-
1.发明申请CRYPTOGRAPHIC KEY-TO-POLICY ASSOCIATION AND ENFORCEMENT FOR SECURE KEY-MANAGEMENT AND POLICY EXECUTION 审中-公开关键管理和政策执行的关键政策协调和执行力公开(公告)号:US20100023782A1
公开(公告)日:2010-01-28
申请号:US11962991
申请日:2007-12-21
申请人: Gyan Prakash , Selim Aissi , Jasmeet Chhabra , Tobias Kohlenberg
发明人: Gyan Prakash , Selim Aissi , Jasmeet Chhabra , Tobias Kohlenberg
CPC分类号: G06F21/6218
摘要: Key-to-policy association and hardware-based policy enforcement for file/folder encryption (FFE) and/or full-disk encryption (FDE) are provided. A CPU independent microprocessor (CIM) is coupled to a platform and provides a secure storage service, secure non-volatile storage, secure policy enforcement engine, and system interface for communication with platform components independent of the CPU. The CIM stores a key and its associated policies by generating a hardware-derived key to wrap the key prior to securely storing it in non-volatile storage on the CIM. Upon receiving a request for key-access by an application, policy status and credentials are verified before the key is returned.
摘要翻译: 提供了文件/文件夹加密(FFE)和/或全磁盘加密(FDE)的关键到策略关联和基于硬件的策略实施。 独立于CPU的微处理器(CIM)耦合到平台,并提供安全的存储服务,安全的非易失性存储,安全策略实施引擎和用于与独立于CPU的平台组件通信的系统接口。 CIM在将安全存储在CIM的非易失性存储器之前,通过生成硬件派生密钥来包装密钥来存储密钥及其关联的策略。 在接收到应用程序的密钥访问请求之后,在返回密钥之前验证策略状态和凭据。
-
公开(公告)号:US08298295B2
公开(公告)日:2012-10-30
申请号:US11904793
申请日:2007-09-28
申请人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
发明人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
IPC分类号: G06F21/00
CPC分类号: G06F21/88
摘要: A manageability engine of a processor based device and a host theft-deterrence agent of the processor based device, jointly implement a theft-deterrence protocol with a theft-deterrence service, remotely disposed from the processor based device, to deter theft of the processor based device. The host theft-deterrence agent is configured to operate in a processor operated application execution environment of the processor based device, and the manageability engine is configured to operate outside the application execution environment.
摘要翻译: 基于处理器的设备的基于处理器的设备的可管理性引擎和基于处理器的设备的主机防盗代理,与基于处理器的设备远程设置的盗窃威慑服务联合地实施防盗保护协议,以防止基于处理器的设备的盗窃 设备。 主机防盗代理被配置为在基于处理器的设备的处理器运行的应用执行环境中操作,并且可管理引擎被配置为在应用执行环境之外操作。
-
公开(公告)号:US20100162368A1
公开(公告)日:2010-06-24
申请号:US12317222
申请日:2008-12-19
申请人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
发明人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
CPC分类号: H04L63/08 , G06F21/6209 , G06F21/88 , G06F2221/2143 , G06F2221/2147
摘要: An apparatus and system for enabling users to remotely manage their devices. Specifically, in one embodiment, in the event of a theft of a device or other such occurrence, a user may send a command to the device to execute a specified command. The command may include actions such as locking the device, shutting down the device, disabling logon's to the device and other such actions that may secure the device and the data on the device from unauthorized access. Upon receipt of an authorized unlock credential, the device may once again be made accessible.
摘要翻译: 一种用于使用户远程管理其设备的设备和系统。 具体地说,在一个实施例中,在窃取设备或其他此类事件的情况下,用户可以向设备发送命令以执行指定的命令。 该命令可以包括诸如锁定设备,关闭设备,禁用对设备的登录以及可能保护设备和设备上的数据的其他此类动作的动作,以防止未经授权的访问。 在接收到授权的解锁凭证之后,可以再次使设备可访问。
-
4.发明申请METHOD AND APPARATUS WITH CHIPSET-BASED PROTECTION FOR LOCAL AND REMOTE AUTHENTICATION OF BOOTING FROM PERIPHERAL DEVICES 有权用于本地和远程认证来自外围设备的插座的基于保护的保护的方法和装置公开(公告)号:US20090287938A1
公开(公告)日:2009-11-19
申请号:US12119914
申请日:2008-05-13
申请人: Gyan Prakash , Mousumi M. Hazra , Selim Aissi , Jasmeet Chhabra
发明人: Gyan Prakash , Mousumi M. Hazra , Selim Aissi , Jasmeet Chhabra
IPC分类号: H04L9/32
CPC分类号: G06F21/575 , G06F21/32
摘要: Method and apparatus enabling a computing system to deter or thwart unauthorized boot-up from peripheral devices are disclosed herein. In various embodiments, a monitoring module and a managing module are employed cooperating with each other to authorize users in booting up the computing system from peripheral devices.
摘要翻译: 本文公开了使得计算系统能够阻止或阻止来自外围设备的未经授权启动的方法和装置。 在各种实施例中,监视模块和管理模块被相互配合以授权用户从外围设备启动计算系统。
-
公开(公告)号:US20090089887A1
公开(公告)日:2009-04-02
申请号:US11904793
申请日:2007-09-28
申请人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
发明人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
IPC分类号: G06F21/02
CPC分类号: G06F21/88
摘要: A manageability engine of a processor based device and a host theft-deterrence agent of the processor based device, jointly implement a theft-deterrence protocol with a theft-deterrence service, remotely disposed from the processor based device, to deter theft of the processor based device. The host theft-deterrence agent is configured to operate in a processor operated application execution environment of the processor based device, and the manageability engine is configured to operate outside the application execution environment.
摘要翻译: 基于处理器的设备的基于处理器的设备的可管理性引擎和基于处理器的设备的主机防盗代理,与基于处理器的设备远程设置的盗窃威慑服务联合地实施防盗保护协议,以防止基于处理器的设备的盗窃 设备。 主机防盗代理被配置为在基于处理器的设备的处理器运行的应用执行环境中操作,并且可管理引擎被配置为在应用执行环境之外操作。
-
公开(公告)号:US20130125218A1
公开(公告)日:2013-05-16
申请号:US13672345
申请日:2012-11-08
申请人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
发明人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , G06F21/6209 , G06F21/88 , G06F2221/2143 , G06F2221/2147
摘要: An apparatus and system for enabling users to remotely manage their devices. Specifically, in one embodiment, in the event of a theft of a device or other such occurrence, a user may send a command to the device to execute a specified command. The command may include actions such as locking the device, shutting down the device, disabling logon's to the device and other such actions that may secure the device and the data on the device from unauthorized access. Upon receipt of an authorized unlock credential, the device may once again be made accessible.
摘要翻译: 一种用于使用户远程管理其设备的设备和系统。 具体地说,在一个实施例中,在窃取设备或其他此类事件的情况下,用户可以向设备发送命令以执行指定的命令。 该命令可以包括诸如锁定设备,关闭设备,禁用对设备的登录以及可能保护设备和设备上的数据的其他此类动作的动作,以防止未经授权的访问。 在接收到授权的解锁凭证之后,可以再次使设备可访问。
-
7.发明申请METHOD AND APPARATUS WITH CHIPSET-BASED PROTECTION FOR LOCAL AND REMOTE AUTHENTICATION OF BOOTING FROM PERIPHERAL DEVICES 有权用于本地和远程认证来自外围设备的插座的基于保护的保护的方法和装置公开(公告)号:US20120284499A1
公开(公告)日:2012-11-08
申请号:US13467838
申请日:2012-05-09
申请人: Gyan Prakash , Mousumi M. Hazra , Selim Aissi , Jasmeet Chhabra
发明人: Gyan Prakash , Mousumi M. Hazra , Selim Aissi , Jasmeet Chhabra
IPC分类号: G06F9/00
CPC分类号: G06F21/575 , G06F21/32
摘要: Method and apparatus enabling a computing system to deter or thwart unauthorized boot-up from peripheral devices are disclosed herein. In various embodiments, a monitoring module and a managing module are employed cooperating with each other to authorize users in booting up the computing system from peripheral devices.
摘要翻译: 本文公开了使得计算系统能够阻止或阻止来自外围设备的未经授权启动的方法和装置。 在各种实施例中,监视模块和管理模块被相互配合以授权用户从外围设备启动计算系统。
-
公开(公告)号:US08321916B2
公开(公告)日:2012-11-27
申请号:US12317222
申请日:2008-12-19
申请人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
发明人: Selim Aissi , Jasmeet Chhabra , Gyan Prakash
IPC分类号: G06F7/04
CPC分类号: H04L63/08 , G06F21/6209 , G06F21/88 , G06F2221/2143 , G06F2221/2147
摘要: An apparatus and system for enabling users to remotely manage their devices. Specifically, in one embodiment, in the event of a theft of a device or other such occurrence, a user may send a command to the device to execute a specified command. The command may include actions such as locking the device, shutting down the device, disabling logon's to the device and other such actions that may secure the device and the data on the device from unauthorized access. Upon receipt of an authorized unlock credential, the device may once again be made accessible.
摘要翻译: 一种用于使用户远程管理其设备的设备和系统。 具体地说,在一个实施例中,在窃取设备或其他此类事件的情况下,用户可以向设备发送命令以执行指定的命令。 该命令可以包括诸如锁定设备,关闭设备,禁用对设备的登录以及可能保护设备和设备上的数据的其他此类动作的动作,以防止未经授权的访问。 在接收到授权的解锁凭证之后,可以再次使设备可访问。
-
9.发明授权Method and apparatus with chipset-based protection for local and remote authentication of booting from peripheral devices 有权具有基于芯片组的保护的方法和设备,用于从外围设备引导的本地和远程认证公开(公告)号:US08181032B2
公开(公告)日:2012-05-15
申请号:US12119914
申请日:2008-05-13
申请人: Gyan Prakash , Mousumi M. Hazra , Selim Aissi , Jasmeet Chhabra
发明人: Gyan Prakash , Mousumi M. Hazra , Selim Aissi , Jasmeet Chhabra
IPC分类号: G06F21/00
CPC分类号: G06F21/575 , G06F21/32
摘要: Method and apparatus enabling a computing system to deter or thwart unauthorized boot-up from peripheral devices are disclosed herein. In various embodiments, a monitoring module and a managing module are employed cooperating with each other to authorize users in booting up the computing system from peripheral devices.
摘要翻译: 本文公开了使得计算系统能够阻止或阻止来自外围设备的未经授权启动的方法和装置。 在各种实施例中,监视模块和管理模块被相互配合以授权用户从外围设备启动计算系统。
-
10.发明申请公开(公告)号:US20090282265A1
公开(公告)日:2009-11-12
申请号:US12116743
申请日:2008-05-07
申请人: Selim Aissi , Gyan Prakash , Jasmeet Chhabra
发明人: Selim Aissi , Gyan Prakash , Jasmeet Chhabra
IPC分类号: G06F21/00
CPC分类号: G06F21/6218 , G06F21/88 , G06F2221/2143
摘要: A method of preventing access of data in a node quickly and securely when the node is lost or stolen. The data is first encrypted using an encryption algorithm with a cryptographic key-material. Heuristic methods of detecting un-authorized access to the node are implemented to generate a theft-trigger. The theft-trigger is received and sent to a central authority. The validity of the trigger is verified and the central authority sends an acknowledgement of the trigger. When approval is given from the central authority, access to the data is prevented by deleting or concealing some cryptographic key-material.
摘要翻译: 当节点丢失或被盗时,可以快速,安全地防止节点中的数据访问的方法。 首先使用加密密钥材料的加密算法对数据进行加密。 检测未授权访问节点的启发式方法被实现以产生盗窃触发。 盗窃触发器被接收并发送给中央机构。 验证触发的有效性,中央机关发出触发的确认。 当从中央机关获得批准时,通过删除或隐藏一些加密密钥材料来防止对数据的访问。
-
-
-
-
-
-
-
-
-
搜索结果
152 条记录 (耗时 0.022 秒)
