PLATFORM BASED VERIFICATION OF CONTENTS OF INPUT-OUTPUT DEVICES
    81.
    发明申请
    PLATFORM BASED VERIFICATION OF CONTENTS OF INPUT-OUTPUT DEVICES 审中-公开
    输入输出设备内容的基于平台的验证

    公开(公告)号:US20130283383A1

    公开(公告)日:2013-10-24

    申请号:US13919609

    申请日:2013-06-17

    IPC分类号: G06F21/56

    摘要: A platform to support verification of the contents of an input-output device. The platform includes a platform hardware, which may verify the contents of the I/O device. The platform hardware may comprise components such as manageability engine and verification engine that are used to verify the contents of the I/O device even before the contents of the I/O device are exposed to an operating system supported by a host. The platform components may delete the infected portions of the contents of I/O device if the verification process indicates that the contents of the I/O device include the infected portions.

    摘要翻译: 支持验证输入输出设备内容的平台。 该平台包括可以验证I / O设备内容的平台硬件。 即使在I / O设备的内容暴露于由主机支持的操作系统之前,平台硬件也可以包括用于验证I / O设备的内容的诸如可管理性引擎和验证引擎的组件。 如果验证过程指示I / O设备的内容包括感染部分,则平台组件可以删除I / O设备的内容的被感染部分。

    Systems and methods for secure host resource management
    82.
    发明授权
    Systems and methods for secure host resource management 有权
    用于安全主机资源管理的系统和方法

    公开(公告)号:US08510760B2

    公开(公告)日:2013-08-13

    申请号:US12987813

    申请日:2011-01-10

    IPC分类号: G06F9/44

    CPC分类号: G06F12/0866 G06F13/387

    摘要: Systems and methods are described herein to provide for secure host resource management on a computing device. Other embodiments include apparatus and system for management of one or more host device drivers from an isolated execution environment. Further embodiments include methods for querying and receiving event data from manageable resources on a host device. Further embodiments include data structures for the reporting of event data from one or more host device drivers to one or more capability modules.

    摘要翻译: 这里描述了系统和方法来提供计算设备上的安全的主机资源管理。 其他实施例包括用于从隔离执行环境管理一个或多个主机设备驱动器的装置和系统。 另外的实施例包括用于从主机设备上的可管理资源查询和接收事件数据的方法。 另外的实施例包括用于将事件数据从一个或多个主机设备驱动程序报告给一个或多个能力模块的数据结构。

    Secure platform voucher service for software components within an execution environment
    83.
    发明授权
    Secure platform voucher service for software components within an execution environment 有权
    在执行环境中的软件组件的安全平台凭证服务

    公开(公告)号:US08499151B2

    公开(公告)日:2013-07-30

    申请号:US13412382

    申请日:2012-03-05

    IPC分类号: H04L29/06

    摘要: Apparatuses, articles, methods, and systems for secure platform voucher service for software within an execution environment. An embodiment includes the ability for a Virtual Machine Monitor, Operating System Monitor, or other underlying platform capability to restrict memory regions for access only by authenticated, authorized and verified software components. A provisioning remote entity or gateway only needs to know a platform's public key or certificate hierarchy to receive verification for any component. The verification or voucher helps assure to the remote entity that no malware running in the platform or on the network will have access to provisioned material. The underlying platform to lock and unlock secrets on behalf of the authenticated/authorized/verified software component provided in protected memory regions only accessible to the software component.

    摘要翻译: 用于执行环境中的软件的安全平台凭证服务的设备,物品,方法和系统。 一个实施例包括虚拟机监视器,操作系统监视器或其他底层平台功能的能力,以限制仅通过认证的,授权和验证的软件组件进行访问的存储器区域。 配置远程实体或网关只需要知道平台的公钥或证书层次结构来接收任何组件的验证。 验证或凭证有助于向远程实体确保在平台或网络上运行的恶意软件无法访问配置的资料。 代表在受保护的内存区域中提供的经认证/授权/验证的软件组件的软件组件可访问的基础平台来锁定和解锁秘密。

    Out-of-band access to storage devices through port-sharing hardware
    85.
    发明授权
    Out-of-band access to storage devices through port-sharing hardware 有权
    通过端口共享硬件对存储设备进行带外访问

    公开(公告)号:US08281043B2

    公开(公告)日:2012-10-02

    申请号:US12836341

    申请日:2010-07-14

    IPC分类号: G06F3/00 G06F5/00

    摘要: A method, apparatus, system, and computer program product for enabling out-of-band access to storage devices through port-sharing hardware. Providing out-of-band access to storage devices enables system management functions to be performed when an operating system is non-functional as well as when the operating system is active. Storage commands originating with a management service can be interleaved with storage commands issued by the host operating system. The host operating system maintains ownership and control over its storage devices, but management activities can be performed while the host operating system is operational.

    摘要翻译: 一种用于通过端口共享硬件对存储设备进行带外访问的方法,装置,系统和计算机程序产品。 提供对存储设备的带外访问可使系统管理功能在操作系统不起作用以及操作系统处于活动状态时执行。 源自管理服务的存储命令可以与主机操作系统发出的存储命令交错。 主机操作系统维护对其存储设备的所有权和控制权,但是可以在主机操作系统运行时执行管理活动。

    SECURE LOCAL BOOT USING THIRD PARTY DATA STORE (3PDS) BASED ISO IMAGE
    86.
    发明申请
    SECURE LOCAL BOOT USING THIRD PARTY DATA STORE (3PDS) BASED ISO IMAGE 有权
    使用第三方数据存储(3PDS)基于ISO映像的安全本地引导

    公开(公告)号:US20120159137A1

    公开(公告)日:2012-06-21

    申请号:US12970698

    申请日:2010-12-16

    IPC分类号: G06F15/177

    CPC分类号: G06F21/572 G06F21/575

    摘要: In some embodiments, the invention involves a method and apparatus for secure/authenticated local boot of a host operating system on a computing platform using active management technology (AMT) with a third party data store (3PDS)-based ISO firmware image. A portion of non-volatile memory is hardware secured against access by the host processor and OS, and accessible only to the AMT. The AMT comprises an AT/ATAPI protocol emulator to access an ISO boot image from secured memory, while appearing to the host processor as a communication with an AT/ATAPI device. Other embodiments are described and claimed.

    摘要翻译: 在一些实施例中,本发明涉及一种用于使用基于第三方数据存储(3PDS)的ISO固件映像的主动管理技术(AMT)在计算平台上安全/认证的主机操作系统本地引导的方法和装置。 非易失性存储器的一部分是由主机处理器和OS访问的硬件安全的,并且只能由AMT访问。 AMT包括AT / ATAPI协议仿真器,用于从安全存储器访问ISO引导映像,同时作为与AT / ATAPI设备的通信向主机处理器呈现。 描述和要求保护其他实施例。

    DETERMINATION BY CIRCUITRY OF PRESENCE OF AUTHORIZED AND/OR MALICIOUS DATA
    88.
    发明申请
    DETERMINATION BY CIRCUITRY OF PRESENCE OF AUTHORIZED AND/OR MALICIOUS DATA 有权
    通过电路确定授权和/或恶意数据的存在

    公开(公告)号:US20100325729A1

    公开(公告)日:2010-12-23

    申请号:US12487878

    申请日:2009-06-19

    IPC分类号: G06F21/00

    CPC分类号: G06F21/565

    摘要: An embodiment may include circuitry that may be comprised in a host. The host may include memory and a host processor to execute an operating system. The circuitry may be to determine, independently of the operating system and the host processor, the authenticity of signature list information, based at least in part upon authentication information received by the circuitry from a remote server. The circuitry also may be to determine, independently of the operating system and the host processor, based at least in part upon comparison of at least one portion of the signature list information with at least one portion of contents of the memory, whether authorized and/or malicious data are present in the at least one portion of the contents of the memory. Of course, many variations, modifications, and alternatives are possible without departing from this embodiment.

    摘要翻译: 实施例可以包括可以包括在主机中的电路。 主机可以包括存储器和主机处理器来执行操作系统。 该电路可以至少部分地基于电路从远程服务器接收的认证信息来独立于操作系统和主处理器来确定签名列表信息的真实性。 电路还可以至少部分地基于对签名列表信息的至少一部分与存储器的内容的至少一部分进行比较来独立于操作系统和主处理器来确定是否授权和/ 或恶意数据存在于存储器的内容的至少一部分中。 当然,在不偏离本实施例的情况下,可以进行许多变化,修改和替换。

    Remote configuration, provisioning and/or updating in a layer two authentication network
    89.
    发明授权
    Remote configuration, provisioning and/or updating in a layer two authentication network 有权
    在第二层认证网络中进行远程配置,配置和/或更新

    公开(公告)号:US07805512B2

    公开(公告)日:2010-09-28

    申请号:US11967139

    申请日:2007-12-29

    IPC分类号: G06F15/16

    摘要: A device capable of remote configuration, provisioning and/or updating comprising a network detector capable of detecting a network regardless of the state of the operating system on the device, wherein the network requires layer two authentication, and an Embedded Trust Agent capable of generating an authentication credential for layer two authentication and communicating the authentication credential via a layer two authentication protocol without a functioning operating system.

    摘要翻译: 一种能够进行远程配置,配置和/或更新的设备,包括能够检测网络而不管设备上的操作系统的状态如何的网络检测器,其中网络需要第二层认证,以及能够生成 用于第二层身份验证的身份验证凭证,并通过第二层身份验证协议传递身份验证凭证,而无需运行正常的操作系统。

    DETECTION AND REPORTING OF VIRTUALIZATION MALWARE IN COMPUTER PROCESSOR ENVIRONMENTS
    90.
    发明申请
    DETECTION AND REPORTING OF VIRTUALIZATION MALWARE IN COMPUTER PROCESSOR ENVIRONMENTS 有权
    虚拟化恶意软件在计算机处理器环境中的检测和报告

    公开(公告)号:US20090328042A1

    公开(公告)日:2009-12-31

    申请号:US12165155

    申请日:2008-06-30

    IPC分类号: G06F11/07 G06F9/44

    摘要: Methods and systems to detect virtualization of computer system resources, such as by malware, include methods and systems to evaluate information corresponding to a computer processor operating environment, outside of or secure from the operating environment, which may include one or more of a system management mode of operation and a management controller system. Information may include processor register values. Information may be obtained from within the operating environment, such as with a host application running within the operating environment. Information may be obtained outside of the operating environment, such as from a system state map. Information obtained from within the operating environment may be compared to corresponding information obtained outside of the operating environment. Direct memory address (DMA) translation information may be used to determine whether an operating environment is remapping DMA accesses. Page tables, interrupt tables, and segmentation tables may be used to reconstruct a view of linear memory corresponding to the operating environment, which may be scanned for malware or authorized code and data.

    摘要翻译: 检测诸如恶意软件的计算机系统资源的虚拟化的方法和系统包括评估与操作环境之外或安全的操作环境相对应的计算机处理器操作环境的信息的方法和系统,其可以包括一个或多个系统管理 操作模式和管理控制器系统。 信息可能包括处理器寄存器值。 可以在操作环境内获得信息,例如在操作环境中运行的主机应用程序。 信息可以在操作环境之外获取,例如从系统状态图。 从操作环境中获取的信息可以与在操作环境之外获得的相应信息进行比较。 可以使用直接存储器地址(DMA)转换信息来确定操作环境是否重映射DMA访问。 页表,中断表和分段表可以用于重构与操作环境相对应的线性存储器的视图,其可以扫描恶意软件或授权的代码和数据。