公开(公告)号：US12210662B2

公开(公告)日：2025-01-28

申请号：US17286584

申请日：2019-11-26

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Joshua Serratelli Schiffman ,  Boris Balacheff ,  Richard Alden Bramley, Jr. ,  Valiuddin Ali

IPC: H04L9/00 ,  G06F21/44 ,  G06F21/53 ,  G06F21/55 ,  G06F21/78 ,  G06F21/85

Abstract: According to aspect of the disclosure, there are provided methods and apparatus for connecting a peripheral device to a computer system, including an apparatus for interfacing with a peripheral device, the apparatus comprising a port configured to couple to the peripheral device, a processor, a memory coupled to the processor and comprising a software module comprising instructions that when executed on the processor protect the device from a peripheral device coupled to the port, and a hardware security controller coupled to the port, the hardware security controller configured to monitor execution of the software module by the processor and to disable the port in response to determining that the software module is not executing.

公开(公告)号：US11868276B2

公开(公告)日：2024-01-09

申请号：US17830730

申请日：2022-06-02

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Richard A Bramley ,  Baraneedharan Anbazhagan ,  Valiuddin Ali

IPC: G06F12/14 ,  G06F12/02

CPC classification number: G06F12/1416 ,  G06F12/0246 ,  G06F2212/1052 ,  G06F2212/7207

Abstract: An example non-transitory computer readable storage medium comprising instructions that when executed cause a processor of a computing device to: in response to a trigger of a system management mode (SMM), verify all processor threads have been pulled into the SMM; in response to a successful verification, enable write access to a non-volatile memory of the computing device via two registers, where the writing access is disabled upon booting of the computing device; and upon exiting the SMM, disable the write access via the two registers.

公开(公告)号：US20210390216A1

公开(公告)日：2021-12-16

申请号：US17286584

申请日：2019-11-26

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Joshua Serratelli Schiffman ,  Boris Balacheff ,  Richard Alden Bramley, Jr. ,  Valiuddin Ali

IPC: G06F21/85 ,  G06F21/78 ,  G06F21/44 ,  G06F21/55 ,  G06F21/53

Abstract: According to aspect of the disclosure, there are provided methods and apparatus for connecting a peripheral device to a computer system, including an apparatus for interfacing with a peripheral device, the apparatus comprising a port configured to couple to the peripheral device, a processor, a memory coupled to the processor and comprising a software module comprising instructions that when executed on the processor protect the device from a peripheral device coupled to the port, and a hardware security controller coupled to the port, the hardware security controller configured to monitor execution of the software module by the processor and to disable the port in response to determining that the software module is not executing.

公开(公告)号：US20210382996A1

公开(公告)日：2021-12-09

申请号：US17052991

申请日：2019-02-28

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Jeffrey Kevin Jeansonne ,  Valiuddin Ali ,  Richard Alden Bramley, JR. ,  Adrian John Baldwin ,  Joshua Serratelli Schiffman

IPC: G06F21/57 ,  H04L9/32 ,  H04L29/06 ,  G06F21/36

Abstract: An example computing device includes a user interface, a network interface, a non-volatile memory, a processor coupled to the user interface, the network interface, and the non-volatile memory, and a set of instructions stored in the non-volatile memory. The set of instructions, when executed by the processor, is to perform a hardware initialization of the computing device according to a setting, establish a local trust domain and a remote trust domain, use a local-access public key to issue a challenge via the user interface to grant local access to the setting, and use a remote-access public key to grant remote access via the network interface to remote access to the setting.

公开(公告)号：US20190332510A1

公开(公告)日：2019-10-31

申请号：US16503887

申请日：2019-07-05

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Jeffrey Kevin Jeansonne ,  Boris Balacheff ,  Valiuddin Ali ,  Chris I. Dalton ,  David Plaquin

IPC: G06F11/30 ,  G06F21/57 ,  G06F21/56

Abstract: Examples herein disclose monitoring an expected functionality upon execution of a system management mode (SMM) code. The examples detect whether a change has occurred to the SMM code based on the monitoring of the expected functionality. The change indicates that the SMM code is compromised.

公开(公告)号：US10387651B2

公开(公告)日：2019-08-20

申请号：US15329877

申请日：2014-09-23

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Jeffrey Kevin Jeansonne ,  Boris Balacheff ,  Valiuddin Ali ,  Chris I Dalton ,  David Plaquin

IPC: G06F21/56 ,  G06F21/57 ,  G06F11/30 ,  G06F11/34

Abstract: Examples herein disclose monitoring an expected functionality upon execution of a system management mode (SMM) BIOS code. The examples detect whether a change has occurred to the SMM BIOS code based on the monitoring of the expected functionality. The change indicates that the SMM BIOS code is compromised.

公开(公告)号：US10169052B2

公开(公告)日：2019-01-01

申请号：US15309486

申请日：2014-07-22

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Jeffrey Kevin Jeansonne ,  Valiuddin Ali ,  Lan Wang ,  Baraneedharan Anbazhagan ,  Patrick L Gibbons

IPC: H04L9/06 ,  H04L9/32 ,  G06F11/14 ,  G06F21/44 ,  G06F21/57 ,  G06F21/62 ,  G06F21/79 ,  G06F9/445

Abstract: Examples herein disclose receiving a basic input output system (BIOS) policy change and authorizing the BIOS policy change. Upon the authorization of the BIOS policy change, a first copy of the BIOS policy is stored in a first memory accessible by a central processing unit. Additionally, a second copy of the BIOS policy change is transmitted for storage in a second memory electrically isolated from the central processing unit.

公开(公告)号：US20240248729A1

公开(公告)日：2024-07-25

申请号：US18560888

申请日：2021-07-16

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Chee Keat Fong ,  Alexander Joseph Pienkawa Rosenbach ,  Valiuddin Ali ,  Jeffrey Kevin Jeansonne ,  Richard Alden Bramley, Jr.

IPC: G06F9/4401

CPC classification number: G06F9/4416

Abstract: According to aspects of the present disclosure, there is provided a non-transitory computer-readable storage medium comprising instructions that when executed cause a processor of a computing device to: send, to a remote device and via a first message queue on a cloud messaging service, a current Basic Input/Output System (BIOS) setting value; receive, from the remote device and via a second message queue on a cloud messaging service, an updated BIOS setting value and a cryptographic value; decrypt an encrypted private key of a public-private key pair stored in a memory of the computing device using the cryptographic value, wherein the public key of the public-private key pair is associated with a BIOS of the computing device; sign the updated BIOS setting value using the decrypted private key; provide the signed BIOS setting value to the BIOS of the computing device.

公开(公告)号：US11948008B2

公开(公告)日：2024-04-02

申请号：US17293015

申请日：2019-04-30

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Mason Gunyuzlu ,  Valiuddin Ali ,  Robert Craig ,  Tevin Richards ,  Richard Bramley ,  Endrigo Nadin Pinheiro

IPC: G06F9/50

CPC classification number: G06F9/5016

Abstract: In an example, a system includes a firmware controller to initiate a SM execution mode of the system. The firmware controller scans memory for a process pool tag. The firmware controller compares the process pool tag to a set of operating system process pool tags and detects a coherency discrepancy between the process pool tag and the set of operating system process pool tags. The firmware controller exits the SM execution mode of the system.

公开(公告)号：US11914713B2

公开(公告)日：2024-02-27

申请号：US17052991

申请日：2019-02-28

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Jeffrey Kevin Jeansonne ,  Valiuddin Ali ,  Richard Alden Bramley, Jr. ,  Adrian John Baldwin ,  Joshua Serratelli Schiffman

IPC: G06F21/57 ,  G06F21/36 ,  H04L9/32 ,  H04L9/40

CPC classification number: G06F21/572 ,  G06F21/36 ,  H04L9/3228 ,  H04L9/3247 ,  H04L63/0838 ,  G06F2221/033

Abstract: An example computing device includes a user interface, a network interface, a non-volatile memory, a processor coupled to the user interface, the network interface, and the non-volatile memory, and a set of instructions stored in the non-volatile memory. The set of instructions, when executed by the processor, is to perform a hardware initialization of the computing device according to a setting, establish a local trust domain and a remote trust domain, use a local-access public key to issue a challenge via the user interface to grant local access to the setting, and use a remote-access public key to grant remote access via the network interface to remote access to the setting.