-
1.发明授权Method for providing a single preloaded software image with an ability to support multiple hardware configurations and multiple types of computer systems 失效用于提供具有支持多种硬件配置和多种类型的计算机系统的能力的单个预加载软件映像的方法公开(公告)号:US06944867B2
公开(公告)日:2005-09-13
申请号:US09971942
申请日:2001-10-04
申请人: Richard Wayne Cheston , Daryl Carvis Cromer , Jeffrey Mark Estroff , James Anthony Hunt , Howard Jeffrey Locker , Joshua Neil Novak , Randall Scott Springfield , James Peter Ward , Arnold Stephen Weksler
发明人: Richard Wayne Cheston , Daryl Carvis Cromer , Jeffrey Mark Estroff , James Anthony Hunt , Howard Jeffrey Locker , Joshua Neil Novak , Randall Scott Springfield , James Peter Ward , Arnold Stephen Weksler
CPC分类号: G06F9/4406 , G06F9/4411
摘要: The hard disk drive of a computer system is loaded with a preloaded image including an operating system, a number of application programs, and a device driver installation routine, all of which are not dependent on the hardware configuration of the computer system. A hidden partition of the hard disk drive is also loaded with a number of device drivers, which are dependent upon the hardware configuration. During the first boot only of the preloaded image, the device drivers are installed by the device driver installation routine.
摘要翻译: 计算机系统的硬盘驱动器装载有包括操作系统,许多应用程序和设备驱动程序安装程序的预加载映像,所有这些都不依赖于计算机系统的硬件配置。 硬盘驱动器的隐藏分区还加载了许多设备驱动程序,这些驱动程序取决于硬件配置。 在首次引导仅预载图像的情况下,设备驱动程序由设备驱动程序安装程序安装。
-
2.发明授权公开(公告)号:US07257701B2
公开(公告)日:2007-08-14
申请号:US09990003
申请日:2001-11-21
申请人: Richard Wayne Cheston , Daryl Carvis Cromer , Howard Jeffrey Locker , David Benson Rhoades , Randall Scott Springfield , James Peter Ward
发明人: Richard Wayne Cheston , Daryl Carvis Cromer , Howard Jeffrey Locker , David Benson Rhoades , Randall Scott Springfield , James Peter Ward
IPC分类号: G06F15/00
摘要: A method and system for configuring an operating system in a computer system including language selection during bootup rather than at manufacture. A first aspect of the method and system comprises providing a plurality of operating system images in the computer system, each of the plurality of operating system images being based upon a particular language, selecting one of the plurality of operating system images based on the language supported by the computer system and loading the selected operating system image into the computer system. A second aspect of the method and system comprises providing a language-independent operating system image in the computer system, determining a language supported by the computer system, loading the language-independent operating system image into the computer system, and associating the language supported by the computer system with the language-independent operating system image.
摘要翻译: 一种用于在计算机系统中配置操作系统的方法和系统,包括在启动期间而不是制造期间的语言选择。 所述方法和系统的第一方面包括在所述计算机系统中提供多个操作系统图像,所述多个操作系统图像中的每一个基于特定语言,基于所支持的语言来选择所述多个操作系统图像中的一个 通过计算机系统将所选择的操作系统映像加载到计算机系统中。 该方法和系统的第二方面包括在计算机系统中提供与语言无关的操作系统图像,确定由计算机系统支持的语言,将与语言无关的操作系统映像加载到计算机系统中,以及将由 计算机系统具有与语言无关的操作系统映像。
-
公开(公告)号:US07107460B2
公开(公告)日:2006-09-12
申请号:US10077135
申请日:2002-02-15
申请人: Daryl Carvis Cromer , Scott Thomas Elliott , James Patrick Hoff , Howard Jeffrey Locker , David Rivera , Randall Scott Springfield , James Peter Ward
发明人: Daryl Carvis Cromer , Scott Thomas Elliott , James Patrick Hoff , Howard Jeffrey Locker , David Rivera , Randall Scott Springfield , James Peter Ward
摘要: An embedded security subsystem, and method for implementing the same, which provide secure controllability of a data security device within a data processing system. The embedded security subsystem of the present invention includes a persistent enable flag for providing control access to the data security device, wherein the persistent enable flag is accessible only in response to a power-on reset cycle of the data processing system. The persistent enable flag is read-only accessible to runtime program instructions. A pending state change flag that is write accessible by runtime program instructions is utilized for setting an intended next state of the persistent enable flag such that control access to the data security device is enabled only during a subsequent power-on reset of said data processing system.
-
4.发明授权Method for preventing system wake up from a sleep state if a boot log returned during the system wake up cannot be authenticated 有权如果在系统唤醒期间返回的引导日志无法验证,则防止系统从睡眠状态唤醒的方法公开(公告)号:US07412596B2
公开(公告)日:2008-08-12
申请号:US10967760
申请日:2004-10-16
申请人: David Carroll Challener , Daryl Carvis Cromer , Joseph Wayne Freeman , Steven Dale Goodman , James Patrick Hoff , Howard Jeffrey Locker , Randall Scott Springfield , James Peter Ward
发明人: David Carroll Challener , Daryl Carvis Cromer , Joseph Wayne Freeman , Steven Dale Goodman , James Patrick Hoff , Howard Jeffrey Locker , Randall Scott Springfield , James Peter Ward
IPC分类号: G06F9/00 , G06F15/177
CPC分类号: G06F21/575
摘要: A method and system for enabling security attestation for a computing device during a return from an S4 sleep state. When the computing device enters into the S4 state following a successful boot up, the attestation log is appended to the TPM tick count and the log is signed (with a security signature). When the device is awaken from S4 state, the BIOS obtains and verifies the log created during the previous boot. The CRTM maintains a set of virtual PCRs and references these virtual PCRs against the log. If the values do not match, the return from S4 state fails and the device is rebooted.
摘要翻译: 一种用于在从S4睡眠状态返回期间为计算设备提供安全认证的方法和系统。 当计算设备在成功启动后进入S4状态时,认证日志会追加到TPM刻度计数,并且日志被签名(具有安全签名)。 当设备从S4状态唤醒时,BIOS将获取并验证在以前引导过程中创建的日志。 CRTM维护一组虚拟PCR,并将这些虚拟PCR引用到日志中。 如果值不匹配,则S4状态返回失败,设备重启。
-
公开(公告)号:US06249812B1
公开(公告)日:2001-06-19
申请号:US09164658
申请日:1998-10-01
申请人: Daryl Carvis Cromer , Gregory William Kilmer , Howard Jeffrey Locker , Randall Scott Springfield , James Peter Ward
发明人: Daryl Carvis Cromer , Gregory William Kilmer , Howard Jeffrey Locker , Randall Scott Springfield , James Peter Ward
IPC分类号: G06F1760
CPC分类号: H04L41/24 , H04L41/0681
摘要: A client on a network is provided with auxiliary low power logic, at the network adaptor, that is always active and simulates network traffic (e.g., Ethernet format) normally sent under control of the main client system processor(s). This logic collects client status information and reports to the network manager, irrespective of the system's CPU power level, information and provides for interaction between the user and the administration or network manager to exercise broader control and perform repair and upgrades which would otherwise require a dialog with the user and/or limit repair and reconfiguration of the client system to off-hours activity. The auxiliary logic also can receive and interpret commands from the network that conform to a predefined format.
摘要翻译: 在网络上的客户机提供辅助低功率逻辑,在网络适配器处,其始终是活动的并且模拟通常在主客户端系统处理器的控制下发送的网络流量(例如,以太网格式)。 该逻辑收集客户端状态信息并向网络管理员报告,而不管系统的CPU功率级别,信息,并提供用户与管理或网络管理者之间的交互,以执行更广泛的控制并执行维修和升级,否则需要对话 用户和/或限制修复和重新配置客户端系统到非工作活动。 辅助逻辑还可以接收和解释来自网络的符合预定格式的命令。
-
6.发明授权公开(公告)号:US07620997B2
公开(公告)日:2009-11-17
申请号:US10748919
申请日:2003-12-22
申请人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Hernando Ovies , Randall Scott Springfield
发明人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Hernando Ovies , Randall Scott Springfield
摘要: When an authenticated wireless computer loses connectivity to a wireless access point of a network and roams to another access point, the wireless computer (e.g., a hypervisor in the computer) determines whether the new access point is authorized for secure communication and if so, releases access to secure data on the network through the new access point.
摘要翻译: 当经认证的无线计算机失去与网络的无线接入点的连接并漫游到另一接入点时,无线计算机(例如,计算机中的管理程序)确定新接入点是否被授权用于安全通信,如果是,则释放 通过新的接入点访问网络上的安全数据。
-
7.发明申请System and Method for Securely Clearing Secret Data that Remain in a Computer System Memory 有权安全清除计算机系统内存中保密数据的系统和方法公开(公告)号:US20090222915A1
公开(公告)日:2009-09-03
申请号:US12040953
申请日:2008-03-03
申请人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield
发明人: David Carroll Challener , Daryl Carvis Cromer , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: G06F21/00
摘要: A system, method, and program product is provided that initializes a counter maintained in a nonvolatile memory of a security module to an initialization value. The security module receives requests for a secret from requesters. The security module releases the secret to the requesters and the released secrets are stored in memory areas allocated to the requesters. A counter is incremented when the secret is released. Requestors send notifications to the security module indicating that the requestor has removed the secret from the requestor's memory area. The security module decrements the counter each time a notification is received. When the computer system is rebooted, if the counter is not at the initialization value, the system memory is scrubbed erasing any secrets that remain in memory.
摘要翻译: 提供了一种系统,方法和程序产品,其将维护在安全模块的非易失性存储器中的计数器初始化为初始化值。 安全模块从请求者接收到秘密的请求。 安全模块向请求者释放秘密,所发布的秘密存储在分配给请求者的内存区域中。 当秘密被释放时,计数器递增。 请求者向安全模块发送指示请求者已经从请求者的存储区域移除了秘密的通知。 每次接收到通知时,安全模块都会递减计数器。 当计算机系统重新启动时,如果计数器不在初始化值,系统内存将被擦除擦除留在内存中的任何秘密。
-
8.发明授权Systems, methods, and media for remote wake-up and management of systems in a network 失效用于远程唤醒和管理网络中系统的系统,方法和媒体公开(公告)号:US07483966B2
公开(公告)日:2009-01-27
申请号:US10749257
申请日:2003-12-31
IPC分类号: G06F15/173
CPC分类号: G06F1/3246 , G06F1/26 , G06F1/3203 , H04L12/12 , Y02D50/40 , Y02D50/42
摘要: Systems, methods, and media for providing remote wake-up and management of systems in a network are disclosed. More particularly, hardware and/or software for a server to receive feedback from a client as to the status of its wake-on-LAN functionality is disclosed. Embodiments include hardware and/or software for determining a client to be managed, determining whether the client is active on the network, transmitting a first network packet comprising a wake-on-LAN packet, and receiving a return wake-on-LAN packet, which comprises an indication of the address of the client and an indication of the status of the wake-on-LAN functionality of the client. Embodiments may also include transmitting a command to start a management session on the client.
摘要翻译: 公开了用于在网络中提供远程唤醒和系统管理的系统,方法和媒体。 更具体地,公开了用于从客户端接收关于其唤醒LAN功能的状态的反馈的服务器的硬件和/或软件。 实施例包括用于确定要管理的客户端的硬件和/或软件,确定客户端是否在网络上是活动的,发送包括LAN唤醒分组的第一网络分组以及接收LAN上的返回唤醒分组, 其包括客户端的地址的指示和客户端的唤醒LAN功能的状态的指示。 实施例还可以包括发送命令以在客户端上启动管理会话。
-
公开(公告)号:US07424745B2
公开(公告)日:2008-09-09
申请号:US11057804
申请日:2005-02-14
申请人: Richard W. Cheston , Daryl Carvis Cromer , Mark Charles Davis , Howard Jeffrey Locker , Randall Scott Springfield
发明人: Richard W. Cheston , Daryl Carvis Cromer , Mark Charles Davis , Howard Jeffrey Locker , Randall Scott Springfield
IPC分类号: G06F11/30 , G06F12/14 , G06F7/04 , G06F17/30 , H04L9/32 , G06K9/00 , G06F15/177 , G06F15/16 , G06F15/18 , G08B23/00
CPC分类号: G06F21/575 , G06F21/56 , G06F2221/2115 , H04L63/1433 , H04L63/145
摘要: A method and system is described for a wireless client computer to be connected via an access point to a network only if the wireless client computer has executed all requisite anti-virus programs. Where necessary, a signal from the access point notifies an anti-viral program server that an anti-virus needs to be immediately downloaded to the wireless client computer. An anti-virus fix is installed on the wireless client computer, and a full session is then initiated between the wireless client computer and a wireless network via the access point.
摘要翻译: 如果无线客户端计算机已经执行了所有必要的防病毒程序,则描述了一种无线客户端计算机通过接入点连接到网络的方法和系统。 必要时,来自接入点的信号通知反病毒程序服务器需要立即将防病毒下载到无线客户端计算机。 在无线客户端计算机上安装了防病毒修复程序,然后通过接入点在无线客户端计算机和无线网络之间启动完整会话。
-
公开(公告)号:US07330977B2
公开(公告)日:2008-02-12
申请号:US10748062
申请日:2003-12-30
IPC分类号: H04L9/00
CPC分类号: G06F21/78 , G06F11/1458 , G06F11/1469
摘要: An apparatus for securely backing up data using a cryptographic module includes a mass storage device having a first accessible portion and a second encrypted portion. The mass storage device is initialized to only decrypt the encrypted portion on the system that first created the encrypted portion. The cryptographic module may be a Trusted Platform Module (TPM) based on specifications from the Trusted Computer Group. The mass storage device comprises a trusted platform interface module configured to communicate with the TPM. The system may include a motherboard having a TPM, and the mass storage device. The method in one embodiment comprises providing a computer readable mass storage device, initializing a password module, transmitting an encrypted password to the cryptographic module, authenticating the encrypted password, decrypting the encrypted password, transmitting the decrypted password to the computer readable medium, and decrypting the second encrypted portion using the decrypted password.
摘要翻译: 使用加密模块安全地备份数据的装置包括具有第一可访问部分和第二加密部分的大容量存储设备。 大容量存储设备被初始化为仅对首先创建加密部分的系统上的加密部分进行解密。 加密模块可以是基于可信计算机组的规范的可信平台模块(TPM)。 大容量存储设备包括被配置为与TPM通信的可信平台接口模块。 该系统可以包括具有TPM的主板和大容量存储设备。 在一个实施例中的方法包括提供计算机可读大容量存储设备,初始化密码模块,向加密模块发送加密密码,认证加密密码,解密加密密码,将解密的密码发送到计算机可读介质,以及解密 使用解密密码的第二加密部分。
-
-
-
-
-
-
-
-
-
搜索结果
170 条记录 (耗时 0.047 秒)