公开(公告)号：US20140156982A1

公开(公告)日：2014-06-05

申请号：US13692553

申请日：2012-12-03

Applicant: IMATION CORP.

Inventor： Laurence Hamid ,  Dean Charles Michaud

IPC: G06F9/44

CPC classification number: G06F9/441 ,  G06F9/4411

Abstract: Bootability of a computer system with multiple LUNs. A flash device powers-on into a default LUN, from which the system boots, maintaining any other LUNs unavailable. The first LUN reconfigures the system to remove itself as the available LUN, to load a second LUN as the only available LUN, and to reboot the computer system into the newly available second LUN. The second LUN reconfigures the system to load any additional LUNs, such as removable storage on the flash drive. Upon reconfiguration, the system includes multiple LUNs. The second LUN includes an interpolated LUN driver, which exposes additional LUNs before operation of other device drivers. The interpolated LUN driver takes control during boot-up, exposing any available LUNs before the regular environment's operating system.

Abstract translation: 具有多个LUN的计算机系统的可引导性。 闪存设备上电到默认LUN，系统从该LUN启动，维护任何其他LUN不可用。 第一个LUN重新配置系统将其自身删除为可用LUN，将第二个LUN加载为唯一可用的LUN，并将计算机系统重新启动到新可用的第二个LUN中。 第二个LUN重新配置系统以加载任何其他LUN，例如闪存驱动器上的可移动存储。 重新配置后，系统包括多个LUN。 第二个LUN包含内插的LUN驱动程序，在其他设备驱动程序运行之前会暴露额外的LUN。 内插LUN驱动程序在引导期间进行控制，在常规环境的操作系统之前暴露任何可用的LUN。

公开(公告)号：US20140156981A1

公开(公告)日：2014-06-05

申请号：US13692421

申请日：2012-12-03

Applicant: IMATION CORP.

Inventor： Laurence Hamid

IPC: G06F21/57 ,  G06F21/56

CPC classification number: H04L63/145 ,  G06F9/4416 ,  G06F11/1004 ,  G06F11/1008 ,  G06F12/0246 ,  G06F17/30371 ,  G06F21/568 ,  G06F21/575 ,  H04L63/0823 ,  H04L63/123

Abstract: Booting an operating system that includes a secure preboot environment that performs integrity checks against security threats. A computer system boots to a preboot environment, which performs integrity checks and other anti-malware operations. Once the preboot environment finishes, the system reboots into a regular environment. The preboot environment can reside on a secure portion of a flash memory, with a computer system booting therefrom; or the preboot environment can reside securely in the computer system. The preboot environment includes integrity checks for a regular environment, and anti-malware programming. Once the preboot environment is done, the computer system reboots into a regular environment, such as from the flash memory or on the computer system. The integrity checks confirm that files in the regular environment are unchanged or uninfected. The integrity checks include determining the accuracy of a trusted system configuration on the computer system, such as using a TPM.

Abstract translation: 引导包含安全预引导环境的操作系统，以执行针对安全威胁的完整性检查。 计算机系统引导到预引导环境，执行完整性检查和其他反恶意软件操作。 预启动环境完成后，系统将重新启动到常规环境中。 预引导环境可以驻留在闪存的安全部分，计算机系统从其引导; 或者预引导环境可以安全地驻留在计算机系统中。 预引导环境包括常规环境的完整性检查和反恶意软件编程。 一旦预启动环境完成，计算机系统将重新启动到常规环境中，例如从闪存或计算机系统。 完整性检查确认常规环境中的文件未更改或未被感染。 完整性检查包括确定计算机系统上的可信系统配置的准确性，例如使用TPM。

公开(公告)号：US20130339716A1

公开(公告)日：2013-12-19

申请号：US13958910

申请日：2013-08-05

Applicant: Imation Corp.

Inventor： Laurence Hamid

IPC: G06F21/57

CPC classification number: G06F21/575 ,  G06F9/4411 ,  G06F21/31 ,  G06F21/41 ,  G06F21/6218 ,  G06F2221/034 ,  G06F2221/2149

Abstract: A portable desktop device and method for host computer system hardware recognition and configuration are provided. The portable desktop device causes on a first boot, the host computer system to recognize hardware devices connected thereto, and to configure hardware configuration files of the portable desktop O/S in accordance with the recognized hardware. Once the hardware configuration files have been configured, the system is rebooted. On the second boot, the host computer determines that the portable desktop has been configured for its hardware, and initiates start-up of the portable desktop.

公开(公告)号：US20160028748A1

公开(公告)日：2016-01-28

申请号：US14810553

申请日：2015-07-28

Applicant: Imation Corp.

Inventor： Laurence Hamid

IPC: H04L29/06 ,  G06F9/44

CPC classification number: H04L63/145 ,  G06F9/4416 ,  G06F11/1004 ,  G06F11/1008 ,  G06F12/0246 ,  G06F17/30371 ,  G06F21/568 ,  G06F21/575 ,  H04L63/0823 ,  H04L63/123

Abstract: Booting an operating system that includes a secure preboot environment that performs integrity checks against security threats. A computer system boots to a preboot environment, which performs integrity checks and other anti-malware operations. Once the preboot environment finishes, the system reboots into a regular environment. The preboot environment can reside on a secure portion of a flash memory, with a computer system booting therefrom; or the preboot environment can reside securely in the computer system. The preboot environment includes integrity checks for a regular environment, and anti-malware programming. Once the preboot environment is done, the computer system reboots into a regular environment, such as from the flash memory or on the computer system. The integrity checks confirm that files in the regular environment are unchanged or uninfected. The integrity checks include determining the accuracy of a trusted system configuration on the computer system, such as using a TPM.

Abstract translation: 引导包含安全预引导环境的操作系统，以执行针对安全威胁的完整性检查。 计算机系统引导到预引导环境，执行完整性检查和其他反恶意软件操作。 预启动环境完成后，系统将重新启动到常规环境中。 预引导环境可以驻留在闪存的安全部分，计算机系统从其引导; 或者预引导环境可以安全地驻留在计算机系统中。 预引导环境包括常规环境的完整性检查和反恶意软件编程。 一旦预启动环境完成，计算机系统将重新启动到常规环境中，例如从闪存或计算机系统。 完整性检查确认常规环境中的文件未更改或未被感染。 完整性检查包括确定计算机系统上的可信系统配置的准确性，例如使用TPM。

公开(公告)号：US09104891B2

公开(公告)日：2015-08-11

申请号：US13692358

申请日：2012-12-03

Applicant: Imation Corp.

Inventor： Laurence Hamid ,  Scott Ashdown

IPC: G06F21/00 ,  G06F21/70 ,  G06F21/55 ,  G06F21/74 ,  G06F21/79

CPC classification number: G06F21/554 ,  G06F3/0619 ,  G06F3/0656 ,  G06F3/0679 ,  G06F12/0815 ,  G06F21/70 ,  G06F21/74 ,  G06F21/79 ,  G06F2212/222 ,  G06F2221/2101 ,  G06F2221/2105

Abstract: Techniques for recovering from unexpected removal of (or other unexpected power loss) a flash memory device from a computer system. An interpolated device driver notes whenever the flash memory device is unexpectedly removed, or otherwise unexpectedly powers off or enters a locked state. If the flash memory device is reinserted, the interpolated device driver reinitializes the flash memory device, and satisfies any flash memory device security protocol, so the flash memory device and the computer system can be restored to their status just before unexpected removal. The interpolated device driver caches requests to the flash memory device, and when status is restored to just before removal, replays those requests to the flash memory device, so the flash memory device responds to those requests as if it had ever been removed. The computer system does not notice any break in service by the flash memory device due to removal and reinsertion.

Abstract translation: 从计算机系统意外去除闪存设备（或其他意外的功率损耗）恢复的技术。 每当闪存设备意外删除时，内插设备驱动程序都会注意，否则意外关闭或进入锁定状态。 如果重新插入闪存设备，插值设备驱动程序将重新初始化闪存设备，并满足任何闪存设备安全协议，因此闪存设备和计算机系统可以在意外删除之前恢复到其状态。 内插设备驱动程序将请求缓存到闪存设备，并且当状态恢复到正好在移除之前时，将这些请求重放到闪存设备，因此闪存设备就像已经被去除一样对其进行响应。 计算机系统没有注意到由于移除和重新插入，闪存设备的任何服务中断。

公开(公告)号：US09026776B2

公开(公告)日：2015-05-05

申请号：US13958910

申请日：2013-08-05

Applicant: Imation Corp.

Inventor： Laurence Hamid

IPC: G06F9/00 ,  G06F21/57 ,  G06F9/44

CPC classification number: G06F21/575 ,  G06F9/4411 ,  G06F21/31 ,  G06F21/41 ,  G06F21/6218 ,  G06F2221/034 ,  G06F2221/2149

Abstract: A portable desktop device and method for host computer system hardware recognition and configuration are provided. The portable desktop device causes on a first boot, the host computer system to recognize hardware devices connected thereto, and to configure hardware configuration files of the portable desktop O/S in accordance with the recognized hardware. Once the hardware configuration files have been configured, the system is rebooted. On the second boot, the host computer determines that the portable desktop has been configured for its hardware, and initiates start-up of the portable desktop.

Abstract translation: 提供了用于主计算机系统硬件识别和配置的便携式桌面设备和方法。 便携式桌面设备导致首次引导，主机系统识别与其连接的硬件设备，并且根据所识别的硬件来配置便携式桌面O / S的硬件配置文件。 一旦配置了硬件配置文件，系统将重新启动。 在第二次启动时，主机确定便携式桌面已配置为其硬件，并启动便携式桌面的启动。

公开(公告)号：US20130262864A1

公开(公告)日：2013-10-03

申请号：US13838240

申请日：2013-03-15

Applicant: IMATION CORP.

Inventor： Laurence Hamid

IPC: G06F21/62

CPC classification number: G06F21/6218 ,  G06F21/6227

Abstract: A secure document is formed having a first secure section for being accessed by a first target. The first secure section includes encrypted data displayable within the document and for forming part of the displayed secure document. The secure document also includes a first security section for use in decrypting of the first secure section. The first security section has first section security data secured therein by first target security data that is accessible to the first target. Also, the first section security section is for being displayed within the document. Another secure document is formed having a reference to secure content, which reference can be decoded, whereupon a user can be authenticated, and the secure content downloaded and viewed by the authenticated user.

Abstract translation: 形成具有用于由第一目标访问的第一安全部分的安全文档。 第一安全部分包括在文档内可显示的加密数据，并形成显示的安全文档的一部分。 安全文档还包括用于解密第一安全部分的第一安全部分。 第一安全部分具有由第一目标可访问的第一目标安全数据保护在其中的第一部分安全数据。 此外，第一部分安全部分用于显示在文档内。 形成另一个安全文件，其中引用了安全内容，该引用可被解码，从而可以对用户进行身份验证，以及被认证的用户下载和查看的安全内容。

公开(公告)号：US20130179676A1

公开(公告)日：2013-07-11

申请号：US13723877

申请日：2012-12-21

Applicant: Imation Corp.

Inventor： Laurence Hamid

IPC: H04L29/06 ,  H04L9/08

CPC classification number: H04L63/0471 ,  G06F21/335 ,  G06F21/34 ,  H04L9/08 ,  H04L63/0272 ,  H04L63/0485 ,  H04L63/0823

Abstract: A cloud-based hardware security device (HSM) providing core security functions of a physically controlled HSM, such as a USB HSM, while allowing user access within the cloud and from a user device, including user devices without input ports capable of direct connection to the HSM. The HSMs can be connected to multi-HSM appliances on the organization or user side of the cloud network, or on the cloud provider side of the cloud network. HSMs can facilitate multiple users, and multi-HSM appliances can facilitate multiple organizations.

Abstract translation: 基于云的硬件安全设备（HSM）提供物理控制的HSM（例如USB HSM）的核心安全功能，同时允许用户在云内和用户设备之间访问，包括用户设备，无需输入端口即可直接连接 HSM。 HSM可以连接到云网络的组织或用户端的多HSM设备，或云网络的云提供商端。 HSM可以方便多个用户，多HSM设备可以方便多个组织。

公开(公告)号：US09129114B2

公开(公告)日：2015-09-08

申请号：US13692421

申请日：2012-12-03

Applicant: Imation Corp.

Inventor： Laurence Hamid

IPC: G06F9/24 ,  G06F15/177 ,  G06F21/57 ,  G06F21/56 ,  G06F11/10 ,  H04L29/06 ,  G06F12/02 ,  G06F17/30

CPC classification number: H04L63/145 ,  G06F9/4416 ,  G06F11/1004 ,  G06F11/1008 ,  G06F12/0246 ,  G06F17/30371 ,  G06F21/568 ,  G06F21/575 ,  H04L63/0823 ,  H04L63/123

Abstract: Booting an operating system that includes a secure preboot environment that performs integrity checks against security threats. A computer system boots to a preboot environment, which performs integrity checks and other anti-malware operations. Once the preboot environment finishes, the system reboots into a regular environment. The preboot environment can reside on a secure portion of a flash memory, with a computer system booting therefrom; or the preboot environment can reside securely in the computer system. The preboot environment includes integrity checks for a regular environment, and anti-malware programming. Once the preboot environment is done, the computer system reboots into a regular environment, such as from the flash memory or on the computer system. The integrity checks confirm that files in the regular environment are unchanged or uninfected. The integrity checks include determining the accuracy of a trusted system configuration on the computer system, such as using a TPM.

Abstract translation: 引导包含安全预引导环境的操作系统，以执行针对安全威胁的完整性检查。 计算机系统引导到预引导环境，执行完整性检查和其他反恶意软件操作。 预启动环境完成后，系统将重新启动到常规环境中。 预引导环境可以驻留在闪存的安全部分，计算机系统从其引导; 或者预引导环境可以安全地驻留在计算机系统中。 预引导环境包括常规环境的完整性检查和反恶意软件编程。 一旦预启动环境完成，计算机系统将重新启动到常规环境中，例如从闪存或计算机系统。 完整性检查确认常规环境中的文件未更改或未被感染。 完整性检查包括确定计算机系统上的可信系统配置的准确性，例如使用TPM。

公开(公告)号：US09064103B2

公开(公告)日：2015-06-23

申请号：US14170074

申请日：2014-01-31

Applicant: Imation Corp.

Inventor： Laurence Hamid ,  Lawrence Reusing

IPC: G06F21/00 ,  G06F21/34 ,  G06F21/31 ,  G06F21/32 ,  G06F21/35

CPC classification number: G06F21/575 ,  G06F9/4406 ,  G06F21/31 ,  G06F21/32 ,  G06F21/34 ,  G06F21/35 ,  G06F21/6218 ,  G06F2221/2115

Abstract: A method and apparatus are disclosed wherein a portable memory storage device is provided for interfacing with a communications port of the computer system. During operating system start up of the operating system of the computer, fields relating to security of the operating system are prompted for. The portable memory store retrieves from memory therein data for populating said fields and provides same to the computer system mimicking a data entry device other than a portable memory store.

Abstract translation: 公开了一种方法和装置，其中提供便携式存储器存储装置用于与计算机系统的通信端口对接。 在操作系统启动计算机的操作系统时，会提示与操作系统的安全性相关的领域。 便携式存储器存储器从存储器中检索用于填充所述字段的数据，并将其提供给模拟除便携式存储器存储之外的数据输入装置的计算机系统。