-
公开(公告)号:US20070283450A1
公开(公告)日:2007-12-06
申请号:US11839372
申请日:2007-08-15
申请人: Douglas Anson , James Lowery , Frank Molsberry
发明人: Douglas Anson , James Lowery , Frank Molsberry
IPC分类号: H04L9/00
摘要: A method supports secure input/output (I/O) communications between an I/O device and a data processing system via a keyboard, video, and mouse (KVM) switch. An example embodiment includes the operations of establishing a first secure communication channel between the KVM switch and the I/O device and establishing a second secure communication channel between the KVM switch and the data processing system. In addition, I/O data may be received at the KVM switch from the I/O device via the first secure communication channel. In response to receipt of the I/O data from the I/O device, the I/O data may be transmitted from the KVM switch to the data processing system via the second secure communication channel. Embodiments may also include support for non-secure channels between the KVM switch and non-secured I/O devices, non-secured data processing systems, or both.
摘要翻译: 一种方法通过键盘,视频和鼠标(KVM)开关支持I / O设备和数据处理系统之间的安全输入/输出(I / O)通信。 示例性实施例包括在KVM切换器和I / O设备之间建立第一安全通信信道并在KVM切换器和数据处理系统之间建立第二安全通信信道的操作。 此外,I / O数据可以经由第一安全通信信道从I / O设备在KVM切换器处被接收。 响应于从I / O设备接收I / O数据,I / O数据可以经由第二安全通信信道从KVM切换器发送到数据处理系统。 实施例还可以包括支持KVM切换器与非安全I / O设备之间的非安全通道,非安全数据处理系统或两者。
-
公开(公告)号:US20050033970A1
公开(公告)日:2005-02-10
申请号:US10634942
申请日:2003-08-05
IPC分类号: G06F12/14
CPC分类号: G06F12/1433
摘要: A system and method for securing access to memory modules includes a memory module, a virtual memory module, a boot module, and a gatekeeper. The boot module accepts a key and requests for the memory module and provides the requests and the key to the virtual memory module. The virtual memory module is externally accessible by the boot module and accepts the provided key and the requests from the boot module and transmits the requests and the provided key from the boot module to the gatekeeper. The gatekeeper regulates access to the memory module allowing no other components to directly access the memory module. The gatekeeper receives the provided key from the virtual memory module and the gatekeeper authenticates the provided key by comparing it with a stored key stored in secure location. Upon proper authentication of the provided key, the gatekeeper executes the request in the memory module.
摘要翻译: 用于保护对存储器模块的访问的系统和方法包括存储器模块,虚拟存储器模块,引导模块和关守。 引导模块接受密钥并请求内存模块,并将请求和密钥提供给虚拟内存模块。 虚拟内存模块可由引导模块外部访问,并接受所提供的密钥和来自引导模块的请求,并将请求和提供的密钥从引导模块发送给关守。 网守调节对内存模块的访问,允许其他组件直接访问内存模块。 网守从虚拟存储器模块接收提供的密钥,并且关守通过将其与存储在安全位置中的存储密钥进行比较来认证所提供的密钥。 对所提供的密钥进行适当认证后,网守将在存储器模块中执行该请求。
-
3.发明授权System and method for secure gesture information handling system communication 有权用于安全手势信息处理系统通信的系统和方法公开(公告)号:US08325148B2
公开(公告)日:2012-12-04
申请号:US12420116
申请日:2009-04-08
CPC分类号: G06F21/36 , G06F3/04883
摘要: A secured communication channel is established between two or more information handling systems by defining attributes for encrypting information with physical inputs made at touch devices of the information handling systems. Inputting the physical gesture at a touch device of each information handling system allows evaluation of one or more attributes at each information handling system so that the shared secret of the physical gesture form the basis for encrypted communications. The touch device includes touch screens or touch pads and the attributes include gesture speed, plural distinct gesture touch points, movement of touch points relative to each other, or other attributes that are determinable from physical gesture inputs at each information handling system.
摘要翻译: 通过在信息处理系统的触摸设备处进行物理输入来定义用于加密信息的属性,在两个或更多个信息处理系统之间建立安全的通信信道。 在每个信息处理系统的触摸设备处输入物理手势允许在每个信息处理系统处评估一个或多个属性,使得物理手势的共享秘密构成加密通信的基础。 触摸设备包括触摸屏或触摸板,并且属性包括手势速度,多个不同的手势触摸点,触摸点相对于彼此的移动,或者可以从每个信息处理系统的物理手势输入确定的其他属性。
-
公开(公告)号:US20070041584A1
公开(公告)日:2007-02-22
申请号:US11204984
申请日:2005-08-16
申请人: Clint O'Connor , Douglas Anson
发明人: Clint O'Connor , Douglas Anson
IPC分类号: H04L9/00
CPC分类号: G06F21/121 , H04L9/0897 , H04L2209/80
摘要: A software activation method is disclosed which uses a two-key paradigm. The method provides increased piracy protection while providing a relatively straight forward process for a user to satisfy a license claim.
摘要翻译: 公开了一种使用双键范例的软件激活方法。 该方法提供增加的盗版保护,同时为用户提供相对简单的过程以满足许可证权利要求。
-
5.发明申请System And Method For Secure Gesture Information Handling System Communication 有权用于安全手势信息处理系统通信的系统和方法公开(公告)号:US20100259486A1
公开(公告)日:2010-10-14
申请号:US12420116
申请日:2009-04-08
IPC分类号: G06F3/041
CPC分类号: G06F21/36 , G06F3/04883
摘要: A secured communication channel is established between two or more information handling systems by defining attributes for encrypting information with physical inputs made at touch devices of the information handling systems. Inputting the physical gesture at a touch device of each information handling system allows evaluation of one or more attributes at each information handling system so that the shared secret of the physical gesture form the basis for encrypted communications. The touch device includes touch screens or touch pads and the attributes include gesture speed, plural distinct gesture touch points, movement of touch points relative to each other, or other attributes that are determinable from physical gesture inputs at each information handling system.
摘要翻译: 通过在信息处理系统的触摸设备处进行物理输入来定义用于加密信息的属性,在两个或更多个信息处理系统之间建立安全的通信信道。 在每个信息处理系统的触摸设备处输入物理姿势允许在每个信息处理系统处评估一个或多个属性,使得物理手势的共享秘密构成加密通信的基础。 触摸设备包括触摸屏或触摸板,并且属性包括手势速度,多个不同的手势触摸点,触摸点相对于彼此的移动,或者可以从每个信息处理系统的物理手势输入确定的其他属性。
-
公开(公告)号:US20060179293A1
公开(公告)日:2006-08-10
申请号:US11053161
申请日:2005-02-07
申请人: Clint O'Connor , Douglas Anson
发明人: Clint O'Connor , Douglas Anson
IPC分类号: G06F15/177
CPC分类号: G06F21/31 , G06F21/575 , G06F2221/2129
摘要: A method to boot a computer system only to a secured network is disclosed. In accordance with one embodiment, a method to boot a client only to a secured network, includes connecting the client to a secured network server through the secured network, wherein the secured network server functions as an access control list manager and includes an authorization table listing clients authorized to boot an operating system (OS) only if the client is connected to the secured network server. The method further includes transmitting a claim over the secured network from the client to the secured network server such that the client requests authorization to boot. The method further includes validating at the secured network server the claim against the authorization table. The method further includes determining whether the response denies or permits the client authorization to boot the OS.
摘要翻译: 公开了仅将计算机系统引导到安全网络的方法。 根据一个实施例,仅将客户端引导到安全网络的方法包括通过安全网络将客户端连接到安全网络服务器,其中,安全网络服务器用作访问控制列表管理器,并且包括授权表列表 仅当客户端连接到安全网络服务器时,才有权启动操作系统(OS)的客户端。 所述方法还包括通过所述安全网络将所述请求从所述客户端发送到所述安全网络服务器,使得所述客户端请求启动授权。 该方法还包括在安全的网络服务器上验证针对授权表的权利要求。 所述方法还包括确定所述响应是否拒绝或允许所述客户机授权引导所述OS。
-
7.发明申请公开(公告)号:US20070242729A1
公开(公告)日:2007-10-18
申请号:US11403297
申请日:2006-04-13
申请人: Liam Quinn , Douglas Anson , William Todd Nix
发明人: Liam Quinn , Douglas Anson , William Todd Nix
IPC分类号: H04B1/00
CPC分类号: H04L67/16 , H04B1/7183 , H04L63/061 , H04L69/24 , H04M1/7253 , H04W12/04
摘要: Methods and systems are disclosed for ultra-wideband (UWB) secure wireless device pairing. Secure pairing between devices for secure UWB communications is conducted over in-band UWB communications to provide secure pairing without requiring a visual confirmation through a graphical user interface (GUI), in particular, for wireless personal area network (WPAN) communications. The secure in-band pairing of wireless UWB devices over a UWB radio link provides considerable advantages over prior secure pairing techniques.
摘要翻译: 公开了用于超宽带(UWB)安全无线设备配对的方法和系统。 用于安全UWB通信的设备之间的安全配对在带内UWB通信中进行,以提供安全配对,而不需要通过图形用户界面(GUI)的视觉确认,特别是用于无线个域网(WPAN)通信。 通过UWB无线电链路的无线UWB设备的安全带内配对提供了优于先前的安全配对技术的显着优点。
-
公开(公告)号:US20060048222A1
公开(公告)日:2006-03-02
申请号:US10929067
申请日:2004-08-27
申请人: Clint O'Connor , Douglas Anson
发明人: Clint O'Connor , Douglas Anson
IPC分类号: G06F12/14
CPC分类号: G06F21/575 , G06F21/57
摘要: A method and apparatus for ensuring the security of a particular configuration of hardware and software for an information handling system that is assembled using a “build-to-order” system. The present invention ensures the security and integrity of data on an information handling system from the point of manufacture to the final destination at the customer's facility. The information handling system is then manufactured with the operating system and a predetermined set of software being installed thereon. A manifest file is constructed comprising a predetermined set of data files and configuration information. The manifest file is electronically signed with at least one electronic key. When the information handling system performs its initial boot, a second electronic key is used to extract information from the manifest file and the existing data files and configuration information is compared to the information contained in the manifest file. If any of the information compared to the manifest has been altered, the initial boot is designated as “invalid” and the user is notified of the potential for a breach of security.
摘要翻译: 一种确保用于使用“按订单”系统组装的信息处理系统的硬件和软件的特定配置的安全性的方法和装置。 本发明确保信息处理系统上的数据从制造点到客户设施的最终目的地的安全性和完整性。 然后利用操作系统制造信息处理系统,并在其上安装预定的一组软件。 构成清单文件,其包括预定的一组数据文件和配置信息。 清单文件使用至少一个电子密钥进行电子签名。 当信息处理系统执行其初始引导时,使用第二电子密钥从清单文件中提取信息,并将现有数据文件和配置信息与包含在清单文件中的信息进行比较。 如果与清单相比较的任何信息被更改,则初始引导被指定为“无效”,并且向用户通知潜在的违反安全性的可能性。
-
公开(公告)号:US20070235517A1
公开(公告)日:2007-10-11
申请号:US11393509
申请日:2006-03-30
申请人: Clint O'Connor , Douglas Anson
发明人: Clint O'Connor , Douglas Anson
IPC分类号: G06F17/00
CPC分类号: G06Q10/06
摘要: A method and apparatus for ensuring the security of a particular configuration of hardware and software for an information handling system that is assembled using a “build-to-order” system. The present invention ensures the security and integrity of data on an information handling system from the point of manufacture to the final destination at the customer's facility. The information handling system is then manufactured with the operating system and a predetermined set of software being installed thereon. A manifest file is constructed comprising a predetermined set of data files and configuration information. The manifest file is digitally signed with at least one digital key. When the information handling system performs its initial boot, a second digital key, securely stored in a Trusted Platform Module (TPM), is used to extract information from the manifest file and the existing data files and configuration information is compared to the information contained in the manifest file. If any of the information compared to the manifest has been altered, the initial boot is designated as “invalid” and the user is notified of the potential for a breach of security.
摘要翻译: 一种确保用于使用“按订单”系统组装的信息处理系统的硬件和软件的特定配置的安全性的方法和装置。 本发明确保信息处理系统上的数据从制造点到客户设施的最终目的地的安全性和完整性。 然后利用操作系统制造信息处理系统,并在其上安装预定的一组软件。 构成清单文件,其包括预定的一组数据文件和配置信息。 清单文件用至少一个数字密钥进行数字签名。 当信息处理系统执行其初始启动时,安全地存储在可信平台模块(TPM)中的第二数字密钥用于从清单文件中提取信息,并将现有数据文件和配置信息与包含在 清单文件。 如果与清单相比较的任何信息被更改,则初始引导被指定为“无效”,并且向用户通知潜在的违反安全性的可能性。
-
">
10.发明申请Robust and fault-tolerant registry for web-enabled information handling devices to protect against "malware" 审中-公开强大且容错的注册表,用于启用Web的信息处理设备,以防止“恶意软件”公开(公告)号:US20060200861A1
公开(公告)日:2006-09-07
申请号:US11071976
申请日:2005-03-04
IPC分类号: G06F12/14
CPC分类号: G06F21/50 , G06F21/56 , G06F21/57 , G06F2221/2105
摘要: A method and system for modifying a computer's registry so that it is easily cleansed of spyware and other web-installed software. The registry is structured like an ACID type database, and is partitioned so that metadata associated with web-installed software are stored in a special partitioned. The registry also has revision control, so that prior versions can be retrieved and used if the current registry is corrupted.
摘要翻译: 用于修改计算机注册表的方法和系统,以便易于清理间谍软件和其他网络安装的软件。 注册表的结构类似于ACID类型的数据库,并且被分区,使得与web安装的软件相关联的元数据被存储在特殊的分区中。 注册表还具有版本控制,因此如果当前注册表已损坏,可以检索和使用以前的版本。
-
-
-
-
-
-
-
-
-
搜索结果
11 条记录 (耗时 0.016 秒)
