公开(公告)号：US20230044072A1

公开(公告)日：2023-02-09

申请号：US17758142

申请日：2020-01-30

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Pierre Belgarric ,  Christopher Ian Dalton ,  David Plaquin

IPC: G06F21/55

Abstract: In an example, a method includes providing a computing device with an instruction to cause the computing device to execute the instruction. The method further includes monitoring a side channel of a microarchitectural component of the computing device to obtain an indication of whether or not a state of the microarchitectural component changes as a result of the computing device executing the instruction. The method further includes determining whether or not the indication corresponds to an expected state of the microarchitectural component for the instruction.

公开(公告)号：US11321494B2

公开(公告)日：2022-05-03

申请号：US16771181

申请日：2018-03-12

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Adrian Baldwin ,  James Robert Waldron ,  David Plaquin

IPC: G06F21/72 ,  G06F21/57 ,  H04L9/08 ,  H04L9/32 ,  G06F9/4401

Abstract: In an example, there is provided a method for attesting to a management state of a device platform configuration, based on a signed data structure that represents a device management status and a time-based value from a secure cryptoprocessor of the device. The signed data structure is sent to a management system for validation based on a comparison to the state of the cryptoprocessor at the time of signing the data structure.

公开(公告)号：US20210157918A1

公开(公告)日：2021-05-27

申请号：US17047034

申请日：2019-07-30

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Ronny Chevalier ,  David Plaquin

IPC: G06F21/56 ,  G06F21/55 ,  G06F21/54

Abstract: In an example there is provided a method for receiving notification of an intrusion event in relation to an application from an intrusion detection system, accessing state data in relation to a state of the application prior to the intrusion event, the state data having been stored on the basis of a change of state of the application, accessing a policy to be applied to the state data in response to the intrusion event, modifying the state data on the basis of the policy, and restoring the application on the basis of the modified state data.

公开(公告)号：US20130239222A1

公开(公告)日：2013-09-12

申请号：US13779400

申请日：2013-02-27

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Graeme John Proudler ,  William Burton ,  Dirk Kuhlmann ,  David Plaquin

IPC: G06F21/64

CPC classification number: G06F21/64 ,  G06F21/57

Abstract: An apparatus includes a processor and a memory to implement a method to provide a proof that two or more instances of a data structure type are as trustworthy as each other.

Abstract translation: 一种装置包括处理器和存储器，用于实现提供数据结构类型的两个或多个实例彼此信任的证明的方法。

公开(公告)号：US20220400004A1

公开(公告)日：2022-12-15

申请号：US17761701

申请日：2019-10-16

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： David Plaquin ,  Joshua Serratelli Schiffman ,  Thalia May Laing

IPC: H04L9/08 ,  H04L9/30

Abstract: In an example, a method includes obtaining an initial seed, a public parameter associated with a processing apparatus and an indication of a state of the processing apparatus. The method may further include generating, by the processing apparatus, a key corresponding to the state of the processing apparatus. The state of the processing apparatus may be based on a combination of the initial seed, the public parameter and the indication of the state.

公开(公告)号：US11256589B2

公开(公告)日：2022-02-22

申请号：US16503887

申请日：2019-07-05

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Jeffrey Kevin Jeansonne ,  Boris Balacheff ,  Valiuddin Ali ,  Chris I. Dalton ,  David Plaquin

IPC: G06F21/56 ,  G06F11/30 ,  G06F21/57 ,  G06F11/34

Abstract: Examples herein disclose monitoring an expected functionality upon execution of a system management mode (SMM) code. The examples detect whether a change has occurred to the SMM code based on the monitoring of the expected functionality. The change indicates that the SMM code is compromised.

公开(公告)号：US20210334410A1

公开(公告)日：2021-10-28

申请号：US16604160

申请日：2018-05-02

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Ijlal Loutfi ,  David Plaquin

IPC: G06F21/74 ,  G06F21/79 ,  H04L9/32

Abstract: An example computing system is disclosed comprising storage to store a plurality of security policies for respective applications and storing, for each security policy, a respective security policy digest representing the security policy, a secure hardware component to store a digest of the security policy digests, and a processor to execute a software component to update the respective security policy digest of a first security policy of the plurality of security policies in response to an update to the first security policy, and to cause the secure hardware component to store an updated digest of the security policy digests.

公开(公告)号：US10896085B2

公开(公告)日：2021-01-19

申请号：US15974625

申请日：2018-05-08

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Ronny Chevalier ,  David Plaquin ,  Guillaume Hiet ,  Adrian Baldwin

IPC: G06F11/07 ,  G06F11/14 ,  G06F21/56 ,  H04L29/06 ,  G06F21/55

Abstract: In an example there is provided a method of applying a mitigation action to a computing system. The method comprises receiving notification of an intrusion event on a computing system. The notification identifies one or more of data, and a process affected by the intrusion event. The method comprises accessing state data corresponding to a state of the computing system prior to the intrusion event, accessing a policy specifying one or more mitigation actions to be applied to the one or more of data, and a process in response to an intrusion event, restoring the one or more of data, and the process on the basis of the state data, and applying a mitigation action according to the policy.

公开(公告)号：US10747873B2

公开(公告)日：2020-08-18

申请号：US15747983

申请日：2016-01-26

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Richard A. Bramley, Jr. ,  David Plaquin ,  Maugan Villatel ,  Jeffrey K. Jeansonne

IPC: G06F21/53 ,  G06F21/55 ,  G06F21/57 ,  G06F21/62 ,  G06F21/74

Abstract: In one example, a system for a system management mode (SMM) privilege architecture includes a computing device comprising: a first portion of SMM instructions to set up a number of resources and implement a privilege architecture for the SMM of a computing device and a second portion of SMM instructions to execute a number of functions during the SMM of the computing device, wherein the privilege architecture assigns the first portion of SMM instructions to a first privilege level and assigns the second portion of SMM instructions to a second privilege level.

公开(公告)号：US20200089870A1

公开(公告)日：2020-03-19

申请号：US16486331

申请日：2018-06-07

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Ronny Chevalier ,  David Plaquin ,  Maugan Villatel ,  Guillaume Hiet

IPC: G06F21/52 ,  G06F9/54

Abstract: An intrusion detection system, comprising a monitor to receive messages from a target over a low-latency communication link comprising a controlled access memory structure logically positioned between the target and the monitor using point-to-point interconnects, the controlled access memory structure to receive a message from the target indicating that the target has entered a controlled mode of operation.