-
公开(公告)号:US08589302B2
公开(公告)日:2013-11-19
申请号:US12592605
申请日:2009-11-30
申请人: Gyan Prakash , Saurabh Dadu , Selim Aissi , Hormuzd M. Khosravi , Duncan Glendinning , Cris Rhodes
发明人: Gyan Prakash , Saurabh Dadu , Selim Aissi , Hormuzd M. Khosravi , Duncan Glendinning , Cris Rhodes
IPC分类号: G06Q99/00
CPC分类号: G06F8/65 , G06F9/24 , G06F21/572 , G06Q10/00
摘要: A method, apparatus, system, and computer program product for an automated modular and secure boot firmware update. An updated boot firmware code module is received in a secure partition of a system, the updated boot firmware code module to replace one original boot firmware code module for the system. Only the one original boot firmware code module is automatically replaced with the updated boot firmware code module. The updated boot firmware code module is automatically executed with the plurality of boot firmware code modules for the system and without user intervention when the system is next booted. The updated boot firmware code module may be written to an update partition of a firmware volume, wherein the update partition of the firmware volume is read along with another partition of the firmware volume containing the plurality of boot firmware code modules when the system is booted.
摘要翻译: 一种用于自动化模块化和安全启动固件更新的方法,设备,系统和计算机程序产品。 在系统的安全分区中接收更新的引导固件代码模块,该更新的引导固件代码模块用于替换系统的一个原始引导固件代码模块。 只有一个原始引导固件代码模块将自动替换为更新的引导固件代码模块。 当系统下次启动时,更新的引导固件代码模块将自动执行与系统的多个引导固件代码模块,而无需用户干预。 可以将更新的引导固件代码模块写入固件卷的更新分区,其中当系统引导时,固件卷的更新分区与包含多个引导固件代码模块的固件卷的另一个分区一起读取。
-
公开(公告)号:US20140047428A1
公开(公告)日:2014-02-13
申请号:US14055008
申请日:2013-10-16
申请人: Gyan Prakash , Saurabh Dadu , Selim Aissi , Hormuzd M. Khosravi , Duncan Glendinning , Cris Rhodes
发明人: Gyan Prakash , Saurabh Dadu , Selim Aissi , Hormuzd M. Khosravi , Duncan Glendinning , Cris Rhodes
IPC分类号: G06F9/445
CPC分类号: G06F8/65 , G06F9/24 , G06F21/572 , G06Q10/00
摘要: A method, apparatus, system, and computer program product for an automated modular and secure boot firmware update. An updated boot firmware code module is received in a secure partition of a system, the updated boot firmware code module to replace one original boot firmware code module for the system. Only the one original boot firmware code module is automatically replaced with the updated boot firmware code module. The updated boot firmware code module is automatically executed with the plurality of boot firmware code modules for the system and without user intervention when the system is next booted. The updated boot firmware code module may be written to an update partition of a firmware volume, wherein the update partition of the firmware volume is read along with another partition of the firmware volume containing the plurality of boot firmware code modules when the system is booted.
摘要翻译: 一种用于自动化模块化和安全启动固件更新的方法,设备,系统和计算机程序产品。 在系统的安全分区中接收更新的引导固件代码模块,该更新的引导固件代码模块用于替换系统的一个原始引导固件代码模块。 只有一个原始引导固件代码模块将自动替换为更新的引导固件代码模块。 当系统下次启动时,更新的引导固件代码模块将自动执行与系统的多个引导固件代码模块,而无需用户干预。 可以将更新的引导固件代码模块写入固件卷的更新分区,其中当系统引导时,固件卷的更新分区与包含多个引导固件代码模块的固件卷的另一个分区一起读取。
-
公开(公告)号:US20110131447A1
公开(公告)日:2011-06-02
申请号:US12592605
申请日:2009-11-30
申请人: Gyan Prakash , Saurabh Dadu , Selim Aissi , Hormuzd M. Khosravi , Duncan Glendinning , Cris Rhodes
发明人: Gyan Prakash , Saurabh Dadu , Selim Aissi , Hormuzd M. Khosravi , Duncan Glendinning , Cris Rhodes
CPC分类号: G06F8/65 , G06F9/24 , G06F21/572 , G06Q10/00
摘要: A method, apparatus, system, and computer program product for an automated modular and secure boot firmware update. An updated boot firmware code module is received in a secure partition of a system, the updated boot firmware code module to replace one original boot firmware code module for the system. Only the one original boot firmware code module is automatically replaced with the updated boot firmware code module. The updated boot firmware code module is automatically executed with the plurality of boot firmware code modules for the system and without user intervention when the system is next booted. The updated boot firmware code module may be written to an update partition of a firmware volume, wherein the update partition of the firmware volume is read along with another partition of the firmware volume containing the plurality of boot firmware code modules when the system is booted.
摘要翻译: 一种用于自动化模块化和安全启动固件更新的方法,设备,系统和计算机程序产品。 在系统的安全分区中接收更新的引导固件代码模块,该更新的引导固件代码模块用于替换系统的一个原始引导固件代码模块。 只有一个原始引导固件代码模块将自动替换为更新的引导固件代码模块。 当系统下次启动时,更新的引导固件代码模块将自动执行与系统的多个引导固件代码模块,而无需用户干预。 可以将更新的引导固件代码模块写入固件卷的更新分区,其中当系统引导时,固件卷的更新分区与包含多个引导固件代码模块的固件卷的另一个分区一起读取。
-
公开(公告)号:US09569633B2
公开(公告)日:2017-02-14
申请号:US13538142
申请日:2012-06-29
申请人: Gyan Prakash , Jason M. Fung , Cris Rhodes , Selim Aissi
发明人: Gyan Prakash , Jason M. Fung , Cris Rhodes , Selim Aissi
CPC分类号: H04L63/0435 , G06F21/6218 , G06F21/72 , G06F21/78 , H04L63/061 , H04L2209/127
摘要: A device, system, and method for providing processor-based data protection on a mobile computing device includes accessing data stored in memory with a central processing unit of the mobile computing device and determining that the accessed data is encrypted data based on a data included in one or more control registers of the central processing unit. If the data is determined to be encrypted data, the central processing unit is to decrypt the encrypted data using a cryptographic key stored in the central processing unit. The encrypted data may also be stored on a drive of the mobile computing device. The encryption state of the data stored on the drive is maintained in a drive encryption table, which is used to update a memory page tables and the one or more control registers.
摘要翻译: 一种用于在移动计算设备上提供基于处理器的数据保护的设备,系统和方法包括:利用所述移动计算设备的中央处理单元访问存储在存储器中的数据,并且基于所包含的数据确定所访问的数据是加密数据 中央处理单元的一个或多个控制寄存器。 如果数据被确定为加密数据,则中央处理单元使用存储在中央处理单元中的加密密钥来解密加密数据。 加密数据也可以存储在移动计算设备的驱动器上。 存储在驱动器上的数据的加密状态保存在用于更新存储器页表和一个或多个控制寄存器的驱动器加密表中。
-
公开(公告)号:US20140006798A1
公开(公告)日:2014-01-02
申请号:US13538142
申请日:2012-06-29
申请人: Gyan Prakash , Jason M. Fung , Cris Rhodes , Selim Aissi
发明人: Gyan Prakash , Jason M. Fung , Cris Rhodes , Selim Aissi
IPC分类号: G06F12/14
CPC分类号: H04L63/0435 , G06F21/6218 , G06F21/72 , G06F21/78 , H04L63/061 , H04L2209/127
摘要: A device, system, and method for providing processor-based data protection on a mobile computing device includes accessing data stored in memory with a central processing unit of the mobile computing device and determining that the accessed data is encrypted data based on a data included in one or more control registers of the central processing unit. If the data is determined to be encrypted data, the central processing unit is to decrypt the encrypted data using a cryptographic key stored in the central processing unit. The encrypted data may also be stored on a drive of the mobile computing device. The encryption state of the data stored on the drive is maintained in a drive encryption table, which is used to update a memory page tables and the one or more control registers.
摘要翻译: 一种用于在移动计算设备上提供基于处理器的数据保护的设备,系统和方法包括:利用所述移动计算设备的中央处理单元访问存储在存储器中的数据,并且基于所包含的数据确定所访问的数据是加密数据 中央处理单元的一个或多个控制寄存器。 如果数据被确定为加密数据,则中央处理单元使用存储在中央处理单元中的加密密钥来解密加密数据。 加密数据也可以存储在移动计算设备的驱动器上。 存储在驱动器上的数据的加密状态保存在用于更新存储器页表和一个或多个控制寄存器的驱动器加密表中。
-
-
-
-
搜索结果
5 条记录 (耗时 0.024 秒)