-
公开(公告)号:US08923520B2
公开(公告)日:2014-12-30
申请号:US12424787
申请日:2009-04-16
Applicant: Viswanathan Balakrishnan , Santosh Bhadri , Mukund P. Khatri , Kevin T. Marks , Narayanan Subramaniam , Venkatesan Balakrishnan
Inventor: Viswanathan Balakrishnan , Santosh Bhadri , Mukund P. Khatri , Kevin T. Marks , Narayanan Subramaniam , Venkatesan Balakrishnan
CPC classification number: H04L9/0816 , G06F11/1402 , G06F21/575 , H04L9/0894 , H04L9/3223 , H04L9/3236
Abstract: A system and method for managing the recovery key of a computer system is disclosed. The computer system includes a security layer, and the recovery key is stored locally to a memory location on the computer system, including, as examples, flash memory on the motherboard of the computer system or a USB port on the computer system. In operation, when it becomes necessary for the computer system to authenticate the recovery key, the recovery key may be retrieved from the local memory. The retrieval and storage of the recovery key may be managed by a remote administrator. The recovery key may be stored in a hidden partition in the storage location, and the recovery key may be cryptographically wrapped to add an additional layer of security.
Abstract translation: 公开了一种用于管理计算机系统的恢复密钥的系统和方法。 计算机系统包括安全层,并且恢复密钥本地存储在计算机系统上的存储器位置,例如包括计算机系统的主板上的闪存或计算机系统上的USB端口。 在操作中,当计算机系统需要认证恢复密钥时,可以从本地存储器检索恢复密钥。 恢复密钥的检索和存储可以由远程管理员管理。 恢复密钥可以存储在存储位置中的隐藏分区中,并且恢复密钥可以被加密地包装以增加额外的安全层。
-
公开(公告)号:US08811619B2
公开(公告)日:2014-08-19
申请号:US12262962
申请日:2008-10-31
Applicant: Mukund P. Khatri , Kevin T. Marks , Don H. Walker
Inventor: Mukund P. Khatri , Kevin T. Marks , Don H. Walker
IPC: G06F21/00
CPC classification number: G06F21/575 , G06F21/602
Abstract: During execution of BIOS at an information handling system, a processor communicates with the storage controller via a command line protocol (CLP) communications channel. Via the channel, the processor obtains identification information for storage devices associated with the storage controller. The processor communicates the identification information to a key management client, which obtains encryption keys based on the identification information from a key management server. The processor receives the encryption keys, and communicates them to the storage controller via the CLP communications channel. The CLP communications channel thus provides a convenient and flexible interface for communication of security information prior to execution of an operating system.
Abstract translation: 在信息处理系统执行BIOS期间,处理器通过命令行协议(CLP)通信信道与存储控制器进行通信。 通过该通道,处理器获得与存储控制器相关联的存储设备的识别信息。 处理器将识别信息传送到密钥管理客户端,密钥管理客户端基于来自密钥管理服务器的识别信息获得加密密钥。 处理器接收加密密钥,并通过CLP通信通道将其传送到存储控制器。 因此,CLP通信信道为执行操作系统之前的安全信息的通信提供了方便和灵活的接口。
-
公开(公告)号:US20100107241A1
公开(公告)日:2010-04-29
申请号:US12256831
申请日:2008-10-23
Applicant: Muhammed K. Jaber , Mukund P. Khatri , Kevin T. Marks , Don Charles McCall
Inventor: Muhammed K. Jaber , Mukund P. Khatri , Kevin T. Marks , Don Charles McCall
CPC classification number: G06F21/60 , G06F21/31 , G06F21/86 , G06F2221/2143
Abstract: A credential caching system includes receiving a set of authentication credentials, storing the set of authentication credentials in a credential cache memory, wherein the credential cache memory is coupled with a management controller, and supplying the set of authentication credentials for automatic authentication during a reset or reboot. In the event of a security breach, the credential caching system clears the set of authentication credentials from the credential cache memory so that the set of authentication credentials may no longer be used for a reset or reboot.
Abstract translation: 凭证高速缓存系统包括接收一组认证凭证,将认证凭证集合存储在凭证高速缓冲存储器中,其中凭证高速缓冲存储器与管理控制器耦合,并在复位期间提供用于自动认证的一组认证凭证, 重启。 在发生安全漏洞的情况下,凭据高速缓存系统会从凭据高速缓存中清除一组身份验证凭据,以便认证凭证集可能不再用于重置或重新启动。
-
公开(公告)号:US09710418B2
公开(公告)日:2017-07-18
申请号:US12355398
申请日:2009-01-16
Applicant: Mukund P. Khatri , Kevin T. Marks
Inventor: Mukund P. Khatri , Kevin T. Marks
CPC classification number: G06F13/4282 , G06F21/85 , G06F2213/0026
Abstract: A system and method for accessing and identifying the security parameters of a device in an information handling system is disclosed. A device in a computer system may operate according to a defined security protocol, and multiple security protocols may exist across the devices of the system. In operation, a configuration capability is defined within the PCI Express communications protocol. This capability includes a capabilities data structure through which parameters concerning the security parameters of the device may be identified and passed to a processor.
-
公开(公告)号:US20100185799A1
公开(公告)日:2010-07-22
申请号:US12355398
申请日:2009-01-16
Applicant: Mukund P. Khatri , Kevin T. Marks
Inventor: Mukund P. Khatri , Kevin T. Marks
CPC classification number: G06F13/4282 , G06F21/85 , G06F2213/0026
Abstract: A system and method for accessing and identifying the security parameters of a device in an information handling system is disclosed. A device in a computer system may operate according to a defined security protocol, and multiple security protocols may exist across the devices of the system. In operation, a configuration capability is defined within the PCI Express communications protocol. This capability includes a capabilities data structure through which parameters concerning the security parameters of the device may be identified and passed to a processor.
Abstract translation: 公开了一种用于访问和识别信息处理系统中的设备的安全参数的系统和方法。 计算机系统中的设备可以根据定义的安全协议来操作,并且跨系统的设备可以存在多个安全协议。 在操作中,在PCI Express通信协议中定义配置功能。 该功能包括功能数据结构,通过该能力数据结构,可以识别与设备的安全参数相关的参数并将其传递给处理器。
-
Patent Agency Ranking
公开(公告)号:US20100202617A1
公开(公告)日:2010-08-12
申请号:US12424787
申请日:2009-04-16
Applicant: Viswanathan Balakrishnan , Santosh Bhadri , Mukund P. Khatri , Kevin T. Marks , Narayanan Subramaniam , Venkatesan Balakrishnan
Inventor: Viswanathan Balakrishnan , Santosh Bhadri , Mukund P. Khatri , Kevin T. Marks , Narayanan Subramaniam , Venkatesan Balakrishnan
CPC classification number: H04L9/0816 , G06F11/1402 , G06F21/575 , H04L9/0894 , H04L9/3223 , H04L9/3236
Abstract: A system and method for managing the recovery key of a computer system is disclosed. The computer system includes a security layer, and the recovery key is stored locally to a memory location on the computer system, including, as examples, flash memory on the motherboard of the computer system or a USB port on the computer system. In operation, when it becomes necessary for the computer system to authenticate the recovery key, the recovery key may be retrieved from the local memory. The retrieval and storage of the recovery key may be managed by a remote administrator. The recovery key may be stored in a hidden partition in the storage location, and the recovery key may be cryptographically wrapped to add an additional layer of security.
Abstract translation: 公开了一种用于管理计算机系统的恢复密钥的系统和方法。 计算机系统包括安全层,并且恢复密钥本地存储在计算机系统上的存储器位置,例如包括计算机系统的主板上的闪存或计算机系统上的USB端口。 在操作中,当计算机系统需要认证恢复密钥时,可以从本地存储器检索恢复密钥。 恢复密钥的检索和存储可以由远程管理员管理。 恢复密钥可以存储在存储位置中的隐藏分区中,并且恢复密钥可以被加密地包装以增加额外的安全层。
-
公开(公告)号:US08353026B2
公开(公告)日:2013-01-08
申请号:US12256831
申请日:2008-10-23
Applicant: Muhammed K. Jaber , Mukund P. Khatri , Kevin T. Marks , Don Charles McCall
Inventor: Muhammed K. Jaber , Mukund P. Khatri , Kevin T. Marks , Don Charles McCall
CPC classification number: G06F21/60 , G06F21/31 , G06F21/86 , G06F2221/2143
Abstract: A credential caching system includes receiving a set of authentication credentials, storing the set of authentication credentials in a credential cache memory, wherein the credential cache memory is coupled with a management controller, and supplying the set of authentication credentials for automatic authentication during a reset or reboot. In the event of a security breach, the credential caching system clears the set of authentication credentials from the credential cache memory so that the set of authentication credentials may no longer be used for a reset or reboot.
Abstract translation: 凭证高速缓存系统包括接收一组认证凭证,将认证凭证集合存储在凭证高速缓冲存储器中,其中凭证高速缓冲存储器与管理控制器耦合,并在复位期间提供用于自动认证的一组认证凭证, 重启。 在发生安全漏洞的情况下,凭据高速缓存系统会从凭据高速缓存中清除一组身份验证凭据,以便认证凭证集可能不再用于重置或重新启动。
-
公开(公告)号:US20100111309A1
公开(公告)日:2010-05-06
申请号:US12262962
申请日:2008-10-31
Applicant: Mukund P. Khatri , Kevin T. Marks , Don H. Walker
Inventor: Mukund P. Khatri , Kevin T. Marks , Don H. Walker
CPC classification number: G06F21/575 , G06F21/602
Abstract: During execution of BIOS at an information handling system, a processor communicates with the storage controller via a command line protocol (CLP) communications channel. Via the channel, the processor obtains identification information for storage devices associated with the storage controller. The processor communicates the identification information to a key management client, which obtains encryption keys based on the identification information from a key management server. The processor receives the encryption keys, and communicates them to the storage controller via the CLP communications channel. The CLP communications channel thus provides a convenient and flexible interface for communication of security information prior to execution of an operating system.
Abstract translation: 在信息处理系统执行BIOS期间,处理器通过命令行协议(CLP)通信信道与存储控制器进行通信。 通过该通道,处理器获得与存储控制器相关联的存储设备的识别信息。 处理器将识别信息传送到密钥管理客户端,密钥管理客户端基于来自密钥管理服务器的识别信息获得加密密钥。 处理器接收加密密钥,并通过CLP通信通道将其传送到存储控制器。 因此,CLP通信信道为执行操作系统之前的安全信息的通信提供了方便和灵活的接口。
-
9.发明授权System and method for performing system memory save in tiered/cached storage 有权在分层/高速缓存存储器中执行系统内存的系统和方法公开(公告)号:US09009407B2
公开(公告)日:2015-04-14
申请号:US13074958
申请日:2011-03-29
Applicant: William Sauber , Mukund P. Khatri
Inventor: William Sauber , Mukund P. Khatri
CPC classification number: G06F12/0804 , G06F1/26 , G06F1/3203 , G06F3/0619 , G06F3/0625 , G06F3/0634 , G06F3/0643 , G06F3/0647 , G06F3/0659 , G06F3/0685 , G06F3/0688 , G06F12/0895 , G06F2212/1032
Abstract: In accordance with the present disclosure, a system and method for performing a system memory save in tiered or cached storage during transition to a decreased power state is disclosed. As disclosed herein, the system incorporating aspects of the present invention may include a flash or other nonvolatile memory such as a solid-state drive, volatile memory, and at least one alternate storage media. Upon transition to a decreased power state, at least some of the data in the solid-state drive, for example, may be transferred to the at least one alternate storage media. After the SSD data is transferred, data stored in volatile system memory, such as a system context, may be transferred to the SSD memory. With the system context saved in SSD memory, power to the volatile system memory may be turned off.
Abstract translation: 根据本公开,公开了一种用于在转换到降低的功率状态期间执行分层或高速缓存的存储器中的系统存储器的系统和方法。 如本文所公开的,结合本发明的方面的系统可以包括闪存或其他非易失性存储器,例如固态驱动器,易失性存储器和至少一个备用存储介质。 在转换到降低的功率状态时,固态驱动器中的至少一些数据可以被传送到至少一个备用存储介质。 在传输SSD数据之后,存储在诸如系统环境的易失性系统存储器中的数据可以被传送到SSD存储器。 将系统上下文保存在SSD存储器中,可能会关闭易失性系统内存的电源。
-
10.发明授权System and method for creating and dynamically maintaining system power inventories 有权用于创建和动态维护系统电源库存的系统和方法公开(公告)号:US08806254B2
公开(公告)日:2014-08-12
申请号:US13019099
申请日:2011-02-01
Applicant: Stuart Allen Berke , Mukund P. Khatri
Inventor: Stuart Allen Berke , Mukund P. Khatri
CPC classification number: G06F1/3203 , G06F1/3206
Abstract: In accordance with the present disclosure, a system and method for creating and dynamically maintaining power inventories of an information handling system is presented. A system for creating and dynamically maintaining power inventories of an information handling system may include a memory and a processor. The processor may be operable to generate power inventories for the information handling system and save the power inventories in the memory. Each of the power inventories may correspond to one of the power states of the information handling system. The processor may also be operable to dynamically update each of the saved power inventories in response to changes in the information handling system.
Abstract translation: 根据本公开,提出了一种用于创建和动态维护信息处理系统的功率存量的系统和方法。 用于创建和动态地维护信息处理系统的电力库存的系统可以包括存储器和处理器。 处理器可以可操作以产生用于信息处理系统的功率存量并将功率存储器存储在存储器中。 每个电力库存可以对应于信息处理系统的功率状态之一。 处理器还可以用于响应于信息处理系统的变化来动态地更新每个保存的功率库。
-
-
-
-
-
-
-
-
-
Search Results
70
records
(took 0.023 seconds)
