-
公开(公告)号:US08201239B2
公开(公告)日:2012-06-12
申请号:US12214830
申请日:2008-06-23
申请人: Ned Smith , Vincent J. Zimmer
发明人: Ned Smith , Vincent J. Zimmer
IPC分类号: G06F21/00
CPC分类号: G06F21/575
摘要: In one embodiment, the present invention includes a method for obtaining a pre-boot authentication (PBA) image from a full disk encryption disk in a pre-boot environment, executing the PBA using a chipset to obtain user credential information, authorizing the user based on the user credential information and stored credential information, and storing the user credential information in a PBA metadata region of the disk. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,本发明包括一种用于在预引导环境中从全盘加密盘获得预引导认证(PBA)图像的方法,使用芯片组执行PBA以获得用户凭证信息,授权用户 关于用户凭证信息和存储的凭证信息,以及将用户凭证信息存储在盘的PBA元数据区域中。 描述和要求保护其他实施例。
-
公开(公告)号:US20090319806A1
公开(公告)日:2009-12-24
申请号:US12214830
申请日:2008-06-23
申请人: Ned Smith , Vincent J. Zimmer
发明人: Ned Smith , Vincent J. Zimmer
CPC分类号: G06F21/575
摘要: In one embodiment, the present invention includes a method for obtaining a pre-boot authentication (PBA) image from a full disk encryption disk in a pre-boot environment, executing the PBA using a chipset to obtain user credential information, authorizing the user based on the user credential information and stored credential information, and storing the user credential information in a PBA metadata region of the disk. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,本发明包括一种用于在预引导环境中从全盘加密盘获得预引导认证(PBA)图像的方法,使用芯片组执行PBA以获得用户凭证信息,授权用户 关于用户凭证信息和存储的凭证信息,以及将用户凭证信息存储在盘的PBA元数据区域中。 描述和要求保护其他实施例。
-
公开(公告)号:US09958926B2
公开(公告)日:2018-05-01
申请号:US13976903
申请日:2011-12-13
IPC分类号: G06F1/32
CPC分类号: G06F1/3234 , G06F1/3275 , Y02D10/13 , Y02D10/14
摘要: A non-volatile random access memory (NVRAM) is used in a computer system to provide instant responses to sleep state transitions. The computer system includes a processor coupled to an NVRAM, which is accessible by the processor without passing through an I/O subsystem. The NVRAM is byte-rewritable and byte-erasable by the processor. In response to a request to enter a powered sleep state, the computer system converts the powered sleep state into a powered-off sleep state with system memory context stored in the NVRAM. The powered sleep state is defined as a state in which power is supplied to volatile random access memory in the computer system, and the powered-off sleep state is defined as a state in which power is removed from the volatile random access memory. In response to a wake event, the computer system resumes working state operations using the system memory context stored in the NVRAM.
-
公开(公告)号:US20170185207A1
公开(公告)日:2017-06-29
申请号:US14998314
申请日:2015-12-26
申请人: Rajesh Poornachandran , Vincent J. Zimmer , Nicholas J. Adams , Nithyananda S. Jeganathan , Gunner D. Danneels
发明人: Rajesh Poornachandran , Vincent J. Zimmer , Nicholas J. Adams , Nithyananda S. Jeganathan , Gunner D. Danneels
CPC分类号: G06F3/0416 , G06F1/1652 , G06F3/0412 , G06F9/44505
摘要: Technologies for dynamic display include a mobile compute device that comprises a display transformable between at least two different physical topologies. The mobile compute device determines a current physical topology of the display and retrieves a policy based on the determined current physical topology. The policy identifies a corresponding action to occur in response to each of one or more user inputs to the mobile compute device while the display has the current physical topology. The mobile compute device processes a user input based on the retrieved policy.
-
公开(公告)号:US20170177395A1
公开(公告)日:2017-06-22
申请号:US14976936
申请日:2015-12-21
CPC分类号: G06F9/45558 , G06F9/5038 , G06F2009/4557 , G06F2009/45575 , G06F2009/45587
摘要: A system on a chip (SoC) may comprise at least one processor with at least one core and a storage device comprising a first system virtual machine configured to be executed on the at least one processor. The storage device may comprise a second system virtual machine configured to be executed by the at least one processor. The second system virtual machine may include at least one process virtual machine; a modem configured as one of the at least one process virtual machine; and a real-time operating system (RTOS) to schedule execution of the at least one process virtual machine on the at least one processor.
-
公开(公告)号:US20160070932A1
公开(公告)日:2016-03-10
申请号:US14482136
申请日:2014-09-10
申请人: Vincent J. Zimmer , Peter J. Barry , Rajesh Poornachandran , Arjan Van De Ven , Peter A. Dice , Gopinatth Selvaraje , Julien Carreno , Lee G. Rosenbaum
发明人: Vincent J. Zimmer , Peter J. Barry , Rajesh Poornachandran , Arjan Van De Ven , Peter A. Dice , Gopinatth Selvaraje , Julien Carreno , Lee G. Rosenbaum
CPC分类号: G06F21/575 , G06F9/4406 , G06F21/53 , G06F21/72 , G06F21/79 , G06F2221/033 , G06F2221/2107 , G06F2221/2111 , H04L9/0861 , H04L9/0894 , H04L9/14 , H04L9/302 , H04L2209/60
摘要: In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,芯片上的系统包括:执行遗留指令集的单个核心,所述单个核心被配置为进入系统管理模式(SMM)以提供可信赖执行环境以执行至少一个安全操作; 以及耦合到所述单个核的存储器控制器,所述存储器控制器与系统存储器接口,其中所述系统存储器的一部分包括用于所述SMM的安全存储器,并且所述单个核心将认证并执行引导固件,并且传递 控制到SMM以从受保护的存储器获取密钥对,并将密钥对存储在安全存储器中。 描述和要求保护其他实施例。
-
公开(公告)号:US09210148B2
公开(公告)日:2015-12-08
申请号:US13995511
申请日:2011-12-30
CPC分类号: H04L63/0876 , G06F21/00 , H04L63/08 , H04W12/06 , H04W12/08
摘要: An embodiment includes a secure and stable method for sending information across a compute continuum. For example, the method may include executing an application (e.g., video player) on a first node (e.g., tablet) with a desire to perform “context migration” to a second node (e.g., desktop). This may allow a user to watch a movie on the tablet, stop watching the movie, and then resume watching the movie from the desktop. To do so in a secure and stable manner, the first node may request security and performance credentials from the second node. If both credential sets satisfy thresholds, the first node may transfer content (e.g., encrypted copy of a movie) and state information (e.g., placeholder indicating where the movie was when context transfer began). The second node may then allow the user to resume his or her movie watching from the desktop. Other embodiments are described herein.
摘要翻译: 一个实施例包括用于在计算连续体上发送信息的安全且稳定的方法。 例如,该方法可以包括在第一节点(例如,平板电脑)上执行应用(例如,视频播放器),期望执行到第二节点(例如桌面)的“上下文迁移”。 这可能允许用户在平板电脑上观看电影,停止观看电影,然后从桌面恢复观看电影。 为了以安全和稳定的方式这样做,第一节点可以从第二节点请求安全性和性能凭证。 如果两个凭证组都满足阈值,则第一节点可以传送内容(例如,电影的加密副本)和状态信息(例如,当上下文传送开始时,指示电影在哪里的占位符)。 然后,第二节点可以允许用户从桌面恢复他或她的电影观看。 本文描述了其它实施例。
-
公开(公告)号:US20150278068A1
公开(公告)日:2015-10-01
申请号:US14226612
申请日:2014-03-26
申请人: Robert C. Swanson , C. Brendan Traw , Vincent J. Zimmer , Mallik Bulusu , John R. Lindsley , Mahesh S. Natu , Dimitrios Ziakas , Robert W. Cone , Madhusudhan Rangarajan , Babak Nikjou , Kirk D. Brannock , Russell J. Wunderlich , Miles F. Schwartz , Stephen S. Pawlowski
发明人: Robert C. Swanson , C. Brendan Traw , Vincent J. Zimmer , Mallik Bulusu , John R. Lindsley , Mahesh S. Natu , Dimitrios Ziakas , Robert W. Cone , Madhusudhan Rangarajan , Babak Nikjou , Kirk D. Brannock , Russell J. Wunderlich , Miles F. Schwartz , Stephen S. Pawlowski
CPC分类号: G06F11/3476 , G06F9/4403 , G06F9/4416 , G06F11/1417 , G06F21/575 , G06F2201/84
摘要: Platform controller, computer-readable storage media, and methods associated with initialization of a computing device. In embodiments, a platform controller may comprise a boot controller and one or more non-volatile memory modules, coupled with the boot controller. In embodiments, the one or more non-volatile memory modules may have first instructions and second instructions stored thereon. The first instructions may, when executed by a processor of a computing device hosting the platform controller, cause initialization of the computing device. The second instructions, when executed by the boot controller, may cause the boot controller to monitor at least a portion of the execution of the first instructions by the computing device and may generate a trace of the monitored portion of the execution of the first instructions. In embodiments, the trace may be stored in the one or more non-volatile memory modules. Other embodiments may be described and/or claimed.
摘要翻译: 平台控制器,计算机可读存储介质以及与计算设备的初始化相关联的方法。 在实施例中,平台控制器可以包括与引导控制器耦合的引导控制器和一个或多个非易失性存储器模块。 在实施例中,一个或多个非易失性存储器模块可以具有存储在其上的第一指令和第二指令。 当由托管平台控制器的计算设备的处理器执行时,第一指令可以引起计算设备的初始化。 第二指令在由引导控制器执行时可能导致引导控制器监视计算设备执行第一指令的至少一部分,并且可以生成第一指令的执行的监视部分的跟踪。 在实施例中,迹线可以存储在一个或多个非易失性存储器模块中。 可以描述和/或要求保护其他实施例。
-
公开(公告)号:US09135470B2
公开(公告)日:2015-09-15
申请号:US12772365
申请日:2010-05-03
CPC分类号: H04L63/0823 , G06F13/4068 , G06F21/575 , G06F21/71 , G06F21/72 , G06F21/80 , G06F2221/2107 , G06F2221/2115 , H04L9/3268 , H04L63/0435 , H04L63/061 , H04L63/08
摘要: In one embodiment, a method is provided that may include one or more operations. One of these operations may include, in response, at least in part, to a request to store input data in storage, encrypting, based least in part upon one or more keys, the input data to generate output data to store in the storage. The one or more keys may be authorized by a remote authority. Alternatively or additionally, another of these operations may include, in response, at least in part, to a request to retrieve the input data from the storage, decrypting, based at least in part upon the at least one key, the output data. Many modifications, variations, and alternatives are possible without departing from this embodiment.
摘要翻译: 在一个实施例中,提供了可以包括一个或多个操作的方法。 这些操作中的一个可以至少部分地包括存储输入数据的请求,至少部分地基于一个或多个密钥加密输入数据,以生成输出数据以存储在存储器中。 一个或多个键可以由远程机构授权。 或者或另外,这些操作中的另一个可以至少部分地包括从存储器检索输入数据的请求,至少部分地基于至少一个密钥来解密输出数据。 在不脱离本实施例的情况下,可以进行许多修改,变型和替换。
-
公开(公告)号:US09063836B2
公开(公告)日:2015-06-23
申请号:US12843617
申请日:2010-07-26
CPC分类号: G06F11/004 , G06F11/1008
摘要: Methods and apparatus to protect segments of memory are disclosed herein. An example method includes intercepting an interrupt request indicating an error; determining whether a first segment of memory is corrupt, the first segment of memory being designated as a protected region of memory; when the protected region of memory is corrupt, repairing the corrupted region of memory using a parity block of code; and in response to validating the protected region of memory, generating an interrupt enabling a utilization of code stored in the protected region of memory to handle the error associated with the interrupt request.
摘要翻译: 本文公开了保护存储器段的方法和装置。 示例性方法包括拦截指示错误的中断请求; 确定存储器的第一段是否损坏,所述第一存储器段被指定为存储器的保护区域; 当存储器的保护区域损坏时,使用奇偶校验块修复存储器的损坏区域; 并且响应于验证存储器的受保护区域,产生能够使用存储在存储器的保护区域中的代码来处理与中断请求相关联的错误的中断。
-
-
-
-
-
-
-
-
-
搜索结果
537 条记录 (耗时 0.03 秒)
