-
1.发明申请Apparatus, system, and method for sealing a data repository to a trusted computing platform 有权用于将数据存储库密封到可信计算平台的装置,系统和方法公开(公告)号:US20050141717A1
公开(公告)日:2005-06-30
申请号:US10749057
申请日:2003-12-30
CPC分类号: G06F21/575 , G06F21/62 , G06F2221/2107
摘要: An apparatus, method, and system to seal a data repository to a trusted computing platform is described. The data repository may be sealed by encrypting the data on the repository and sealing a cryptographic key to a specific set of platform resources. With the data repository sealed to the platform, the system boot sequence will fail if the system configuration is compromised, for example by insertion of “snoopware” or a modified BIOS. Additionally, if the computer containing the data repository is lost or stolen, the encrypted data remains secure even if the repository is attached to a system modified to bypass normal safeguards.
摘要翻译: 描述了将数据存储库密封到可信计算平台的装置,方法和系统。 可以通过加密存储库中的数据并将密码密封到特定的一组平台资源来密封数据存储库。 将数据存储库密封到平台,如果系统配置受到威胁,例如插入“snoopware”或修改的BIOS,则系统引导顺序将失败。 另外,如果包含数据存储库的计算机丢失或被盗,加密数据将保持安全,即使存储库附加到修改为绕过正常保护措施的系统。
-
2.发明申请System and method for protecting hidden protected area of HDD during operation 有权操作期间保护HDD隐藏保护区的系统和方法公开(公告)号:US20060294298A1
公开(公告)日:2006-12-28
申请号:US11168088
申请日:2005-06-27
申请人: Nathan Peterson , Joseph Freeman , Rod Waltermann , Randall Springfield , Mark Davis , Steven Goodman , Howard Locker , Daryl Cromer
发明人: Nathan Peterson , Joseph Freeman , Rod Waltermann , Randall Springfield , Mark Davis , Steven Goodman , Howard Locker , Daryl Cromer
CPC分类号: G06F21/80
摘要: A “setmax” command is issued in BIOS to hide the service area (HPA) of a HDD during normal operation, so that the HPA cannot be accessed or erased inadvertently by the user or by a virus. Pressing a special key (e.g., F11) during booting permits access to the HPA.
摘要翻译: 在BIOS中发出“setmax”命令,以在正常操作期间隐藏HDD的服务区(HPA),使得HPA无法被用户或病毒无意中访问或擦除。 在启动过程中按特殊键(例如F11),可以访问HPA。
-
3.发明申请Enabling attestation during return from S4 state with standard TCG hardware 有权在使用标准TCG硬件从S4状态返回期间启用认证公开(公告)号:US20060085630A1
公开(公告)日:2006-04-20
申请号:US10967760
申请日:2004-10-16
申请人: David Challener , Daryl Cromer , Joseph Freeman , Steven Goodman , James Hoff , Howard Locker , Randall Springfield , James Ward
发明人: David Challener , Daryl Cromer , Joseph Freeman , Steven Goodman , James Hoff , Howard Locker , Randall Springfield , James Ward
IPC分类号: G06F9/24
CPC分类号: G06F21/575
摘要: A method and system for enabling security attestation for a computing device during a return from an S4 sleep state. When the computing device enters into the S4 state following a successful boot up, the attestation log is appended to the TPM tick count and the log is signed (with a security signature). When the device is awaken from S4 state, the BIOS obtains and verifies the log created during the previous boot. The CRTM maintains a set of virtual PCRs and references these virtual PCRs against the log. If the values do not match, the return from S4 state fails and the device is rebooted.
摘要翻译: 一种用于在从S4睡眠状态返回期间为计算设备提供安全认证的方法和系统。 当计算设备在成功启动后进入S4状态时,认证日志会追加到TPM刻度计数,并且日志被签名(具有安全签名)。 当设备从S4状态唤醒时,BIOS将获取并验证在以前引导过程中创建的日志。 CRTM维护一组虚拟PCR,并将这些虚拟PCR引用到日志中。 如果值不匹配,则S4状态返回失败,设备重启。
-
公开(公告)号:US20050166213A1
公开(公告)日:2005-07-28
申请号:US10749584
申请日:2003-12-31
CPC分类号: H04L41/26 , H04L12/12 , H04L67/34 , H04L69/329 , Y02D50/40
摘要: Methods, systems, and media are disclosed for managing a remote client of a computer system. One example embodiment includes transmitting a modified wake-on LAN (“WOL”) packet to a network receive buffer on the remote client, wherein the modified WOL packet comprises additional data, such as executable code or functions. Further, the example embodiment includes retrieving, by BIOS associated with the remote client, of the modified WOL packet from the network receive buffer, storing, by the BIOS, storing of the additional data in memory associated with the network receive buffer, and retrieving, by BIOS associated with the remote client, of the additional data from the memory. Further still, the example embodiment includes processing of the additional data, which may occur by an application stored on the PARTIES partition, wherein the parsed, additional data is interpreted and executed by the application.
摘要翻译: 公开了用于管理计算机系统的远程客户端的方法,系统和媒体。 一个示例性实施例包括将修改的唤醒LAN(“WOL”)分组发送到远程客户端上的网络接收缓冲器,其中修改的WOL分组包括诸如可执行代码或功能的附加数据。 此外,示例实施例包括通过与远程客户端相关联的BIOS从网络接收缓冲器检索修改的WOL分组,由BIOS将附加数据存储在与网络接收缓冲器相关联的存储器中, 通过与远程客户端相关联的BIOS从存储器中获取附加数据。 此外,示例实施例包括可以由存储在PARTIES分区上的应用程序发生的附加数据的处理,其中解析的附加数据由应用解释和执行。
-
公开(公告)号:US20050144493A1
公开(公告)日:2005-06-30
申请号:US10749583
申请日:2003-12-31
申请人: Daryl Cromer , Richard Dayan , Joseph Freeman , Steven Goodman , Eric Kern , Howard Locker , Randall Springfield
发明人: Daryl Cromer , Richard Dayan , Joseph Freeman , Steven Goodman , Eric Kern , Howard Locker , Randall Springfield
CPC分类号: G06F9/4416 , G06F9/4401 , G06F9/4406 , G06F9/4408 , G06F15/177 , H04L29/12235 , H04L67/34 , H04N21/443
摘要: Systems and arrangements for remotely selecting a bootable image via a WOL packet for a wake-on-LAN (WOL) capable computer are contemplated. Server-side embodiments include hardware and/or software for determining a client to be managed, determining whether the client is active on the network, and transmitting a WOL packet having a vector, or operating system partition identification (OSPID), to describe a bootable image accessible by the WOL capable computer. Some embodiments may include an OSPID that points to a secure bootable image such as a bootable image on a hard drive, a compact disk (CD) connected to the computer, or other local resource. Client-side embodiments may receive the WOL packet at, for instance, a network interface card (NIC), recognize that the WOL packet includes an OSPID that describes the bootable image to boot, and implement an alternative boot sequence to boot from that bootable image.
摘要翻译: 可以考虑通过用于具有LAN唤醒(WOL)功能的计算机的WOL分组来远程选择可启动图像的系统和布置。 服务器端实施例包括用于确定要管理的客户机的硬件和/或软件,确定客户端是否在网络上是活动的,以及发送具有向量的WOL分组或操作系统分区标识(OSPID)来描述可引导的 WOL功能的计算机可访问的图像。 一些实施例可以包括指向安全可启动图像的OSPID,例如硬盘驱动器上的可引导映像,连接到计算机的光盘(CD)或其他本地资源。 客户端实施例可以在例如网络接口卡(NIC)处接收WOL分组,识别WOL分组包括描述可启动图像引导的OSPID,并且实现替代引导序列以从该可启动图像引导 。
-
6.发明申请Systems and methods for recovering passwords and password-protected data 审中-公开用于恢复密码和受密码保护的数据的系统和方法公开(公告)号:US20060041932A1
公开(公告)日:2006-02-23
申请号:US10924103
申请日:2004-08-23
IPC分类号: H04L9/32
CPC分类号: H04L9/3226 , H04L9/0897
摘要: Systems and methods to access password-protected stored data when a corresponding data password has been lost, forgotten, or is otherwise unavailable, and to recover the data password to facilitate access to the password-protected data from a digital memory device such as a hard disk drive associated with a user computer. In some embodiments the computer is communicatively coupled with a network and receives at least one encryption key from a secure computer via the network. In other embodiments the computer is a stand alone computer and receives at least one encryption key from a removable, non-volatile memory such as a CD ROM. The encryption key is used to encrypt the data password and both are stored on the hard disk drive. If the data password becomes lost, forgotten, or otherwise unavailable, the encrypted password is recovered from the hard disk drive and decrypted to recover the data password.
摘要翻译: 当相应的数据密码丢失,被遗忘或不可用时访问受密码保护的存储数据的系统和方法,以及恢复数据密码以便于从诸如硬的数字存储设备访问受密码保护的数据 与用户计算机相关联的磁盘驱动器。 在一些实施例中,计算机与网络通信耦合,并经由网络从安全计算机接收至少一个加密密钥。 在其他实施例中,计算机是独立的计算机,并且从诸如CD ROM的可移除的非易失性存储器接收至少一个加密密钥。 加密密钥用于加密数据密码,两者都存储在硬盘驱动器上。 如果数据密码丢失,忘记或以其他方式不可用,则会从硬盘驱动器恢复加密的密码并解密以恢复数据密码。
-
公开(公告)号:US20060025965A1
公开(公告)日:2006-02-02
申请号:US10902359
申请日:2004-07-29
IPC分类号: G21C17/00
CPC分类号: G06F11/2221 , G11B20/1816 , G11B27/36 , G11B2220/2516
摘要: There are many files in the current generation of computers, especially on the hardfile, that are not used or used only infrequently during operation. For instance, the system may contain many help text files which may never be accessed. The same applies to the DLL's. Also, some files are accessed only during a boot cycle. The present invention provides a method and program to track the locations of files in a computer which have been accessed so that, when an error occurs, only the files that need to be tested are diagnostically tested for errors, thus saving time and resources.
-
公开(公告)号:US20050138396A1
公开(公告)日:2005-06-23
申请号:US10745152
申请日:2003-12-22
CPC分类号: G06F21/80 , G06F21/575
摘要: A method and system for preventing a denial of service attack on a computer system is disclosed. The method of the present invention includes setting a size of a hard disk within the computer system to a full capacity if the hard disk does not contain a host protected area, and locking the size such that the hard disk is protected from an attempt to reset the size of the hard disk resulting in a denial of service.
摘要翻译: 公开了一种用于防止对计算机系统的拒绝服务攻击的方法和系统。 本发明的方法包括:如果硬盘不包含主机保护区域,则将计算机系统内的硬盘的大小设置为满容量,并且锁定大小以使硬盘被保护以免复位 硬盘的大小导致拒绝服务。
-
9.发明申请SYSTEM AND METHOD FOR LOADING PROGRAMS FROM HDD INDEPENDENT OF OPERATING SYSTEM 有权从操作系统的HDD独立加载程序的系统和方法公开(公告)号:US20080091874A1
公开(公告)日:2008-04-17
申请号:US11954664
申请日:2007-12-12
申请人: Rod Waltermann , Nathan Peterson , Joseph Freeman , Randall Springfield , Mark Davis , Steven Goodman , Isaac Kareel , Scott Kelso
发明人: Rod Waltermann , Nathan Peterson , Joseph Freeman , Randall Springfield , Mark Davis , Steven Goodman , Isaac Kareel , Scott Kelso
IPC分类号: G06F12/00
CPC分类号: G06F9/4406
摘要: A method for booting into computer memory a non-operating system (O.S.) program from a hard disk drive (HDD) prior to booting into memory an O.S. from the HDD. The method includes establishing a table of contents (TOC) on the HDD that contains entries for special O.S. programs. A pointer to the TOC is placed in non-volatile memory of the computer that is associated with the HDD, and when BIOS of the computer is prompted to load into memory one of the special O.S. programs, the pointer is accessed and used to locate the TOC, which in turn is accessed to load the special O.S. program.
摘要翻译: 在引导到存储器之前从硬盘驱动器(HDD)引导到计算机存储器的非操作系统(O.S.)程序的方法。 从硬盘。 该方法包括在HDD上建立内容表(TOC),其中包含特殊O.S.的条目。 程式。 指向TOC的指针被放置在与HDD相关联的计算机的非易失性存储器中,并且当计算机的BIOS被提示加载到存储器中时,特别的O.S. 程序中,指针被访问并用于定位TOC,而TOC又被访问以加载特殊的O.S. 程序。
-
10.发明申请公开(公告)号:US20080046781A1
公开(公告)日:2008-02-21
申请号:US11394278
申请日:2006-03-29
申请人: Philip Childs , Mark Davis , Steven Goodman , Joseph Freeman , Randall Springfield , Rod Waltermann
发明人: Philip Childs , Mark Davis , Steven Goodman , Joseph Freeman , Randall Springfield , Rod Waltermann
IPC分类号: G06F11/14
CPC分类号: G06F11/1417 , G06F11/1666 , G06F21/56 , G06F21/575
摘要: In the event of a virally infected MBR on a hard disk drive that might prevent booting, a service MBR in a hidden protected area (HPA) can be used to boot a service O.S., and then the service MBR can be replaced with a previously backed-up MBR, also in the HPA, to mount any missing partitions.
摘要翻译: 如果硬盘驱动器上有病毒感染的MBR可能会阻止启动,则可以使用隐藏保护区域(HPA)中的服务MBR来引导服务操作系统,然后将服务MBR替换为先前支持的 -up MBR(也在HPA中)安装任何丢失的分区。
-
-
-
-
-
-
-
-
-
搜索结果
39 条记录 (耗时 0.025 秒)