摘要:
A manageability engine of a processor based device and a host theft-deterrence agent of the processor based device, jointly implement a theft-deterrence protocol with a theft-deterrence service, remotely disposed from the processor based device, to deter theft of the processor based device. The host theft-deterrence agent is configured to operate in a processor operated application execution environment of the processor based device, and the manageability engine is configured to operate outside the application execution environment.
摘要:
An apparatus and system for enabling users to remotely manage their devices. Specifically, in one embodiment, in the event of a theft of a device or other such occurrence, a user may send a command to the device to execute a specified command. The command may include actions such as locking the device, shutting down the device, disabling logon's to the device and other such actions that may secure the device and the data on the device from unauthorized access. Upon receipt of an authorized unlock credential, the device may once again be made accessible.
摘要:
Method and apparatus enabling a computing system to deter or thwart unauthorized boot-up from peripheral devices are disclosed herein. In various embodiments, a monitoring module and a managing module are employed cooperating with each other to authorize users in booting up the computing system from peripheral devices.
摘要:
A manageability engine of a processor based device and a host theft-deterrence agent of the processor based device, jointly implement a theft-deterrence protocol with a theft-deterrence service, remotely disposed from the processor based device, to deter theft of the processor based device. The host theft-deterrence agent is configured to operate in a processor operated application execution environment of the processor based device, and the manageability engine is configured to operate outside the application execution environment.
摘要:
An apparatus and system for enabling users to remotely manage their devices. Specifically, in one embodiment, in the event of a theft of a device or other such occurrence, a user may send a command to the device to execute a specified command. The command may include actions such as locking the device, shutting down the device, disabling logon's to the device and other such actions that may secure the device and the data on the device from unauthorized access. Upon receipt of an authorized unlock credential, the device may once again be made accessible.
摘要:
Method and apparatus enabling a computing system to deter or thwart unauthorized boot-up from peripheral devices are disclosed herein. In various embodiments, a monitoring module and a managing module are employed cooperating with each other to authorize users in booting up the computing system from peripheral devices.
摘要:
An apparatus and system for enabling users to remotely manage their devices. Specifically, in one embodiment, in the event of a theft of a device or other such occurrence, a user may send a command to the device to execute a specified command. The command may include actions such as locking the device, shutting down the device, disabling logon's to the device and other such actions that may secure the device and the data on the device from unauthorized access. Upon receipt of an authorized unlock credential, the device may once again be made accessible.
摘要:
Method and apparatus enabling a computing system to deter or thwart unauthorized boot-up from peripheral devices are disclosed herein. In various embodiments, a monitoring module and a managing module are employed cooperating with each other to authorize users in booting up the computing system from peripheral devices.
摘要:
Key-to-policy association and hardware-based policy enforcement for file/folder encryption (FFE) and/or full-disk encryption (FDE) are provided. A CPU independent microprocessor (CIM) is coupled to a platform and provides a secure storage service, secure non-volatile storage, secure policy enforcement engine, and system interface for communication with platform components independent of the CPU. The CIM stores a key and its associated policies by generating a hardware-derived key to wrap the key prior to securely storing it in non-volatile storage on the CIM. Upon receiving a request for key-access by an application, policy status and credentials are verified before the key is returned.
摘要:
A method of preventing access of data in a node quickly and securely when the node is lost or stolen. The data is first encrypted using an encryption algorithm with a cryptographic key-material. Heuristic methods of detecting un-authorized access to the node are implemented to generate a theft-trigger. The theft-trigger is received and sent to a central authority. The validity of the trigger is verified and the central authority sends an acknowledgement of the trigger. When approval is given from the central authority, access to the data is prevented by deleting or concealing some cryptographic key-material.