公开(公告)号：US5022077A

公开(公告)日：1991-06-04

申请号：US398820

申请日：1989-08-25

申请人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Jerry D. Dixon ,  Scott G. Kinnear ,  George D. Kovach ,  Andrew B. McNeill ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Edward I. Wachtel ,  Kevin M. Zyvoloski

发明人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Jerry D. Dixon ,  Scott G. Kinnear ,  George D. Kovach ,  Andrew B. McNeill ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Edward I. Wachtel ,  Kevin M. Zyvoloski

IPC分类号： G06F13/10 ,  G06F9/445 ,  G06F12/14 ,  G06F21/22

CPC分类号： G06F9/4406

摘要： An apparatus and method for protecting BIOS stored on a direct access storage device into a personnal computer system. The personal computer system comprises a system processor, a system planar, a random access main memory, a read only memory, a protection means and at least one direct access storage device. The read only memory includes a first portion of BIOS and data representing the type of system processor and system planar I/O configuration. The first portion of BIOS initializes the system and the direct access storage device, and resets the protection means in order to read in a master boot record into the random access memory from a protectable partition on the direct access storage device.

公开(公告)号：US5410699A

公开(公告)日：1995-04-25

申请号：US609043

申请日：1990-11-02

申请人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Scott G. Kinnear ,  George D. Kovach ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Kevin M. Zyvoloski

发明人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Scott G. Kinnear ,  George D. Kovach ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Kevin M. Zyvoloski

IPC分类号： G06F13/10 ,  G06F9/445 ,  G06F9/06

CPC分类号： G06F9/4406

摘要： An apparatus and method for loading BIOS from a diskette drive into a personal computer system normally connected to a hardfile, such as a fixed disk. The personal computer system further includes a system processor, a random access main memory, a read only memory and a switching means. The switching means generates a signal to indicate a mode for whether BIOS loads from either diskette or disk. In a priority mode, BIOS loads immediately from diskette. In a recovery mode, BIOS loads from diskette after testing the disk subsystem.

摘要翻译： 一种用于将BIOS从软盘驱动器加载到通常连接到诸如固定盘之类的硬文件的个人计算机系统的装置和方法。 个人计算机系统还包括系统处理器，随机存取主存储器，只读存储器和切换装置。 切换装置产生一个信号，指示是否从软盘或磁盘加载BIOS的模式。 在优先模式下，BIOS会立即从软盘加载。 在恢复模式下，BIOS在测试磁盘子系统后从磁盘加载。

公开(公告)号：US5210875A

公开(公告)日：1993-05-11

申请号：US398865

申请日：1989-08-25

申请人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Scott G. Kinnear ,  George D. Kovach ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Kevin M. Zyvoloski

发明人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Scott G. Kinnear ,  George D. Kovach ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Kevin M. Zyvoloski

IPC分类号： G06F9/06

CPC分类号： G06F9/4406

摘要： An apparatus and method for loading BIOS stored on a direct access storage device into a personal computer system. The personal computer system comprises a system processor, a system planar, a random access main memory, a read only memory, and at least one direct access storage device. The first portion of BIOS initializes the system and the direct access storage device to read in a master boot record into the system from the direct access storage device. The master boot record includes a data segment and an executable code segment. The first BIOS portion vectors the system processor to execute the executable code segment of the master boot record. The executable code segment loads in the remaining BIOS portion from the direct access storage device into random access memory.

公开(公告)号：US5136713A

公开(公告)日：1992-08-04

申请号：US398860

申请日：1989-08-25

申请人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Scott G. Kinnear ,  George D. Kovach ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Kevin M. Zyvoloski

发明人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Scott G. Kinnear ,  George D. Kovach ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Kevin M. Zyvoloski

IPC分类号： G06F13/10 ,  G06F9/445

CPC分类号： G06F9/4406

摘要： An apparatus and method for decreasing the memory requirements of BIOS in a personal computer system includes storing a first portion of BIOS in memory and a second portion on a direct storage access device. The personal computer system comprises a system processor, a random access main memory, a read only memory, and at least one direct access storage device. The first portion of BIOS only includes routines for initializing the system and the direct access storage device to read in a master boot record into the system from the direct access storage device. The master boot record includes a data segment and an executable code segment. The first BIOS portion vectors the system processor to execute the executable code segment of the master boot record. The executable code segment loads in the remaining BIOS portion from the direct access storage device into random access memory superseding the first BIOS portion.

公开(公告)号：US5355489A

公开(公告)日：1994-10-11

申请号：US675587

申请日：1991-03-26

申请人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Scott G. Kinnear ,  George D. Kovach ,  Jay H. Neer ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Kevin M. Zyvoloski

发明人： Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Scott G. Kinnear ,  George D. Kovach ,  Jay H. Neer ,  Matthew S. Palka, Jr. ,  Robert Sachsenmaier ,  Kevin M. Zyvoloski

IPC分类号： G06F9/445 ,  G06F13/40 ,  G06F9/06

CPC分类号： G06F9/4401 ,  G06F13/409

摘要： An apparatus for loading BIOS stored on a direct access storage device in a personal computer system, the system comprising direct access storage device, and a processor card removably mounted to a planar board. The processor card comprises a system processor and ROM memory, while the planar board includes a main memory. A master boot record is stored on the direct access storage device. The master boot record contains a data segment and an executable code segment, the data segment representing the hardware configuration of the personal computer system. A first portion of BIOS included in the ROM memory initializes the system and causes loading of the master boot record into main memory. This first portion of BIOS further compares the hardware configuration data of the master boot record with the hardware configuration data in the ROM memory to verify compatibility with the system processor. Once compatibility of the master boot record with the system processor is verified, the first portion of BIOS transfers control to an executable code segment of the master boot record to effect loading of the remaining portion of BIOS into main memory, and the first portion of BIOS is discarded.

摘要翻译： 一种用于加载存储在个人计算机系统中的直接访问存储设备上的BIOS的设备，该系统包括直接访问存储设备和可拆卸地安装到平面板的处理器卡。 处理器卡包括系统处理器和ROM存储器，而平面板包括主存储器。 主引导记录存储在直接访问存储设备上。 主引导记录包含数据段和可执行代码段，数据段表示个人计算机系统的硬件配置。 包括在ROM存储器中的BIOS的第一部分初始化系统并导致主引导记录加载到主存储器中。 BIOS的第一部分还将主引导记录的硬件配置数据与ROM存储器中的硬件配置数据进行比较，以验证与系统处理器的兼容性。 一旦验证了主引导记录与系统处理器的兼容性，BIOS传输的第一部分将控制到主引导记录的可执行代码段，以将剩余部分的BIOS加载到主存储器中，并且BIOS的第一部分 被丢弃

公开(公告)号：US5128995A

公开(公告)日：1992-07-07

申请号：US557334

申请日：1990-07-23

申请人： Lisa R. Arnold ,  Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Douglas R. Geisler ,  Matthew T. Mittelstedt ,  Matthew S. Palka, Jr. ,  John D. Paul ,  Robert Sachsenmaier ,  Kenneth D. Smeltzer ,  Peter A. Woytovech ,  Kevin M. Zyvoloski

发明人： Lisa R. Arnold ,  Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Douglas R. Geisler ,  Matthew T. Mittelstedt ,  Matthew S. Palka, Jr. ,  John D. Paul ,  Robert Sachsenmaier ,  Kenneth D. Smeltzer ,  Peter A. Woytovech ,  Kevin M. Zyvoloski

IPC分类号： G06F3/06 ,  G06F9/445 ,  G06F11/08 ,  G06F11/22 ,  G06F13/10

CPC分类号： G06F9/4406 ,  G06F11/08 ,  G06F11/22

摘要： A personal computer system according to the present invention comprises a system processor, a random access memory, a read only memory, and at least one direct access storage device. A direct access storage device controller coupled between the system processor and direct access storage device includes a protection mechanism for protecting a region of the storage device. The protected region of the storage device includes a master boot record, a BIOS image and a system reference diskette image. The BIOS image includes a section known as Power on Self Test (POST). POST is used to test and initialize a system. Upon detecting any configuration error, system utilities from the system reference diskette image, such as set configuration programs, diagnostic programs and utility programs can be automatically activated from the direct access storage device.

公开(公告)号：US5214695A

公开(公告)日：1993-05-25

申请号：US716594

申请日：1991-06-17

申请人： Lisa R. Arnold ,  Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Douglas R. Geisler ,  Matthew T. Mittelstedt ,  Matthew S. Palka, Jr. ,  John D. Paul ,  Robert Sachsenmaier ,  Kenneth D. Smeltzer ,  Peter A. Woytovech ,  Kevin M. Zyvoloski

发明人： Lisa R. Arnold ,  Richard Bealkowski ,  John W. Blackledge, Jr. ,  Doyle S. Cronk ,  Richard A. Dayan ,  Douglas R. Geisler ,  Matthew T. Mittelstedt ,  Matthew S. Palka, Jr. ,  John D. Paul ,  Robert Sachsenmaier ,  Kenneth D. Smeltzer ,  Peter A. Woytovech ,  Kevin M. Zyvoloski

IPC分类号： G06F9/445 ,  G06F11/08 ,  G06F11/22

CPC分类号： G06F9/4401 ,  G06F11/08 ,  G06F11/22 ,  Y10S706/934

摘要： A personal computer system according to the present invention comprises a system processor, a random access memory, a read only memory, and at least one direct access storage device. A direct access storage device controller coupled between the system processor and direct access storage device includes a protection mechanism for protecting a region of the storage device. The protected region of the storage device includes a master boot record, a BIOS image and a system reference diskette image. The BIOS image includes a section known as Power on Self Test (POST). POST is used to test and initialize a system. Upon detecting any configuration error, system utilities from the system reference diskette image, such as set configuration programs, diagnostic programs and utility programs can be automatically activated from the direct access storage device.

摘要翻译： 根据本发明的个人计算机系统包括系统处理器，随机存取存储器，只读存储器和至少一个直接存取存储设备。 耦合在系统处理器和直接存取存储装置之间的直接访问存储装置控制器包括用于保护存储装置的区域的保护机构。 存储设备的保护区域包括主引导记录，BIOS映像和系统参考软盘映像。 BIOS映像包括一个称为开机自检（POST）的部分。 POST用于测试和初始化系统。 在检测到任何配置错误时，可以从直接访问存储设备自动激活系统参考软盘映像中的系统实用程序（如设置配置程序，诊断程序和实用程序）。

公开(公告)号：US5341422A

公开(公告)日：1994-08-23

申请号：US947014

申请日：1992-09-17

申请人： John W. Blackledge, Jr. ,  Richard A. Dayan ,  Dennis L. Moeller ,  Palmer E. Newman ,  Kenneth J. P. Zubay

发明人： John W. Blackledge, Jr. ,  Richard A. Dayan ,  Dennis L. Moeller ,  Palmer E. Newman ,  Kenneth J. P. Zubay

IPC分类号： G06F12/14 ,  G06F1/00 ,  G06F21/02 ,  G06F21/24 ,  H04L9/00

CPC分类号： G06F21/82 ,  G06F21/86 ,  G06F2211/007 ,  G06F2211/009

摘要： This invention relates to personal computer systems and, more particularly, to such a system having security features enabling control over access to data retained in such a system. This invention contemplates protecting a personal computer system which has the capability of becoming a secure system from being placed into that condition by an attack on an unsecured machine. Additionally, in a network environment, it is important to maintaining network security that any given particular system be uniquely identified to the network, in order to guard against the substitution of an insecure "alternate" which would open the network to attack through an insecure system. This invention contemplates provision for such identification in a secure manner.

摘要翻译： 本发明涉及个人计算机系统，更具体地说，涉及具有能够控制对这种系统中保留的数据的访问的安全特征的这种系统。 本发明考虑到保护具有成为安全系统的能力的个人计算机系统，以免受到不安全机器的攻击而被置于该状态。 另外，在网络环境中，保持网络安全性至关重要，任何给定的特定系统可以被唯一地标识到网络，以防止替代不安全的“备用”，这将打开网络以通过不安全的系统进行攻击 。 本发明考虑以安全的方式提供这种识别。

公开(公告)号：US5388156A

公开(公告)日：1995-02-07

申请号：US840965

申请日：1992-02-26

申请人： John W. Blackledge, Jr. ,  Grant L. Clarke, Jr. ,  Richard A. Dayan ,  Kimthanh D. Le ,  Patrick E. McCourt ,  Matthew T. Mittelstedt ,  Dennis L. Moeller ,  Palmer E. Newman ,  David L. Randall ,  JoAnna B. Yoder

发明人： John W. Blackledge, Jr. ,  Grant L. Clarke, Jr. ,  Richard A. Dayan ,  Kimthanh D. Le ,  Patrick E. McCourt ,  Matthew T. Mittelstedt ,  Dennis L. Moeller ,  Palmer E. Newman ,  David L. Randall ,  JoAnna B. Yoder

IPC分类号： G06F11/00 ,  G06F9/06 ,  G06F12/14 ,  G06F21/00 ,  G06F21/06 ,  G06F21/22 ,  G06F21/24 ,  H04L9/00

CPC分类号： G06F21/86 ,  G06F2211/009 ,  G06F2221/2143

摘要： This invention relates to personal computer systems and, more particularly, to such a system having security features enabling control over access to data retained in such a system. In particular, a personal computer system in accordance with this invention has a normally closed enclosure, at least one erasable memory element for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state, an option switch operatively connected with the erasable memory element for setting the erasable memory element to the active and inactive states, a tamper detection switch operatively connected with the erasable memory element for detecting opening of the enclosure and for invalidating any privileged access password stored in the erasable memory element in response to any switching of the tamper switch, and a system processor operatively connected with the erasable memory element for controlling access to at least certain levels of data stored within the system by distinguishing between the active and inactive states of the memory element and between entry and non-entry of any stored privileged access password. In the presently preferred form of the invention, two non-volatile erasable memory elements are provided, one an EEPROM and the other battery backed CMOS RAM.

摘要翻译： 本发明涉及个人计算机系统，更具体地说，涉及具有能够控制对这种系统中保留的数据的访问的安全特征的这种系统。 特别地，根据本发明的个人计算机系统具有常闭壳体，至少一个可擦除存储器元件，用于选择性地激活到主动和非活动状态，并且在处于活动状态时接收和存储特权访问密码，选项开关 与可擦除存储器元件可操作地连接，用于将可擦除存储器元件设置为活动和非活动状态;篡改检测开关，其可操作地与可擦除存储元件连接，用于检测外壳的打开并使存储在可擦除存储器元件中的任何特权访问密码无效 响应于所述篡改开关的任何切换，以及与所述可擦除存储器元件可操作地连接的系统处理器，用于通过区分所述存储元件的有效和非活动状态以及在进入之间来控制对存储在所述系统内的至少某一级别的数据的访问 并且不输入任何存储的特权访问权限 ss字。 在本发明的当前优选形式中，提供了两个非易失性可擦除存储器元件，一个是EEPROM和另一个电池支持的CMOS RAM。

公开(公告)号：US5432939A

公开(公告)日：1995-07-11

申请号：US889324

申请日：1992-05-27

申请人： John W. Blackledge, Jr. ,  Richard A. Dayan ,  Dennis L. Moeller ,  Palmer E. Newman ,  Kenneth J. P. Zubay

发明人： John W. Blackledge, Jr. ,  Richard A. Dayan ,  Dennis L. Moeller ,  Palmer E. Newman ,  Kenneth J. P. Zubay

IPC分类号： G06F1/00 ,  G06F9/06 ,  G06F9/445 ,  G06F12/14 ,  G06F21/00 ,  G06F21/06 ,  G06F21/20 ,  G06F21/22 ,  G06F21/24 ,  G06F9/44

CPC分类号： G06F21/85 ,  G06F9/4401 ,  G06F12/1408

摘要： This invention relates to personal computer systems and, more particularly, to such a system having security features enabling control over access to data retained in such a system. The features here described include a prioritized initial loading program for enabling initial loading of an operating system from a selected one of a plurality of sources, the prioritized initial loading program normally designating an interpreter program as a final option default in the event of failure of access to an operating system from any other one of the plurality of sources; a security utility program for enabling a designated user to (a) selectively modify the initial loading program by specifying the number and priority order of the plurality of sources and (b) selectively modify the initial loading program by deleting the interpreter program from the plurality of sources; a master cryptographic key for use in encrypting and decrypting data processed by the system CPU; and a second security utility program for enabling a designated user to modify the master cryptographic key.

摘要翻译： 本发明涉及个人计算机系统，更具体地说，涉及具有能够控制对这种系统中保留的数据的访问的安全特征的这种系统。 这里描述的特征包括优先的初始加载程序，用于使得能够从多个源中的所选的一个源初始加载操作系统，优先化的初始加载程序通常将解释程序指定为在访问失败的情况下的最终选项默认值 涉及来自所述多个源中的任何另一个的操作系统; 一种用于使指定用户能够（a）通过指定所述多个源的数量和优先级顺序来选择性地修改所述初始加载程序的安全实用程序，以及（b）通过从所述多个源中删除所述解释程序来选择性地修改所述初始加载程序 来源 用于加密和解密由系统CPU处理的数据的主密码密钥; 以及用于使指定用户能够修改主加密密钥的第二安全实用程序。