-
公开(公告)号:US08612753B2
公开(公告)日:2013-12-17
申请号:US12343148
申请日:2008-12-23
申请人: Yasser Rasheed , Steve Grobman
发明人: Yasser Rasheed , Steve Grobman
IPC分类号: H04L29/06 , G06F11/30 , G06F12/14 , G06F15/173
CPC分类号: H04L9/0825 , H04L9/3247 , H04L9/3263
摘要: In one embodiment of the invention, a server may send encrypted material to a client. The client processor may decrypt and process the material, encrypt the results, and send the results back to the server. This sequence of events may occur while the execution or processing of the material is restricted to the client processor. Any material outside the client processor, such as material located in system memory, will be encrypted.
摘要翻译: 在本发明的一个实施例中,服务器可以向客户端发送加密的资料。 客户端处理器可以解密和处理资料,加密结果,并将结果发送回服务器。 当材料的执行或处理被限制到客户机处理器时,可能发生这种事件序列。 客户端处理器外的任何材料(如位于系统存储器中的材料)将被加密。
-
公开(公告)号:US20100161956A1
公开(公告)日:2010-06-24
申请号:US12343148
申请日:2008-12-23
申请人: Yasser Rasheed , Steve Grobman
发明人: Yasser Rasheed , Steve Grobman
IPC分类号: H04L9/00
CPC分类号: H04L9/0825 , H04L9/3247 , H04L9/3263
摘要: In one embodiment of the invention, a server may send encrypted material to a client. The client processor may decrypt and process the material, encrypt the results, and send the results back to the server. This sequence of events may occur while the execution or processing of the material is restricted to the client processor. Any material outside the client processor, such as material located in system memory, will be encrypted.
摘要翻译: 在本发明的一个实施例中,服务器可以向客户端发送加密的资料。 客户端处理器可以解密和处理资料,加密结果,并将结果发送回服务器。 当材料的执行或处理被限制到客户机处理器时,可能发生这种事件序列。 客户端处理器外的任何材料(如位于系统存储器中的材料)将被加密。
-
公开(公告)号:US08635705B2
公开(公告)日:2014-01-21
申请号:US12658876
申请日:2010-02-17
申请人: Ravi L. Sahita , David M. Durham , Steve Orrin , Yasser Rasheed , Prasanna G. Mulgaonkar , Paul S. Schmitz , Hormuzd M. Khosravi
发明人: Ravi L. Sahita , David M. Durham , Steve Orrin , Yasser Rasheed , Prasanna G. Mulgaonkar , Paul S. Schmitz , Hormuzd M. Khosravi
摘要: In some embodiments, approaches may provide an out-of-band (OOB) agent to protect a platform. The OOB agent may be able to use non-TRS methods to measure and protect an in-band security agent. In some embodiments, a manageability engine can provide out of band connectivity to the in-band and out-of-band security agents and provide access to the system memory resources without having to rely on OS services. This can be used for a trusted anti-malware and remediation service.
摘要翻译: 在一些实施例中,方法可以提供带外(OOB)代理来保护平台。 OOB代理可能能够使用非TRS方法来测量和保护带内安全代理。 在一些实施例中,可管理性引擎可以向带内和带外安全代理提供带外连接,并提供对系统存储器资源的访问,而不必依赖于OS服务。 这可以用于受信任的反恶意软件和修复服务。
-
4.发明申请METHOD AND APPARATUS FOR SECURE SCAN OF DATA STORAGE DEVICE FROM REMOTE SERVER 有权用于从远程服务器安全数据存储设备扫描的方法和装置公开(公告)号:US20110289306A1
公开(公告)日:2011-11-24
申请号:US12785146
申请日:2010-05-21
IPC分类号: G06F15/177 , H04L9/32
CPC分类号: G06F21/64 , G06F21/567 , G06F21/606 , G06F21/85 , G06F2213/0038
摘要: A method and device for providing a secure scan of a data storage device from a remote server are disclosed. In some embodiments, a computing device may include an in-band processor configured to execute an operating system and at least one host driver, communication circuitry configured to communicate with a remote server, and an out-of-band (OOB) processor capable of communicating with the remote server using the communication circuitry irrespective of the state of the operating system. The OOB processor may be configured to receive a block read request from the remote server, instruct the at least one host driver to send a storage command to a data storage device, receive data retrieved from the data storage device and authentication metadata generated by the data storage device, and transmit the data and the authentication metadata to the remote server.
摘要翻译: 公开了一种从远程服务器提供数据存储设备的安全扫描的方法和设备。 在一些实施例中,计算设备可以包括带内处理器,其被配置为执行操作系统和至少一个主机驱动器,被配置为与远程服务器通信的通信电路和能够与远程服务器通信的带外(OOB) 使用通信电路与远程服务器通信,而与操作系统的状态无关。 OOB处理器可以被配置为从远程服务器接收块读取请求,指示至少一个主机驱动程序向数据存储设备发送存储命令,接收从数据存储设备检索的数据和由数据生成的认证元数据 存储设备,并将数据和认证元数据传输到远程服务器。
-
公开(公告)号:US20110153725A1
公开(公告)日:2011-06-23
申请号:US12646692
申请日:2009-12-23
申请人: David A. Edwards , Hormuzd M. Khosravi , Yasser Rasheed , Divya Naidu Kolar Sunder , Joseph E. Clark
发明人: David A. Edwards , Hormuzd M. Khosravi , Yasser Rasheed , Divya Naidu Kolar Sunder , Joseph E. Clark
IPC分类号: G06F15/16 , G06F15/173
CPC分类号: H04L67/1097
摘要: Embodiments of the present disclosure provide methods and computing devices configured to establish secure out-of-band storage control. In various embodiments, a management module in a client device may be used to communicate with a server device independent of an operating system of the client device, to facilitate remote storage services. Other embodiments may be disclosed and claimed.
摘要翻译: 本公开的实施例提供了被配置为建立安全的带外存储控制的方法和计算设备。 在各种实施例中,客户端设备中的管理模块可用于与独立于客户端设备的操作系统的服务器设备通信,以便于远程存储服务。 可以公开和要求保护其他实施例。
-
公开(公告)号:US20060005184A1
公开(公告)日:2006-01-05
申请号:US10880929
申请日:2004-06-30
IPC分类号: G06F9/455
CPC分类号: G06F9/45533
摘要: A system management request for a system management function is received from a virtual machine. A successful status is returned to the virtual machine in response to the system management request. A system management function is performed in response to the system management request and an aggregation of other system management requests directed to the system management function made by other virtual machines.
摘要翻译: 从虚拟机接收到系统管理功能的系统管理请求。 响应于系统管理请求,将成功的状态返回给虚拟机。 响应于系统管理请求和针对由其他虚拟机进行的系统管理功能的其他系统管理请求的聚合来执行系统管理功能。
-
公开(公告)号:US20140281468A1
公开(公告)日:2014-09-18
申请号:US14272584
申请日:2014-05-08
申请人: Hormuzd M. Khosravi , Ajith K. Illendula , Ned M. Smith , Yasser Rasheed , Tracy L. Zenti , Bryan K. Jorgensen
发明人: Hormuzd M. Khosravi , Ajith K. Illendula , Ned M. Smith , Yasser Rasheed , Tracy L. Zenti , Bryan K. Jorgensen
IPC分类号: G06F9/44
CPC分类号: G06F9/4416 , G06F13/105 , G06F13/4027
摘要: A management engine may be used to trap configuration cycles during the boot process and thereafter in response to operating system enumeration. As a result, a virtual bus device can be created. The bus device may be used to provision software to the platform even when the operating system is corrupted or non-functional.
摘要翻译: 管理引擎可用于在引导过程期间以及其后响应于操作系统枚举来捕获配置周期。 结果,可以创建虚拟总线设备。 总线设备可用于将软件提供给平台,即使操作系统损坏或不起作用。
-
公开(公告)号:US20130283383A1
公开(公告)日:2013-10-24
申请号:US13919609
申请日:2013-06-17
IPC分类号: G06F21/56
CPC分类号: G06F21/561 , G06F21/51 , G06F21/56 , G06F21/74 , G06F21/85 , G06F2221/034 , G06F2221/2101 , G06F2221/2105
摘要: A platform to support verification of the contents of an input-output device. The platform includes a platform hardware, which may verify the contents of the I/O device. The platform hardware may comprise components such as manageability engine and verification engine that are used to verify the contents of the I/O device even before the contents of the I/O device are exposed to an operating system supported by a host. The platform components may delete the infected portions of the contents of I/O device if the verification process indicates that the contents of the I/O device include the infected portions.
摘要翻译: 支持验证输入输出设备内容的平台。 该平台包括可以验证I / O设备内容的平台硬件。 即使在I / O设备的内容暴露于由主机支持的操作系统之前,平台硬件也可以包括用于验证I / O设备的内容的诸如可管理性引擎和验证引擎的组件。 如果验证过程指示I / O设备的内容包括感染部分,则平台组件可以删除I / O设备的内容的被感染部分。
-
9.发明授权Method and apparatus allowing scan of data storage device from remote server 有权允许从远程服务器扫描数据存储设备的方法和装置公开(公告)号:US08489686B2
公开(公告)日:2013-07-16
申请号:US12785131
申请日:2010-05-21
申请人: Hormuzd Khosravi , David Durham , David A. Edwards , Venkat R. Gokulrangan , Men Long , Yasser Rasheed
发明人: Hormuzd Khosravi , David Durham , David A. Edwards , Venkat R. Gokulrangan , Men Long , Yasser Rasheed
IPC分类号: G06F15/16
摘要: A method and device allowing a scan of a data storage device from a remote server are disclosed. In some embodiments, a computing device may include an out-of-band (OOB) configured to compute a first hash value for data stored in one or more sectors of a data storage device at a first time; receive, using communication circuitry, a request to transmit a portion of the data stored in the one or more sectors of the data storage device at a second time, the second time being subsequent to the first time; compute a second hash value for the data stored in the one or more sectors of the data storage device at the second time; and transmit, using the communication circuitry, the requested portion of the data, only if the second hash value does not match the first hash value.
摘要翻译: 公开了允许从远程服务器扫描数据存储设备的方法和设备。 在一些实施例中,计算设备可以包括带外(OOB),其被配置为在第一时间对存储在数据存储设备的一个或多个扇区中的数据计算第一散列值; 接收使用通信电路的请求,以在第二时间之后的第二时间第二时间发送存储在数据存储装置的一个或多个扇区中的数据的一部分的请求; 在第二次计算存储在数据存储设备的一个或多个扇区中的数据的第二哈希值; 并且仅当所述第二散列值与所述第一散列值不匹配时,才使用所述通信电路来发送所请求的数据部分。
-
公开(公告)号:US20110078799A1
公开(公告)日:2011-03-31
申请号:US12658876
申请日:2010-02-17
申请人: Ravi L. Sahita , David M. Durham , Steve Orrin , Yasser Rasheed , Prasanna G. Mulgaonkar , Paul S. Schmitz , Hormuzd M. Khosravi
发明人: Ravi L. Sahita , David M. Durham , Steve Orrin , Yasser Rasheed , Prasanna G. Mulgaonkar , Paul S. Schmitz , Hormuzd M. Khosravi
摘要: In some embodiments, approaches may provide an out-of-band (OOB) agent to protect a platform. The OOB agent may be able to use non-TRS methods to measure and protect an in-band security agent. In some embodiments, a manageability engine can provide out of band connectivity to the in-band and out-of-band security agents and provide access to the system memory resources without having to rely on OS services. This can be used for a trusted anti-malware and remediation service.
摘要翻译: 在一些实施例中,方法可以提供带外(OOB)代理来保护平台。 OOB代理可能能够使用非TRS方法来测量和保护带内安全代理。 在一些实施例中,可管理性引擎可以向带内和带外安全代理提供带外连接,并提供对系统存储器资源的访问,而不必依赖于OS服务。 这可以用于受信任的反恶意软件和修复服务。
-
-
-
-
-
-
-
-
-
搜索结果
40 条记录 (耗时 0.015 秒)