公开(公告)号：US20170003980A1

公开(公告)日：2017-01-05

申请号：US15263804

申请日：2016-09-13

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Valiuddin Y. Ali ,  Jose Paulo Xavier Pires ,  James M. Mann ,  Boris Balacheff ,  Chris I. Dalton

IPC: G06F9/44 ,  G06F9/455 ,  H04L29/06

CPC classification number: G06F9/4416 ,  G06F9/45558 ,  G06F2009/45575 ,  G06F2009/45579 ,  H04L63/14

Abstract: In some examples, an electronic device receives, while an operating system is running in the electronic device, a request to access a function of a Basic Input/Output System (BIOS), the request containing a web address of the function of the BIOS, and routes, based on the web address of the function of the BIOS, the request through a web-based interface to a domain that includes the function of the BIOS.

Abstract translation: 在一些示例中，电子设备在操作系统在电子设备中运行时接收访问基本输入/输出系统（BIOS）的功能的请求，该请求包含BIOS的功能的网址， 以及基于BIOS功能的网址的路由，通过基于web的接口到包含BIOS的功能的域的请求。

公开(公告)号：US09535710B2

公开(公告)日：2017-01-03

申请号：US15044758

申请日：2016-02-16

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Valiuddin Y. Ali ,  Jose Paulo Xavier Pires ,  James M. Mann ,  Boris Balacheff ,  Chris I. Dalton

IPC: H04L29/06 ,  G06F9/44 ,  G06F9/455 ,  G06F21/57

CPC classification number: G06F21/572 ,  G06F9/4401 ,  G06F9/45541 ,  G06F9/45558 ,  G06F21/57 ,  G06F21/575 ,  G06F2009/45587 ,  H04L9/0877 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/0823

Abstract: A secure communication channel is established between a virtual trusted runtime basic input output system (BIOS) and a virtual machine that includes a virtual BIOS. The virtual trusted runtime BIOS communicates with the virtual machine according to a web-based protocol over the secure communication channel using a secure socket layer.

Abstract translation: 在虚拟可信运行时基本输入输出系统（BIOS）和包括虚拟BIOS的虚拟机之间建立安全通信通道。 虚拟可信运行时BIOS使用安全套接字层通过安全通信信道根据基于Web的协议与虚拟机进行通信。

公开(公告)号：US20170068817A1

公开(公告)日：2017-03-09

申请号：US15357805

申请日：2016-11-21

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Valiuddin Y. Ali ,  Jose Paulo Xavier Pires ,  James M. Mann ,  Boris Balacheff ,  Chris I. Dalton

IPC: G06F21/57 ,  G06F9/455 ,  H04L9/08 ,  G06F9/44 ,  H04L29/06

CPC classification number: G06F21/572 ,  G06F9/4401 ,  G06F9/45541 ,  G06F9/45558 ,  G06F21/57 ,  G06F21/575 ,  G06F2009/45587 ,  H04L9/0877 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/0823

Abstract: A secure communication channel is established between a virtual trusted runtime basic input output system (BIOS) and a virtual machine that includes a virtual BIOS. The virtual trusted runtime BIOS communicates with the virtual machine according to a web-based protocol over the secure communication channel using a secure socket layer.

Abstract translation: 在虚拟可信运行时基本输入输出系统（BIOS）和包括虚拟BIOS的虚拟机之间建立安全通信通道。 虚拟可信运行时BIOS使用安全套接字层通过安全通信信道根据基于Web的协议与虚拟机进行通信。

公开(公告)号：US20160125201A1

公开(公告)日：2016-05-05

申请号：US14754898

申请日：2015-06-30

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Maugan Villatel ,  Boris Balacheff ,  Chris I. Dalton ,  David Plaquin ,  Adrian Shaw ,  Simon Kai-Ying Shiu

IPC: G06F21/62 ,  G06F17/30

CPC classification number: G06F21/74 ,  G06F9/46 ,  G06F17/30 ,  G06F21/53 ,  G06F21/62 ,  G06F21/6281 ,  G06F21/629

Abstract: A data processing system supporting a secure domain and a non-secure domain comprises a hardware component, and a processor device having operating modes in the secure domain and non-secure domain, the processor device to execute a secure application in the secure domain. The hardware component has a property having a secure state. The property of the hardware component in the secure state may only be reconfigured responsive to instructions received from the secure domain. The secure application is operative to implement a configuration service to configure the property of the hardware component in the secure state, responsive to a request received from the non-secure domain according to an application programming interface associated with the secure application.

Abstract translation: 支持安全域和非安全域的数据处理系统包括硬件组件和在安全域和非安全域中具有操作模式的处理器设备，处理器设备在安全域中执行安全应用。 硬件组件具有具有安全状态的属性。 硬件组件处于安全状态的属性可能只能根据从安全域接收到的指令进行重新配置。 响应于根据与安全应用相关联的应用编程接口从非安全域接收的请求，安全应用程序可操作以实现配置服务以配置处于安全状态的硬件组件的属性。

公开(公告)号：US20160078226A1

公开(公告)日：2016-03-17

申请号：US14888845

申请日：2013-05-14

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Chris I. Dalton ,  Boris Balacheff ,  Perry V. Lea

IPC: G06F21/55

CPC classification number: G06F21/554 ,  G06F21/55

Abstract: The present disclosure relates to an integrated circuit. The integrated circuit includes a memory controller. The integrated circuit includes a first memory coupled to the memory controller. The integrated circuit includes a processor core coupled to the memory controller. The integrated circuit includes a secure core that includes a second memory. The secure core is configured to inspect the first memory and detect a security event.

Abstract translation: 本公开涉及集成电路。 集成电路包括存储器控制器。 集成电路包括耦合到存储器控制器的第一存储器。 集成电路包括耦合到存储器控制器的处理器核心。 集成电路包括包括第二存储器的安全核心。 安全核心被配置为检查第一存储器并检测安全事件。

公开(公告)号：US20160162299A1

公开(公告)日：2016-06-09

申请号：US15044758

申请日：2016-02-16

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Valiuddin Y. Ali ,  Jose Paulo Xavier Pires ,  James M. Mann ,  Boris Balacheff ,  Chris I. Dalton

IPC: G06F9/44

CPC classification number: G06F21/572 ,  G06F9/4401 ,  G06F9/45541 ,  G06F9/45558 ,  G06F21/57 ,  G06F21/575 ,  G06F2009/45587 ,  H04L9/0877 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/0823

Abstract: A secure communication channel is established between a virtual trusted runtime basic input output system (BIOS) and a virtual machine that includes a virtual BIOS. The virtual trusted runtime BIOS communicates with the virtual machine according to a web-based protocol over the secure communication channel using a secure socket layer.

Abstract translation: 在虚拟可信运行时基本输入输出系统（BIOS）和包括虚拟BIOS的虚拟机之间建立安全通信通道。 虚拟可信运行时BIOS使用安全套接字层通过安全通信信道根据基于Web的协议与虚拟机进行通信。

公开(公告)号：US20160127128A1

公开(公告)日：2016-05-05

申请号：US14755125

申请日：2015-06-30

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Liqun Chen ,  Fraser John Dickin ,  Martin Sadler ,  Chris I. Dalton ,  Nigel Edwards ,  Simon Kai-Ying Shiu ,  Boris Balacheff

IPC: H04L9/08 ,  G06F21/72 ,  H04L9/32

CPC classification number: H04L9/0897 ,  G06F21/72 ,  H04L9/0866 ,  H04L9/3073 ,  H04L9/3247

Abstract: An electronic device for management of cryptographic keys, and a corresponding method implemented in a computing device comprising a physical processor, transmit feature data of the device to a key generation module, wherein the feature data comprises information corresponding to an identifier or an attribute of the device, and receive, by the device from the key generation module, a digital signature of the transmitted feature data. The device installs the received digital signature as a cryptographic private key for communication, and performs a cryptographic operation using the installed digital signature as the cryptographic private key.

Abstract translation: 一种用于管理加密密钥的电子设备，以及在包括物理处理器的计算设备中实现的相应方法，将设备的特征数据发送到密钥生成模块，其中，特征数据包括与标识符或属性对应的信息 设备，并且由密钥生成模块的设备接收所发送的特征数据的数字签名。 设备将接收到的数字签名作为加密专用密钥进行安装，进行通信，并使用安装的数字签名作为密码私钥进行密码操作。

公开(公告)号：US11256589B2

公开(公告)日：2022-02-22

申请号：US16503887

申请日：2019-07-05

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Jeffrey Kevin Jeansonne ,  Boris Balacheff ,  Valiuddin Ali ,  Chris I. Dalton ,  David Plaquin

IPC: G06F21/56 ,  G06F11/30 ,  G06F21/57 ,  G06F11/34

Abstract: Examples herein disclose monitoring an expected functionality upon execution of a system management mode (SMM) code. The examples detect whether a change has occurred to the SMM code based on the monitoring of the expected functionality. The change indicates that the SMM code is compromised.

公开(公告)号：US10013559B2

公开(公告)日：2018-07-03

申请号：US15357805

申请日：2016-11-21

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Valiuddin Y. Ali ,  Jose Paulo Xavier Pires ,  James M. Mann ,  Boris Balacheff ,  Chris I. Dalton

IPC: H04L29/06 ,  G06F21/57 ,  G06F9/4401 ,  G06F9/455 ,  H04L9/08

CPC classification number: G06F21/572 ,  G06F9/4401 ,  G06F9/45541 ,  G06F9/45558 ,  G06F21/57 ,  G06F21/575 ,  G06F2009/45587 ,  H04L9/0877 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/0823

Abstract: A secure communication channel is established between a virtual trusted runtime basic input output system (BIOS) and a virtual machine that includes a virtual BIOS. The virtual trusted runtime BIOS communicates with the virtual machine according to a web-based protocol over the secure communication channel using a secure socket layer.

公开(公告)号：US09753742B2

公开(公告)日：2017-09-05

申请号：US15263804

申请日：2016-09-13

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Valiuddin Y. Ali ,  Jose Paulo Xavier Pires ,  James M. Mann ,  Boris Balacheff ,  Chris I. Dalton

IPC: G06F9/44 ,  G06F9/455 ,  H04L29/06

CPC classification number: G06F9/4416 ,  G06F9/45558 ,  G06F2009/45575 ,  G06F2009/45579 ,  H04L63/14

Abstract: In some examples, an electronic device receives, while an operating system is running in the electronic device, a request to access a function of a Basic Input/Output System (BIOS), the request containing a web address of the function of the BIOS, and routes, based on the web address of the function of the BIOS, the request through a web-based interface to a domain that includes the function of the BIOS.