式的受信任的因特网协议(IP)地址的分组。
-
3.发明授权System and method for protecting hidden protected area of HDD during operation 有权操作期间保护HDD隐藏保护区的系统和方法公开(公告)号:US07827376B2
公开(公告)日:2010-11-02
申请号:US11168088
申请日:2005-06-27
申请人: Nathan J. Peterson , Joseph Wayne Freeman , Rod David Waltermann , Randall Scott Springfield , Mark Charles Davis , Steven Dale Goodman , Howard Jeffrey Locker , Daryl Carvis Cromer
发明人: Nathan J. Peterson , Joseph Wayne Freeman , Rod David Waltermann , Randall Scott Springfield , Mark Charles Davis , Steven Dale Goodman , Howard Jeffrey Locker , Daryl Carvis Cromer
CPC分类号: G06F21/80
摘要: A “setmax” command is issued in BIOS to hide the service area (HPA) of a HDD during normal operation, so that the HPA cannot be accessed or erased inadvertently by the user or by a virus. Pressing a special key (e.g., F11) during booting permits access to the HPA.
摘要翻译: 在BIOS中发出“setmax”命令,以在正常操作期间隐藏HDD的服务区(HPA),使得HPA无法被用户或病毒无意中访问或擦除。 在启动过程中按特殊键(例如F11),可以访问HPA。
-
公开(公告)号:US07587765B2
公开(公告)日:2009-09-08
申请号:US10827165
申请日:2004-04-16
申请人: David Carroll Challener , Richard W. Cheston , Daryl Carvis Cromer , Mark Charles Davis , Howard Jeffrey Locker , Randall Scott Springfield
发明人: David Carroll Challener , Richard W. Cheston , Daryl Carvis Cromer , Mark Charles Davis , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: G06F11/00
CPC分类号: G06F8/65 , G06F21/568
摘要: A client computer is connected via a network to an anti-virus server. A signal from the anti-virus server notifies the client computer that an anti-virus needs to be immediately downloaded from the anti-virus server. The client computer disengages from the network, and re-establishes a link with only the trusted anti-virus server. The anti-virus fix is installed, the client computer re-booted, and the client computer is then allowed to reconnect to the full network. If the client's primary operating system (OS) is infected, a secondary OS in the client computer performs the anti-virus download and execution. The disengagement from the network is performed by applying a filter in a network interface card (NIC) driver by the primary OS, the secondary OS, a service processor (SP), or by a virtual machine manager (VMM), depending on which is available at the client computer.
摘要翻译: 客户端计算机通过网络连接到防病毒服务器。 来自防病毒服务器的信号通知客户端计算机需要立即从防病毒服务器下载防病毒。 客户端计算机与网络脱离联系,并重新建立与唯一可信任的防病毒服务器的链接。 安装了防病毒修复程序,客户端计算机重新启动,然后允许客户端计算机重新连接到完整的网络。 如果客户端的主操作系统(OS)被感染,客户端计算机中的辅助操作系统将执行防病毒下载和执行。 通过由主OS,辅助OS,服务处理器(SP)或虚拟机管理器(VMM)在网络接口卡(NIC)驱动器中应用过滤器来执行从网络的脱离,这取决于哪个是 在客户端计算机上可用。
-
5.发明授权公开(公告)号:US07620997B2
公开(公告)日:2009-11-17
申请号:US10748919
申请日:2003-12-22
申请人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Hernando Ovies , Randall Scott Springfield
发明人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Hernando Ovies , Randall Scott Springfield
摘要: When an authenticated wireless computer loses connectivity to a wireless access point of a network and roams to another access point, the wireless computer (e.g., a hypervisor in the computer) determines whether the new access point is authorized for secure communication and if so, releases access to secure data on the network through the new access point.
摘要翻译: 当经认证的无线计算机失去与网络的无线接入点的连接并漫游到另一接入点时,无线计算机(例如,计算机中的管理程序)确定新接入点是否被授权用于安全通信,如果是,则释放 通过新的接入点访问网络上的安全数据。
-
6.发明申请System and Method for Securely Clearing Secret Data that Remain in a Computer System Memory 有权安全清除计算机系统内存中保密数据的系统和方法公开(公告)号:US20090222915A1
公开(公告)日:2009-09-03
申请号:US12040953
申请日:2008-03-03
申请人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield
发明人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: G06F21/00
摘要: A system, method, and program product is provided that initializes a counter maintained in a nonvolatile memory of a security module to an initialization value. The security module receives requests for a secret from requesters. The security module releases the secret to the requesters and the released secrets are stored in memory areas allocated to the requesters. A counter is incremented when the secret is released. Requestors send notifications to the security module indicating that the requestor has removed the secret from the requestor's memory area. The security module decrements the counter each time a notification is received. When the computer system is rebooted, if the counter is not at the initialization value, the system memory is scrubbed erasing any secrets that remain in memory.
摘要翻译: 提供了一种系统,方法和程序产品,其将维护在安全模块的非易失性存储器中的计数器初始化为初始化值。 安全模块从请求者接收到秘密的请求。 安全模块向请求者释放秘密,所发布的秘密存储在分配给请求者的内存区域中。 当秘密被释放时,计数器递增。 请求者向安全模块发送指示请求者已经从请求者的存储区域移除了秘密的通知。 每次接收到通知时,安全模块都会递减计数器。 当计算机系统重新启动时,如果计数器不在初始化值,系统内存将被擦除擦除留在内存中的任何秘密。
-
7.发明授权Systems, methods, and media for remote wake-up and management of systems in a network 失效用于远程唤醒和管理网络中系统的系统,方法和媒体公开(公告)号:US07483966B2
公开(公告)日:2009-01-27
申请号:US10749257
申请日:2003-12-31
IPC分类号: G06F15/173
CPC分类号: G06F1/3246 , G06F1/26 , G06F1/3203 , H04L12/12 , Y02D50/40 , Y02D50/42
摘要: Systems, methods, and media for providing remote wake-up and management of systems in a network are disclosed. More particularly, hardware and/or software for a server to receive feedback from a client as to the status of its wake-on-LAN functionality is disclosed. Embodiments include hardware and/or software for determining a client to be managed, determining whether the client is active on the network, transmitting a first network packet comprising a wake-on-LAN packet, and receiving a return wake-on-LAN packet, which comprises an indication of the address of the client and an indication of the status of the wake-on-LAN functionality of the client. Embodiments may also include transmitting a command to start a management session on the client.
摘要翻译: 公开了用于在网络中提供远程唤醒和系统管理的系统,方法和媒体。 更具体地,公开了用于从客户端接收关于其唤醒LAN功能的状态的反馈的服务器的硬件和/或软件。 实施例包括用于确定要管理的客户端的硬件和/或软件,确定客户端是否在网络上是活动的,发送包括LAN唤醒分组的第一网络分组以及接收LAN上的返回唤醒分组, 其包括客户端的地址的指示和客户端的唤醒LAN功能的状态的指示。 实施例还可以包括发送命令以在客户端上启动管理会话。
-
公开(公告)号:US07330977B2
公开(公告)日:2008-02-12
申请号:US10748062
申请日:2003-12-30
IPC分类号: H04L9/00
CPC分类号: G06F21/78 , G06F11/1458 , G06F11/1469
摘要: An apparatus for securely backing up data using a cryptographic module includes a mass storage device having a first accessible portion and a second encrypted portion. The mass storage device is initialized to only decrypt the encrypted portion on the system that first created the encrypted portion. The cryptographic module may be a Trusted Platform Module (TPM) based on specifications from the Trusted Computer Group. The mass storage device comprises a trusted platform interface module configured to communicate with the TPM. The system may include a motherboard having a TPM, and the mass storage device. The method in one embodiment comprises providing a computer readable mass storage device, initializing a password module, transmitting an encrypted password to the cryptographic module, authenticating the encrypted password, decrypting the encrypted password, transmitting the decrypted password to the computer readable medium, and decrypting the second encrypted portion using the decrypted password.
摘要翻译: 使用加密模块安全地备份数据的装置包括具有第一可访问部分和第二加密部分的大容量存储设备。 大容量存储设备被初始化为仅对首先创建加密部分的系统上的加密部分进行解密。 加密模块可以是基于可信计算机组的规范的可信平台模块(TPM)。 大容量存储设备包括被配置为与TPM通信的可信平台接口模块。 该系统可以包括具有TPM的主板和大容量存储设备。 在一个实施例中的方法包括提供计算机可读大容量存储设备,初始化密码模块,向加密模块发送加密密码,认证加密密码,解密加密密码,将解密的密码发送到计算机可读介质,以及解密 使用解密密码的第二加密部分。
-
9.发明授权Method for providing a single preloaded software image with an ability to support multiple hardware configurations and multiple types of computer systems 失效用于提供具有支持多种硬件配置和多种类型的计算机系统的能力的单个预加载软件映像的方法公开(公告)号:US06944867B2
公开(公告)日:2005-09-13
申请号:US09971942
申请日:2001-10-04
申请人: Richard Wayne Cheston , Daryl Carvis Cromer , Jeffrey Mark Estroff , James Anthony Hunt , Howard Jeffrey Locker , Joshua Neil Novak , Randall Scott Springfield , James Peter Ward , Arnold Stephen Weksler
发明人: Richard Wayne Cheston , Daryl Carvis Cromer , Jeffrey Mark Estroff , James Anthony Hunt , Howard Jeffrey Locker , Joshua Neil Novak , Randall Scott Springfield , James Peter Ward , Arnold Stephen Weksler
CPC分类号: G06F9/4406 , G06F9/4411
摘要: The hard disk drive of a computer system is loaded with a preloaded image including an operating system, a number of application programs, and a device driver installation routine, all of which are not dependent on the hardware configuration of the computer system. A hidden partition of the hard disk drive is also loaded with a number of device drivers, which are dependent upon the hardware configuration. During the first boot only of the preloaded image, the device drivers are installed by the device driver installation routine.
摘要翻译: 计算机系统的硬盘驱动器装载有包括操作系统,许多应用程序和设备驱动程序安装程序的预加载映像,所有这些都不依赖于计算机系统的硬件配置。 硬盘驱动器的隐藏分区还加载了许多设备驱动程序,这些驱动程序取决于硬件配置。 在首次引导仅预载图像的情况下,设备驱动程序由设备驱动程序安装程序安装。
-
公开(公告)号:US07853804B2
公开(公告)日:2010-12-14
申请号:US11852418
申请日:2007-09-10
CPC分类号: G06F21/575
摘要: A system, method, and program product is provided that initializes expected PCRs stored in a TPM by generating and storing a random number, seeding expected PCRs with the random number, inputting a set of startup code processes to a hash algorithm resulting in a set of hash values, updating the expected PCRs using the set of hash values, and saving the expected PCRs in a nonvolatile data area that is secured by the TPM. Upon reboot, the random number is retrieved from the nonvolatile data area, the PCRs are seeded with the retrieved random number, the startup code processes are input to the hash algorithm process resulting in another set of hash values, the PCRs are updated using the resulting set of hash values, and an encrypted data object is decrypted in response to the PCRs being the same as the expected PCRs.
摘要翻译: 提供了一种系统,方法和程序产品,其通过生成和存储随机数来初始化存储在TPM中的预期PCR,将随机数的种子预期PCR输入到一个散列算法中,从而产生一组 散列值,使用该组散列值更新预期PCR,并将预期PCR保存在由TPM保护的非易失性数据区域中。 在重新启动时,从非易失性数据区域检索随机数,用检索的随机数种子PCR,将启动代码处理输入到散列算法处理,得到另一组散列值,使用所得到的更新PCR 响应于与预期PCR相同的PCR来解密加密数据对象。
-
-
-
-
-
-
-
-
-
搜索结果
170 条记录 (耗时 0.045 秒)
