公开(公告)号：US07590834B2

公开(公告)日：2009-09-15

申请号：US11352499

申请日：2006-02-10

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Jerry Clyde Dishman ,  Howard Jeffery Locker ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Mark Charles Davis ,  Jerry Clyde Dishman ,  Howard Jeffery Locker ,  Randall Scott Springfield

IPC分类号： G06F9/00 ,  G06F12/14 ,  G06F15/177 ,  G08B23/00

CPC分类号： G06F21/57 ,  G06F9/4408 ,  G06F21/562

摘要： A computer determines whether it has been booted from a hard disk drive or from an alternate source (e.g., a floppy drive or portable memory) that entails a higher risk of importing a virus into the computer, and if it is determined that a non-HDD source was booted from, corrective action such as a virus scan can be preemptively taken.

摘要翻译： 计算机确定是从硬盘驱动器还是从备份源（例如，软盘驱动器或便携式存储器）引导，这导致将病毒导入计算机的风险更高，并且如果确定非易失性存储器 HDD源被启动，可以抢先采取诸如病毒扫描的纠正措施。

公开(公告)号：US20060184785A1

公开(公告)日：2006-08-17

申请号：US11058987

申请日：2005-02-16

申请人： David Carroll Challener ,  Daryl Carvis Cromer ,  Steven Dale Goodman ,  Howard Jeffery Locker ,  Randall Scott Springfield

发明人： David Carroll Challener ,  Daryl Carvis Cromer ,  Steven Dale Goodman ,  Howard Jeffery Locker ,  Randall Scott Springfield

IPC分类号： H04L9/00

CPC分类号： G06F21/606 ,  G06F21/85

摘要： An apparatus, system, and method are disclosed for securing I/O communications between a blade and peripheral interface device. The apparatus includes a determination module, a source security module, and a source communication module. The determination module identifies I/O data configured for transmission to a destination module configured to receive secure I/O data. The source security module encrypts the I/O data to generate secured I/O data such that subsequent decryption of the secured I/O data is restricted to a destination module. The source communication module transmits the secured I/O data over a vulnerable communication link to the destination module. The vulnerable communication link comprises a message intercept vulnerability. The destination module is configured to unencrypt the secure I/O data for a destination device such as a display device.

摘要翻译： 公开了用于保护刀片和外围接口设备之间的I / O通信的装置，系统和方法。 该装置包括确定模块，源安全模块和源通信模块。 确定模块识别配置为传输到配置为接收安全I / O数据的目标模块的I / O数据。 源安全模块加密I / O数据以产生安全的I / O数据，使得安全I / O数据的后续解密被限制到目的地模块。 源通信模块通过易受攻击的通信链路将目标模块的安全I / O数据发送到目标模块。 脆弱的通信链路包括消息拦截漏洞。 目的地模块被配置为对诸如显示设备的目的地设备的安全I / O数据进行解密。

公开(公告)号：US06701349B1

公开(公告)日：2004-03-02

申请号：US09356190

申请日：1999-07-16

申请人： Daryl Carvis Cromer ,  Brandon Jon Ellison ,  Eric Richard Kern ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Daryl Carvis Cromer ,  Brandon Jon Ellison ,  Eric Richard Kern ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F1300

CPC分类号： H04L63/10 ,  G06F13/385 ,  H04L63/126 ,  H04L67/322 ,  H04L69/329

摘要： A data processing system and method are disclosed for prohibiting an unauthorized user from modifying a priority level associated with a client computer system. The priority level is utilized by a client computer system during transmission of the client's data over a network. One of a plurality of priority levels is associated with the client computer system. The plurality of priority levels includes a higher priority level and a lower priority level. The client computer system associates the priority level with the data transmitted by the client computer system over the network. The data associated with the higher priority level is typically transmitted prior to data associated with the lower priority level. In response to an attempt to modify the associated priority level, the client determines whether the attempt is being made by an approved user. In response to a determination that the attempt is not being made by an approved user, the attempted modification of the priority level is prohibited. In another embodiment, a priority level may be associated with each class of data. When the client computer system transmits a packet, the client determines which class of data is included in the packet. The priority level associated with that class is then associated with the packet including that class of data. The client, then, transmits the packet which is associated with one of the priority levels.

摘要翻译： 公开了一种数据处理系统和方法，用于禁止未经授权的用户修改与客户端计算机系统相关联的优先级。 在通过网络传送客户端的数据时，客户端计算机系统利用优先级。 多个优先级中的一个与客户端计算机系统相关联。 多个优先级包括较高优先级和较低优先级。 客户端计算机系统将优先级与客户端计算机系统通过网络发送的数据相关联。 与较高优先级相关联的数据通常在与较低优先级相关联的数据之前传输。 响应于尝试修改相关联的优先级，客户端确定尝试是否由批准​​用户进行。 为了对被许可用户不进行尝试的确定作出回应，禁止尝试修改优先级。 在另一个实施例中，优先级可以与每类数据相关联。 当客户端计算机系统发送数据包时，客户端确定数据包中包含哪一类数据。 然后，与该类相关联的优先级与包括该类数据的分组相关联。 然后，客户端发送与优先级中的一个相关联的分组。

公开(公告)号：US06671720B1

公开(公告)日：2003-12-30

申请号：US09516429

申请日：2000-03-01

申请人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Dhruv Manmohandas Desai ,  Howard Jeffery Locker ,  James Peter Ward

发明人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Dhruv Manmohandas Desai ,  Howard Jeffery Locker ,  James Peter Ward

IPC分类号： G06F15177

CPC分类号： H04L29/12273 ,  H04L61/2015 ,  H04L61/2053

摘要： A data processing system and method are described for providing a dynamically assigned network address to a client computer system. The data processing system includes a server computer system coupled to the network. An access port is provided which is coupled to the network. The computer system is coupled to the network utilizing the access port. The computer system is then powered on. The computer system requires a network address in order to communicate utilizing the network. The computer system initially has no stored network address each time prior to being powered on. A dynamic network address is provided to the computer system utilizing only the access port each time the computer system is powering on.

摘要翻译： 描述了一种用于向客户端计算机系统提供动态分配的网络地址的数据处理系统和方法。 数据处理系统包括耦合到网络的服务器计算机系统。 提供了连接到网络的访问端口。 计算机系统利用接入端口耦合到网络。 然后打开计算机系统电源。 计算机系统需要网络地址才能使用网络进行通信。 计算机系统在每次上电前最初都没有存储的网络地址。 每当计算机系统上电时，仅使用访问端口的计算机系统提供动态网络地址。

公开(公告)号：US06978385B1

公开(公告)日：2005-12-20

申请号：US09516430

申请日：2000-03-01

申请人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Richard Alan Dayan ,  Dhruv Manmohandas Desai ,  Jan M. Janick ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  James Peter Ward

发明人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Richard Alan Dayan ,  Dhruv Manmohandas Desai ,  Jan M. Janick ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  James Peter Ward

IPC分类号： G06F1/00 ,  G06F9/445 ,  G06F15/00 ,  G06F21/00 ,  G06F21/20 ,  H04L9/32 ,  H04L29/06

CPC分类号： H04L63/083 ,  G06F21/31 ,  G06F21/575 ,  G06F2221/2131

摘要： A data processing system and method are disclosed for remotely recovering a client computer system's primary password. The primary password be correctly entered prior to the client computer system becoming fully accessible to a user. The client computer system is coupled to a server computer system utilizing a network. Prior to the client computer system completing a boot process, a user is prompted to enter the primary password. An interrogative password method is provided in response to an incorrect entry of the primary password. The primary password is recoverable in response to a successful execution of the interrogative password method. The primary password is recoverable from the server computer system by the client computer system prior to said client computer system completing said boot process utilizing the interrogative password method.

摘要翻译： 公开了用于远程恢复客户端计算机系统的主密码的数据处理系统和方法。 在客户端计算机系统完全访问用户之前，主密码被正确输入。 客户端计算机系统利用网络耦合到服务器计算机系统。 在客户端计算机系统完成启动过程之前，会提示用户输入主密码。 响应主密码的输入错误提供询问密码方法。 响应成功执行询问密码方法，可以恢复主密码。 在所述客户端计算机系统利用询问密码方法完成所述引导过程之前，客户计算机系统可以从服务器计算机系统恢复主密码。

公开(公告)号：US06412025B1

公开(公告)日：2002-06-25

申请号：US09282136

申请日：1999-03-31

申请人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Dhruv Manmohandas Desai ,  Brandon Jon Ellison ,  Howard Jeffery Locker ,  Eric Richard Kern ,  David Rhoades ,  James Peter Ward

发明人： Richard W. Cheston ,  Daryl Carvis Cromer ,  Dhruv Manmohandas Desai ,  Brandon Jon Ellison ,  Howard Jeffery Locker ,  Eric Richard Kern ,  David Rhoades ,  James Peter Ward

IPC分类号： G06F1314

CPC分类号： H04L61/2015 ,  G06F13/128 ,  H04L41/0816 ,  H04L41/0869 ,  H04L41/0873

摘要： A system and method for connecting a computer terminal (e.g., a personal computer) to a data transmission network with the appropriate settings for connection obtained from the network if the terminal has been moved and the settings are not appropriate for the new location. The system and method involve detecting that the terminal has been removed from the data transmission network, and, if the terminal has been moved, checking to determine whether the previous settings are appropriate for use in the new location. If the settings are appropriate, then the previous settings are used; if not, new settings for the terminal are obtained from the network, using a program such as the IBM's Dynamic Host Connection Program (DHCP), with the details on the settings (or connection) maintained at both the network and the computer terminal and updated when a new or changed connection to the data transmission network is made.

摘要翻译： 一种用于将计算机终端（例如，个人计算机）连接到数据传输网络的系统和方法，其中如果终端已被移动并且该设置不适合于新位置，则从网络获得的用于连接的适当设置。 系统和方法涉及检测终端已经从数据传输网络中移除，并且如果终端已被移动，则进行检查以确定先前的设置是否适合在新位置中使用。 如果设置合适，则使用以前的设置; 如果没有，则使用诸如IBM的动态主机连接程序（DHCP）的程序从网络获得终端的新设置，以及在网络和计算机终端上维护的设置（或连接）的详细信息并更新 当与数据传输网络建立新的或更改的连接时。

公开(公告)号：US06397249B1

公开(公告)日：2002-05-28

申请号：US09206259

申请日：1998-11-24

申请人： Daryl Carvis Cromer ,  Brandon Jon Ellison ,  Eric R. Kern ,  Gregory W. Kilmer ,  James Peter Ward ,  Howard Jeffery Locker

发明人： Daryl Carvis Cromer ,  Brandon Jon Ellison ,  Eric R. Kern ,  Gregory W. Kilmer ,  James Peter Ward ,  Howard Jeffery Locker

IPC分类号： G06F15173

CPC分类号： H04W64/00 ,  H04L29/06 ,  H04L67/16 ,  H04L67/18 ,  H04L69/329 ,  H04W8/26 ,  H04W88/02 ,  H04W88/14

摘要： A data processing system and method are described for determining a physical location of a client computer system. The client and server computer systems are coupled together to form a local area network. Identifying information is associated with a tag. The client computer system transmits a wireless query signal to a physical region. In response to the tag being located within the physical region, the tag receives the wireless query signal. In response to a receipt of the query signal by the tag, the tag transmits a reply signal. The reply signal includes the identifying information. In response to a receipt of the reply signal by the client computer system, the physical location of the client computer system is determined utilizing the identifying information.

摘要翻译： 描述了用于确定客户端计算机系统的物理位置的数据处理系统和方法。 客户端和服务器计算机系统耦合在一起以形成局域网。 识别信息与标签相关联。 客户端计算机系统向物理区域发送无线查询信号。 响应于标签位于物理区域内，标签接收无线查询信号。 响应于标签接收到查询信号，标签发送回复信号。 答复信号包括识别信息。 响应于客户端计算机系统接收到应答信号，利用识别信息确定客户端计算机系统的物理位置。

公开(公告)号：US06920561B1

公开(公告)日：2005-07-19

申请号：US09542048

申请日：2000-03-31

申请人： Christopher Britton Gould ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  Michael T. Vanover ,  James Peter Ward

发明人： Christopher Britton Gould ,  Howard Jeffery Locker ,  Andy Lloyd Trotter ,  Michael T. Vanover ,  James Peter Ward

IPC分类号： G06F11/30 ,  G06F21/00 ,  H04L9/32

CPC分类号： G06F21/34 ,  G06F21/32

摘要： A method for providing an authentication of a user of a computer system in a network is disclosed. The method comprises capturing biometric data of a user; encrypting and signing the biometric data with a private key and sending the encrypted and signed data to a central server in the network. The method further comprises accepting and verifying credentials associated with the signed and encrypted data from the server utilizing the public key from the server. The method further comprises installing the credentials into the computer if the credentials are verified. In a method and system in accordance with the present invention, a user can walk up to any client within an enterprise and have their locally captured biometric input authenticated at a central server. The user can then have their individual credentials securely imported to the local client for subsequent use during that time period, without needing any additional identification or memory token such as a smartcard.

摘要翻译： 公开了一种用于在网络中提供计算机系统的用户的认证的方法。 该方法包括捕获用户的生物特征数据; 使用私钥对生物特征数据进行加密和签名，并将加密和签名的数据发送到网络中的中央服务器。 该方法还包括使用来自服务器的公开密钥从服务器接受和验证与签名和加密的数据相关联的凭证。 该方法还包括如果凭证被验证，则将证书安装到计算机中。 在根据本发明的方法和系统中，用户可以走到企业内的任何客户端并且使其本地捕获的生物特征输入在中央服务器上被认证。 然后，用户可以将其各自的凭证安全地导入到本地客户端，以便在该时间段内进行后续使用，而不需要任何附加标识或诸如智能卡的存储器令牌。

公开(公告)号：US6151211A

公开(公告)日：2000-11-21

申请号：US458754

申请日：1999-12-10

申请人： Richard Alan Dayan ,  Howard Jeffery Locker

发明人： Richard Alan Dayan ,  Howard Jeffery Locker

IPC分类号： G06F1/18 ,  G06F1/20 ,  H05K7/20

CPC分类号： G06F1/20 ,  G06F1/181

摘要： A carton for shipping a computer is provided with an access panel in one of its sidewalls. The access panel is located adjacent to the power connector, network connector, and power switch for the computer. The access panel provides external access to the connectors and the switch when the computer is packaged inside the carton. The carton also has an intake flap and an exhaust flap in its other sidewalls. If the computer needs to be reconfigured or otherwise electronically accessed, the task may be performed without removing the computer from the carton. The access flap is opened so that power and network cables may be coupled to the computer connectors. One end of a ventilation hose is attached to the aperture formed by the intake flap and the other end of the hose is secured to an air compressor. When the computer is operational, the air compressor supplies compressed air through the hose to force ventilating air into the carton. The air circulates inside the carton, around the computer and out the exhaust port to maintain the thermally sensitive components of the computer in an acceptable operating temperature range. In addition, ventilation may be supplied or augmented by evacuating air through the exhaust port.

摘要翻译： 用于运送计算机的纸箱在其侧壁之一中设置有检修面板。 检修面板位于计算机的电源连接器，网络连接器和电源开关附近。 当计算机包装在纸箱内部时，检修面板可以对连接器和开关进行外部访问。 纸箱也在其他侧壁上具有进气口和排气挡板。 如果计算机需要重新配置或以其他方式电子访问，则可以执行该任务而不将计算机从纸箱中取出。 打开进入挡板，使电源和网络电缆可以连接到计算机连接器。 通气软管的一端连接到由进气口形成的孔中，软管的另一端固定在空气压缩机上。 当计算机运行时，空气压缩机通过软管提供压缩空气，以迫使通风空气进入纸箱。 空气在纸箱内，电脑周围循环并排出排气口，将计算机的热敏组件保持在可接受的工作温度范围内。 此外，可以通过排气口排出空气来提供或增加通风。