摘要:
A method for protecting Security Accounts Manager (SAM) files within a Windows® operating system is disclosed. A SAM file encryption key is generated by encrypting a SAM file via a syskey utility provided within the Windows® operating system. The SAM file encryption key is then stored in a virtual floppy disk by selecting an option to store SAM file encryption key to a floppy disk under the syskey utility. A blob is generated by performing a Trusted Platform Module (TPM) Seal command against the SAM file encryption key along with a value stored in a Performance Control Register and a TPM Storage Root Key. The blob is stored in a non-volatile storage area of a computer.
摘要:
A method for protecting Security Accounts Manager (SAM) files within a Windows® operating system is disclosed. A SAM file encryption key is generated by encrypting a SAM file via a syskey utility provided within the Windows® operating system. The SAM file encryption key is then stored in a virtual floppy disk by selecting an option to store SAM file encryption key to a floppy disk under the syskey utility. A blob is generated by performing a Trusted Platform Module (TPM) Seal command against the SAM file encryption key along with a value stored in a Performance Control Register and a TPM Storage Root Key. The blob is stored in a non-volatile storage area of a computer.
摘要:
An apparatus, method and system are disclosed for touch and gesture detection. A light source array comprises a plurality of light sources. Each light source of the light source array transmits a light beam across a face of a display in response to being activated. A light sensor array comprises a plurality of light sensors. Each light sensor of the light sensor array detects an intensity of each light beam transmitted across the face of the display in response to being activated. A controller concurrently activates each light source of the light source array with each light sensor of the light sensor array as a source/sensor pair during a detection cycle while other light sources of the light source array and other light sensors of the light sensor array are inactive. The controller further determines a location of a pointer relative to the display from a pattern of light beam intensities for each source/sensor pair.
摘要:
An apparatus, method and system are disclosed for touch and gesture detection. A light source array comprises a plurality of light sources. Each light source of the light source array transmits a light beam across a face of a display in response to being activated. A light sensor array comprises a plurality of light sensors. Each light sensor of the light sensor array detects an intensity of each light beam transmitted across the face of the display in response to being activated. A controller concurrently activates each light source of the light source array with each light sensor of the light sensor array as a source/sensor pair during a detection cycle while other light sources of the light source array and other light sensors of the light sensor array are inactive. The controller further determines a location of a pointer relative to the display from a pattern of light beam intensities for each source/sensor pair.
摘要:
A method for managing shared passwords on a multi-user computer system is disclosed. A set of shared passwords and an administrator internal key are initially generated. After the receipt of an administrator external key, the administrator internal key is encrypted with the administrator external key. For each user level within the computer system, an internal key is generated by hashing the administrator internal key. For each user level within the computer system, each of the shared passwords encrypted with a respective one of the internal keys. The internal keys and the encrypted shared passwords are then stored in a non-volatile storage device.
摘要:
A technique for identifying a user of a device includes receiving a tracking mechanism trigger and capturing (e.g., periodically) identifying information on the user of the device in response to the trigger.
摘要:
A technique for identifying a user of a device includes receiving a tracking mechanism trigger and capturing (e.g., periodically) identifying information on the user of the device in response to the trigger.
摘要:
A method for providing a secure single sign-on to a computer system is disclosed. Pre-boot passwords are initially stored in a secure storage area of a smart card. The operating system password, which has been encrypted to a blob, is stored in a non-secure area of the smart card. After the smart card has been inserted in a computer system, a user is prompted for a Personal Identification Number (PIN) of the smart card. In response to a correct smart card PIN entry, the blob stored in the non-secure storage area of the smart card is decrypted to provide the operating system password, and the operating system password along with the pre-boot passwords stored in the secure storage area of the smart card are then utilized to log on to the computer system.
摘要:
A method for providing a secure single sign-on to a computer system is disclosed. Pre-boot passwords are initially stored in a secure storage area of a smart card. The operating system password, which has been encrypted to a blob, is stored in a non-secure area of the smart card. After the smart card has been inserted in a computer system, a user is prompted for a Personal Identification Number (PIN) of the smart card. In response to a correct smart card PIN entry, the blob stored in the non-secure storage area of the smart card is decrypted to provide the operating system password, and the operating system password along with the pre-boot passwords stored in the secure storage area of the smart card are then utilized to log on to the computer system.
摘要:
Method and apparatus for enabling applications on security processors of computer systems. In one aspect, a security processor apparatus includes a processor and a memory coupled to the processor and operative to store a secure table. The secure table stores different certified endorsement keys and different values, each value associated with one of the endorsement keys. Each stored value is derived from a different application that is certified by the associated endorsement key to be executed on the processor.