公开(公告)号：US06782349B2

公开(公告)日：2004-08-24

申请号：US10063608

申请日：2002-05-03

申请人： David Carroll Challener ,  Chad Lee Gettelfinger ,  Steven Dale Goodman ,  Hernando Ovies ,  Randall Scott Springfield ,  James Peter Ward

发明人： David Carroll Challener ,  Chad Lee Gettelfinger ,  Steven Dale Goodman ,  Hernando Ovies ,  Randall Scott Springfield ,  James Peter Ward

IPC分类号： G06F1900

CPC分类号： G06F21/6218 ,  G06F21/575

摘要： A method and system for updating a root of trust measurement (RTM) function in a personal computer is disclosed. The RTM function is located in a boot block of the personal computer. The method and system comprise initializing a request to update the RTM function and unlocking the boot block based on an authentication process. The method and system further includes updating the RTM function. Through the use of the method and system in accordance with the present invention, the RTM function in a personal computer is updated in a manner that ensures that the update is authentic.

摘要翻译： 公开了一种用于更新个人计算机中的信任测度（RTM）功能根的方法和系统。 RTM功能位于个人计算机的引导块中。 该方法和系统包括：初始化更新RTM功能的请求，并基于认证过程来解锁引导块。 该方法和系统还包括更新RTM功能。 通过使用根据本发明的方法和系统，个人计算机中的RTM功能以确保更新是真实的方式被更新。

公开(公告)号：US07013384B2

公开(公告)日：2006-03-14

申请号：US10047219

申请日：2002-01-15

申请人： David Carroll Challener ,  Steven Dale Goodman ,  Kevin Michael Reinberg ,  Randall Scott Springfield ,  James Peter Ward

发明人： David Carroll Challener ,  Steven Dale Goodman ,  Kevin Michael Reinberg ,  Randall Scott Springfield ,  James Peter Ward

IPC分类号： G06F9/24

CPC分类号： G06F21/57 ,  G06F9/4406 ,  G06F15/177

摘要： A computer system contains selectively available boot block codes. A first boot block is of the conventional type and is stored in storage media such as flash ROM on a system planar with the processor of the computer system. A second boot block is located on a feature card and contains an immutable security code in compliance with the Trusted Computing Platform Alliance (TCPA) specification. The boot block on the feature card is enabled if the first boot block detects the presence of the feature card. The computer system can be readily modified as the computer system is reconfigured, while maintaining compliance with the TCPA specification. A switching mechanism controls which of the boot blocks is to be activated. The feature card is disabled in the event of a computer system reset to prevent access to the TCPA compliant code and function.

公开(公告)号：US07412596B2

公开(公告)日：2008-08-12

申请号：US10967760

申请日：2004-10-16

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Joseph Wayne Freeman ,  Steven Dale Goodman ,  James Patrick Hoff ,  Howard Jeffrey Locker ,  Randall Scott Springfield ,  James Peter Ward

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Joseph Wayne Freeman ,  Steven Dale Goodman ,  James Patrick Hoff ,  Howard Jeffrey Locker ,  Randall Scott Springfield ,  James Peter Ward

IPC分类号： G06F9/00 ,  G06F15/177

CPC分类号： G06F21/575

摘要： A method and system for enabling security attestation for a computing device during a return from an S4 sleep state. When the computing device enters into the S4 state following a successful boot up, the attestation log is appended to the TPM tick count and the log is signed (with a security signature). When the device is awaken from S4 state, the BIOS obtains and verifies the log created during the previous boot. The CRTM maintains a set of virtual PCRs and references these virtual PCRs against the log. If the values do not match, the return from S4 state fails and the device is rebooted.

摘要翻译： 一种用于在从S4睡眠状态返回期间为计算设备提供安全认证的方法和系统。 当计算设备在成功启动后进入S4状态时，认证日志会追加到TPM刻度计数，并且日志被签名（具有安全签名）。 当设备从S4状态唤醒时，BIOS将获取并验证在以前引导过程中创建的日志。 CRTM维护一组虚拟PCR，并将这些虚拟PCR引用到日志中。 如果值不匹配，则S4状态返回失败，设备重启。

公开(公告)号：US07620997B2

公开(公告)日：2009-11-17

申请号：US10748919

申请日：2003-12-22

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Hernando Ovies ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Howard Jeffrey Locker ,  Hernando Ovies ,  Randall Scott Springfield

IPC分类号： G06F7/04 ,  G06F15/16 ,  G06F17/30

CPC分类号： H04L63/08 ,  H04W12/06 ,  H04W88/08

摘要： When an authenticated wireless computer loses connectivity to a wireless access point of a network and roams to another access point, the wireless computer (e.g., a hypervisor in the computer) determines whether the new access point is authorized for secure communication and if so, releases access to secure data on the network through the new access point.

摘要翻译： 当经认证的无线计算机失去与网络的无线接入点的连接并漫游到另一接入点时，无线计算机（例如，计算机中的管理程序）确定新接入点是否被授权用于安全通信，如果是，则释放 通过新的接入点访问网络上的安全数据。

公开(公告)号：US20060184785A1

公开(公告)日：2006-08-17

申请号：US11058987

申请日：2005-02-16

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Steven Dale Goodman ,  Howard Jeffery Locker ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Steven Dale Goodman ,  Howard Jeffery Locker ,  Randall Scott Springfield

IPC分类号： H04L9/00

CPC分类号： G06F21/606 ,  G06F21/85

摘要： An apparatus, system, and method are disclosed for securing I/O communications between a blade and peripheral interface device. The apparatus includes a determination module, a source security module, and a source communication module. The determination module identifies I/O data configured for transmission to a destination module configured to receive secure I/O data. The source security module encrypts the I/O data to generate secured I/O data such that subsequent decryption of the secured I/O data is restricted to a destination module. The source communication module transmits the secured I/O data over a vulnerable communication link to the destination module. The vulnerable communication link comprises a message intercept vulnerability. The destination module is configured to unencrypt the secure I/O data for a destination device such as a display device.

摘要翻译： 公开了用于保护刀片和外围接口设备之间的I / O通信的装置，系统和方法。 该装置包括确定模块，源安全模块和源通信模块。 确定模块识别配置为传输到配置为接收安全I / O数据的目标模块的I / O数据。 源安全模块加密I / O数据以产生安全的I / O数据，使得安全I / O数据的后续解密被限制到目的地模块。 源通信模块通过易受攻击的通信链路将目标模块的安全I / O数据发送到目标模块。 脆弱的通信链路包括消息拦截漏洞。 目的地模块被配置为对诸如显示设备的目的地设备的安全I / O数据进行解密。

公开(公告)号：US07484241B2

公开(公告)日：2009-01-27

申请号：US10994620

申请日：2004-11-22

申请人： David Carroll Challener ,  Steven Dale Goodman ,  James Patrick Hoff ,  David Rivera ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Steven Dale Goodman ,  James Patrick Hoff ,  David Rivera ,  Randall Scott Springfield

IPC分类号： G06F7/04 ,  H04L9/32

CPC分类号： G06F21/41

摘要： Methods and arrangements are disclosed for secure single sign on to an operating system using only a power-on password. In many embodiments modified BIOS code prompts for, receives and verifies the power-on password. The power-on password is hashed and stored in a Platform Configuration Register of the Trusted Platform Module. In a setup mode, the trusted platform module encrypts the operating system password using the hashed power-on password. In a logon mode, the trusted platform module decrypts the operating system password using the hashed power-on password.

摘要翻译： 公开了仅使用开机密码的安全单点登录到操作系统的方法和布置。 在许多实施例中，修改的BIOS代码提示，接收和验证开机密码。 开机密码被散列并存储在可信平台模块的平台配置寄存器中。 在设置模式下，可信平台模块使用散列开机密码对操作系统密码进行加密。 在登录模式下，可信平台模块使用散列开机密码解密操作系统密码。

公开(公告)号：US07281125B2

公开(公告)日：2007-10-09

申请号：US09940155

申请日：2001-08-24

申请人： David Carroll Challener ,  Steven Dale Goodman ,  David Robert Safford ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Steven Dale Goodman ,  David Robert Safford ,  Randall Scott Springfield

IPC分类号： H04L29/00

CPC分类号： G06F21/572 ,  G06F21/575 ,  G06F21/62

摘要： A method, computer program product and computer system for securing alterable data. A computer that is remotely managed may be equipped with a protected storage that is accessible only by BIOS code. The protected storage may have the capacity to store a symmetrical encryption key. An EEPROM, which normally contains the BIOS code, may be used to store accessible configuration data as well as remotely unaccessible sensitive access information (e.g., passwords). The remotely unaccessible sensitive data is encrypted with the symmetrical encryption key by the BIOS code. Remote access to the sensitive data is accomplished via change requests submitted to the BIOS code over a secure channel. The BIOS code then determines whether the request is valid. If so, then sensitive data is decrypted, altered, encrypted, and re-written into the EEPROM. Normal access to accessible data is unaffected and remote access is allowed without changing the computer system architecture.

摘要翻译： 一种用于保护可变数据的方法，计算机程序产品和计算机系统。 远程管理的计算机可能配备有只能通过BIOS代码访问的受保护存储。 受保护的存储器可以具有存储对称加密密钥的能力。 通常包含BIOS代码的EEPROM可用于存储可访问的配置数据以及远程不可访问的敏感访问信息（例如，密码）。 远程不可访问的敏感数据通过BIOS代码用对称加密密钥加密。 通过安全通道提交给BIOS代码的更改请求，可以远程访问敏感数据。 然后，BIOS代码确定请求是否有效。 如果是这样，那么敏感数据将被解密，更改，加密并重新写入EEPROM。 对可访问数据的正常访问不受影响，并且允许远程访问，而无需更改计算机系统架构。

公开(公告)号：US07421588B2

公开(公告)日：2008-09-02

申请号：US10749057

申请日：2003-12-30

申请人： David Carroll Challener ,  Joseph Wayne Freeman ,  Steven Dale Goodman ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Joseph Wayne Freeman ,  Steven Dale Goodman ,  Randall Scott Springfield

IPC分类号： G06F12/14

CPC分类号： G06F21/575 ,  G06F21/62 ,  G06F2221/2107

摘要： An apparatus, method, and system to seal a data repository to a trusted computing platform is described. The data repository may be sealed by encrypting the data on the repository and sealing a cryptographic key to a specific set of platform resources. With the data repository sealed to the platform, the system boot sequence will fail if the system configuration is compromised, for example by insertion of “snoopware” or a modified BIOS. Additionally, if the computer containing the data repository is lost or stolen, the encrypted data remains secure even if the repository is attached to a system modified to bypass normal safeguards.

摘要翻译： 描述了将数据存储库密封到可信计算平台的装置，方法和系统。 可以通过加密存储库中的数据并将密码密封到特定的一组平台资源来密封数据存储库。 将数据存储库密封到平台，如果系统配置受到威胁，例如插入“snoopware”或修改的BIOS，则系统引导顺序将失败。 另外，如果包含数据存储库的计算机丢失或被盗，加密数据将保持安全，即使存储库附加到修改为绕过正常保护措施的系统。

公开(公告)号：US06687825B1

公开(公告)日：2004-02-03

申请号：US09527367

申请日：2000-03-17

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Dhruv Manmohandas Desai ,  Charles William Kaufman ,  Hernando Ovies ,  James Peter Ward

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Dhruv Manmohandas Desai ,  Charles William Kaufman ,  Hernando Ovies ,  James Peter Ward

IPC分类号： G06F1130

CPC分类号： G06F21/80 ,  G06F21/6209

摘要： A data processing system and method are disclosed for protecting data within a hard disk drive included within a data processing system. Data is generated. A signature value is provided which is stored in a signature device. The signature device is capable of being inserted into and removed from a computer system. A textual description of the data is created. The data is encrypted utilizing both the signature value stored on the device and the textual description. The encrypted data is then stored on the hard disk drive. The data processing system does not permanently store encryption keys.

摘要翻译： 公开了一种用于保护包含在数据处理系统内的硬盘驱动器内的数据的数据处理系统和方法。 生成数据。 提供签名值，其被存储在签名设备中。 签名装置能够插入计算机系统和从计算机系统中移除。 创建数据的文本描述。 使用存储在设备上的签名值和文本描述来加密数据。 然后将加密的数据存储在硬盘驱动器上。 数据处理系统不会永久存储加密密钥。

公开(公告)号：US06598032B1

公开(公告)日：2003-07-22

申请号：US09523490

申请日：2000-03-10

申请人： David Carroll Challener ,  Joseph McGovern ,  Hernando Ovies ,  James Peter Ward

发明人： David Carroll Challener ,  Joseph McGovern ,  Hernando Ovies ,  James Peter Ward

IPC分类号： G06F1760

CPC分类号： G07F7/1008 ,  G06Q20/382 ,  G06Q20/401 ,  G06Q20/4012 ,  G07F7/1025

摘要： A system and method for isolating a computer system from entry of a personal identification number (PIN) to a smart card. The system and method includes a computer system that is in communication with an unsecure network to allow a user to engage in a purchase transaction. The system and method also includes a smart card reader in which a smart card is inserted and read. A secure personal-identification-number (PIN) entry device is coupled between the computer system and the smart card reader. The secure PIN entry device is used for entering a correct code for the PIN. Communication between computer system and secure PIN entry device is disconnected until the correct code for the PIN is entered at secure PIN entry device and sent to the smart card in order to authorize use of the smart card for the purchase transaction. In response to the correct code for the PIN being entered and sent to the smart card, communication between computer system and secure PIN entry device is established. The secure PIN entry device has a processor for controlling the disconnection and connection of communication between the computer system and the secure PIN entry device. The secure PIN entry device also has a display for displaying a message request relating to the purchase transaction. The message request prompts a user to provide the PIN to authorize use of the smart card for a purchase transaction.

摘要翻译： 一种用于将计算机系统与个人识别号码（PIN）输入到智能卡的系统和方法。 该系统和方法包括与不安全网络通信以允许用户参与购买交易的计算机系统。 该系统和方法还包括其中插入和读取智能卡的智能卡读卡器。 安全的个人识别号码（PIN）输入设备耦合在计算机系统和智能卡读卡器之间。 安全PIN输入设备用于输入PIN的正确代码。 计算机系统和安全PIN输入设备之间的通信被断开，直到PIN的正确代码被输入到安全的PIN输入设备并被发送到智能卡以授权使用智能卡进行购买交易。 为了响应正在输入的PIN并将其发送到智能卡的正确代码，建立计算机系统和安全PIN输入设备之间的通信。 安全PIN输入设备具有用于控制计算机系统和安全PIN输入设备之间的通信的断开和连接的处理器。 安全PIN输入设备还具有用于显示与购买交易相关的消息请求的显示。 消息请求提示用户提供PIN以授权使用智能卡进行购买交易。