-
1.发明申请Enabling attestation during return from S4 state with standard TCG hardware 有权在使用标准TCG硬件从S4状态返回期间启用认证公开(公告)号:US20060085630A1
公开(公告)日:2006-04-20
申请号:US10967760
申请日:2004-10-16
申请人: David Challener , Daryl Cromer , Joseph Freeman , Steven Goodman , James Hoff , Howard Locker , Randall Springfield , James Ward
发明人: David Challener , Daryl Cromer , Joseph Freeman , Steven Goodman , James Hoff , Howard Locker , Randall Springfield , James Ward
IPC分类号: G06F9/24
CPC分类号: G06F21/575
摘要: A method and system for enabling security attestation for a computing device during a return from an S4 sleep state. When the computing device enters into the S4 state following a successful boot up, the attestation log is appended to the TPM tick count and the log is signed (with a security signature). When the device is awaken from S4 state, the BIOS obtains and verifies the log created during the previous boot. The CRTM maintains a set of virtual PCRs and references these virtual PCRs against the log. If the values do not match, the return from S4 state fails and the device is rebooted.
摘要翻译: 一种用于在从S4睡眠状态返回期间为计算设备提供安全认证的方法和系统。 当计算设备在成功启动后进入S4状态时,认证日志会追加到TPM刻度计数,并且日志被签名(具有安全签名)。 当设备从S4状态唤醒时,BIOS将获取并验证在以前引导过程中创建的日志。 CRTM维护一组虚拟PCR,并将这些虚拟PCR引用到日志中。 如果值不匹配,则S4状态返回失败,设备重启。
-
公开(公告)号:US20060185017A1
公开(公告)日:2006-08-17
申请号:US11319329
申请日:2005-12-28
IPC分类号: G06F12/14
CPC分类号: G06F21/565 , G06F2221/2151
摘要: The present invention adds a procedure to the operating system file subsystem of a processing system that significantly reduces the amount of time necessary to verify the validity of executable files. Each executable is extended with a file signature containing a header containing validation data. This header may be added to an existing ELF header, added as a new section, or placed in a file's extended attribute store. The header contains results of all previous validation checks that have been performed. The file signature is inserted, with a date stamp, into the file attributes. On execution, the system checks the previously-created file signature against a current file signature, instead of creating the file signature for every file during the execution process. Checks to ensure that the file signature is secure, and is valid and up to date, are also implemented. Only if the file signature is not valid and up-to-date does the execution program create a new file signature at the time of execution.
摘要翻译: 本发明向处理系统的操作系统文件子系统添加了一个过程,其显着地减少了验证可执行文件的有效性所需的时间量。 每个可执行文件使用包含包含验证数据的标题的文件签名进行扩展。 该标题可以被添加到现有的ELF标题中,作为新的部分添加,或者被放置在文件的扩展属性存储中。 标题包含已执行的所有先前验证检查的结果。 将文件签名带有日期戳插入到文件属性中。 执行时,系统会根据当前文件签名检查先前创建的文件签名,而不是在执行过程中为每个文件创建文件签名。 检查以确保文件签名是安全的,并且是有效的和最新的,也被实现。 只有当文件签名无效且最新的执行程序在执行时才会创建新的文件签名。
-
公开(公告)号:US20070192581A1
公开(公告)日:2007-08-16
申请号:US11352499
申请日:2006-02-10
申请人: David Challener , Daryl Cromer , Mark Charles Davis , Jerry Dishman , Howard Locker , Randall Springfield
发明人: David Challener , Daryl Cromer , Mark Charles Davis , Jerry Dishman , Howard Locker , Randall Springfield
IPC分类号: G06F9/00 , G06F15/177
CPC分类号: G06F21/57 , G06F9/4408 , G06F21/562
摘要: A computer determines whether it has been booted from a hard disk drive or from an alternate source (e.g., a floppy drive or portable memory) that entails a higher risk of importing a virus into the computer, and if it is determined that a non-HDD source was booted from, corrective action such as a virus scan can be preemptively taken.
摘要翻译: 计算机确定是从硬盘驱动器还是从备份源(例如,软盘驱动器或便携式存储器)引导,这导致将病毒导入计算机的风险更高,并且如果确定非易失性存储器 HDD源被启动,可以抢先采取诸如病毒扫描的纠正措施。
-
公开(公告)号:US20060075144A1
公开(公告)日:2006-04-06
申请号:US10949550
申请日:2004-09-24
IPC分类号: G06F15/16
CPC分类号: H04L63/08
摘要: A method and system for remotely controlling a hard drive on a local computer. A NIC includes a Port Selector under the control of a NIC processor. Access to the hard drive is selectively afforded to either the local computer or to a remote computer by the Port Selector. Preferably, the method and system permit remote access to a local hard drive even if the local computer is disabled, due to causes including, but not limited to, system failure, lost power or corrupted data on the hard drive.
摘要翻译: 用于远程控制本地计算机上的硬盘驱动器的方法和系统。 NIC包括在NIC处理器控制下的端口选择器。 通过端口选择器选择性地向本地计算机或远程计算机提供对硬盘驱动器的访问。 优选地,即使本地计算机被禁用,该方法和系统允许远程访问本地硬盘驱动器,原因在于包括但不限于硬盘驱动器上的系统故障,功率损失或损坏的数据。
-
公开(公告)号:US20060143713A1
公开(公告)日:2006-06-29
申请号:US11024914
申请日:2004-12-28
CPC分类号: G06F21/565 , G06F2221/2151
摘要: A procedure and implementations thereof are disclosed that significantly reduce the amount of time necessary to perform a virus scan. A file signature is created each time a file is modified (i.e., with each “file write” to that file). The file signature is inserted, with a date stamp, into the file attributes. The virus scan program checks the previously-created file signature against the virus signature file instead of creating the file signature for every file during the virus scan. Checks to ensure that the file signature is secure, and is valid and up to date, are also implemented. Only if the file signature is not valid and up-to-date does the virus scan program create a new file signature at the time of the running of the virus scan.
摘要翻译: 公开了显着地减少进行病毒扫描所需的时间量的过程和实施方式。 每次修改文件(即每个“文件写入”文件)时都会创建文件签名。 将文件签名带有日期戳插入到文件属性中。 病毒扫描程序根据病毒签名文件检查先前创建的文件签名,而不是在病毒扫描期间为每个文件创建文件签名。 检查以确保文件签名是安全的,并且是有效的和最新的,也被实现。 只有当病毒扫描程序在病毒扫描运行时病毒扫描程序创建新的文件签名时,文件签名无效并且是最新的。
-
6.发明申请公开(公告)号:US20050138424A1
公开(公告)日:2005-06-23
申请号:US10748919
申请日:2003-12-22
摘要: When an authenticated wireless computer loses connectivity to a wireless access point of a network and roams to another access point, the wireless computer (e.g., a hypervisor in the computer) determines whether the new access point is authorized for secure communication and if so, releases access to secure data on the network through the new access point.
摘要翻译: 当经认证的无线计算机失去与网络的无线接入点的连接并漫游到另一接入点时,无线计算机(例如,计算机中的管理程序)确定新接入点是否被授权用于安全通信,如果是,则释放 通过新的接入点访问网络上的安全数据。
-
公开(公告)号:US20060112420A1
公开(公告)日:2006-05-25
申请号:US10994620
申请日:2004-11-22
IPC分类号: H04L9/32
CPC分类号: G06F21/41
摘要: Methods and arrangements are disclosed for secure single sign on to an operating system using only a power-on password. In many embodiments modified BIOS code prompts for, receives and verifies the power-on password. The power-on password is hashed and stored in a Platform Configuration Register of the Trusted Platform Module. In a setup mode, the trusted platform module encrypts the operating system password using the hashed power-on password. In a logon mode, the trusted platform module decrypts the operating system password using the hashed power-on password.
-
公开(公告)号:US20050132182A1
公开(公告)日:2005-06-16
申请号:US10735388
申请日:2003-12-12
申请人: David Challener , James Hoff , Randall Springfield , James Ward
发明人: David Challener , James Hoff , Randall Springfield , James Ward
CPC分类号: G06F21/57 , G06F2221/2117
摘要: A Trusted Computing Platform Alliance (TCPA) endorsement certificate is provided by comparing a trusted platform module (TPM) public key transmitted by an owner of the computing device to which the TPM belongs to a copy of the key as originally stored in a remote database prior to vending the device. If a match is found the certificate is created using the public key, and then sent to the owner of the computing device.
摘要翻译: 通过将由TPM所属的计算设备的所有者发送的可信平台模块(TPM)公钥与原始存储在远程数据库中的密钥的副本进行比较来提供可信计算平台联盟(TCPA)认可证书 自动售货机。 如果发现匹配,则使用公钥创建证书,然后发送给计算设备的所有者。
-
公开(公告)号:US20060107034A1
公开(公告)日:2006-05-18
申请号:US11321809
申请日:2005-12-29
IPC分类号: G06F9/445
CPC分类号: G06F21/57 , G06F9/4406 , G06F15/177
摘要: A computer system contains selectively available boot block codes. A first boot block is of the conventional type and is stored in storage media such as flash ROM on a system planar with the processor of the computer system. A second boot block is located on a feature card and contains an immutable security code in compliance with the Trusted Computing Platform Alliance (TCPA) specification. The boot block on the feature card is enabled if the first boot block detects the presence of the feature card. The computer system can be readily modified as the computer system is reconfigured, while maintaining compliance with the TCPA specification. A switching mechanism controls which of the boot blocks is to be activated. The feature card is disabled in the event of a computer system reset to prevent access to the TCPA compliant code and function.
-
10.发明申请METHODS AND ARRANGEMENTS FOR EFFECTING SUPPLEMENTARY MAIL TRANSFER OR MANAGEMENT 有权对补充邮件传送或管理的方法和安排公开(公告)号:US20090089808A1
公开(公告)日:2009-04-02
申请号:US11865051
申请日:2007-09-30
申请人: Howard Locker , David Challener , Daryl Cromer , James S. Rutledge , Randall Scott Springfield , James J. Thrasher , Michael Vanover
发明人: Howard Locker , David Challener , Daryl Cromer , James S. Rutledge , Randall Scott Springfield , James J. Thrasher , Michael Vanover
IPC分类号: G06F9/44
CPC分类号: G06F1/3225 , G06Q10/107
摘要: Arrangements for permitting incoming mail to be transferred from a WAN Drive to a notebook computer hard drive under conditions that are not stressful to the hard drive. Preferably, a WAN card is configured to wake a notebook when mail capacity is full or close to full. Mail is then preferably moved from the flash drive to the hard drive, subject to verification that this will not overly stress the hard drive. In a variant embodiment, the WAN card may preferably be configured to wake a notebook when mail is received at all. Again, mail is then preferably moved from the flash drive to the hard drive, subject to verification that this will not overly stress the hard drive. Once mail is moved to the hard drive, the system preferably runs an embedded email program that allows the user to employ an existing VPN infrastructure.
摘要翻译: 允许接收邮件在不受硬盘驱动器压力的条件下从WAN驱动器传输到笔记本电脑硬盘驱动器的安排。 优选地,WAN卡被配置为当邮件容量已满或接近满时唤醒笔记本电脑。 然后,邮件最好从闪存驱动器移动到硬盘驱动器,经验证,这不会过度强调硬盘驱动器。 在一个变型实施例中,WAN卡优选地被配置成完全在接收到邮件时唤醒笔记本电脑。 再次,邮件优选地从闪存驱动器移动到硬盘驱动器,经过验证,这不会过度强调硬盘驱动器。 一旦邮件移动到硬盘驱动器,系统最好运行嵌入式电子邮件程序,允许用户使用现有的VPN基础设施。
-
-
-
-
-
-
-
-
-
搜索结果
45 条记录 (耗时 0.047 秒)