专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明专利

JP2013149135A Method for booting computer and computer 有权
标题翻译：打击计算机和计算机的方法
公开(公告)号：JP2013149135A
公开(公告)日：2013-08-01
申请号：JP2012009980
申请日：2012-01-20
申请人： Lenovo Singapore Pte Ltd , レノボ・シンガポール・プライベート・リミテッド
发明人： SASAKI TAKESHI , KASAMATSU EITARO , MORISHIGE YUSAKU , OTANI KOSUKE
IPC分类号： G06F21/57
CPC分类号： G06F9/4406 , G06F9/44 , G06F9/4401 , G06F21/575
摘要： PROBLEM TO BE SOLVED: To provide a method for temporarily skipping a secure boot function.SOLUTION: A computer is configured such that a secure boot function is set as enabled by default. Depression of a power button 47 in a power-off state generates a startup signal. At the time of startup from the S4/S5 state, a switch 207 is turned ON, and a PP bit indicating physical presence is set at a register 211. In addition, depression of a specific key on a keyboard 37 causes a DE bit to be set at a register 213. When the PP bit and the DE bit are found, UEFI firmware stored in a firmware ROM 27 temporarily skips integrity validation of a boot program only for the current boot.
摘要翻译：要解决的问题：提供一种临时跳过安全引导功能的方法。解决方案：配置计算机，使安全引导功能默认设置为启用。处于断电状态的电源按钮47的抑制产生启动信号。在从S4 / S5状态起动时，开关207接通，指示物理存在的PP位被设定在寄存器211.另外，按压键盘37上的特定键使得DE位被设置在寄存器213.当找到PP位和DE位时，存储在固件ROM 27中的UEFI固件暂时跳过针对当前引导的引导程序的完整性验证。

2. 发明专利

JP2006190278A Method, computer system and program for allowing or disallowing firmware upgrade 审中-公开
标题翻译：方法，计算机系统和程序允许或不安装固件升级
公开(公告)号：JP2006190278A
公开(公告)日：2006-07-20
申请号：JP2005367496
申请日：2005-12-21
申请人： Lenovo Singapore Pte Ltd , レノボ・シンガポール・プライベート・リミテッド
发明人： OKA KENJI , KASAMATSU EITARO , OISHI SHINJI
IPC分类号： G06F11/00
CPC分类号： G06F8/65
摘要： PROBLEM TO BE SOLVED: To facilitate determination of whether to allow or disallow firmware upgrades.
SOLUTION: A first series of bits corresponds to compatibility information of firmware of a computer system. Each bit corresponds to an attribute of the firmware or the system, and is equal to one when the attribute denotes a potential incompatibility factor as to the attribute. A second series of bits corresponds to a firmware image with which the firmware is to be upgraded. Each bit indicates whether the firmware image is compatible with the attribute of a corresponding bit of the first series of bits, and is equal to one where the firmware image is compatible with the attribute. A logical AND operation is performed on the first and the second series of bits. Where the result of the logical AND operation is equal to the first series of bits, the firmware is allowed to be upgraded with the firmware image, and otherwise is disallowed.
COPYRIGHT: (C)2006,JPO&NCIPI
摘要翻译：要解决的问题：为了便于确定是否允许或不允许固件升级。解决方案：第一系列位对应于计算机系统的固件的兼容性信息。每个位对应于固件或系统的属性，并且当该属性表示关于该属性的潜在的不兼容因素时，该位等于1。第二系列位对应于要升级固件的固件映像。每个位指示固件图像是否与第一系列位的相应位的属性兼容，并且等于固件图像与该属性兼容的属性。对第一和第二比特序列执行逻辑“与”运算。在逻辑与运算结果等于第一系列位的情况下，允许使用固件映像升级固件，否则不允许。版权所有（C）2006，JPO＆NCIPI

3. 发明专利

JP2009223729A Method for authenticating physical presence based on tcg specification and computer 有权
标题翻译：基于TCG规范和计算机认证物理存在的方法
公开(公告)号：JP2009223729A
公开(公告)日：2009-10-01
申请号：JP2008068862
申请日：2008-03-18
申请人： Lenovo Singapore Pte Ltd , レノボ・シンガポール・プライベート・リミテッド
发明人： TSUKAMOTO YASUMICHI , KASAMATSU EITARO , HAGIWARA MIKIO , KUMAKI ATSUSHI
IPC分类号： G06F21/20 , G06F1/00 , G06F21/22 , H04L9/32
摘要： PROBLEM TO BE SOLVED: To provide an authentication method for acknowledging physical presence only when an authentic owner operates a platform. SOLUTION: In this computer, a processor provided with a security chip 26 suitable for TCG (Trusted Computing Group) specifications, an organismic authentication unit 41 and a start button 101. A processor executes a CRTM (Core Root of Trust for Measurement) authentication code 121 to perform authentication. The depression of the start button determines whether the computer is subjected to a cold start from an S4 state or S5 state. The CRTM authentication code receives a result of organismic authentication performed by the organismic authentication unit 41. When the computer confirms that the cold start is performed and also that the organismic authentication is successful, a command indicating that physical presence is affirmative is sent to the security chip. COPYRIGHT: (C)2010,JPO&INPIT
摘要翻译：要解决的问题：仅在真实拥有者操作平台时提供用于确认身体存在的认证方法。解决方案：在该计算机中，处理器配备有适合于TCG（可信计算组）规范的安全芯片26，有机认证单元41和启动按钮101.处理器执行CRTM（用于测量的信任的核心根）认证码121进行认证。按下开始按钮确定计算机是否经受从S4状态或S5状态的冷启动。 CRTM验证码接收由有机认证单元41执行的有机认证的结果。当计算机确认执行冷启动并且有机认证成功时，指示物理存在肯定的命令被发送到安全芯片。版权所有（C）2010，JPO＆INPIT

4. 发明专利

JP2007164492A Setting method of device controller and computer system 有权
标题翻译：设备控制器和计算机系统的设置方法
公开(公告)号：JP2007164492A
公开(公告)日：2007-06-28
申请号：JP2005360165
申请日：2005-12-14
申请人： Internatl Business Mach Corp , Lenovo Singapore Pte Ltd , インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation , レノボ・シンガポール・プライベート・リミテッド
发明人： KONO SEIICHI , AKAI TAKAYUKI , KASAMATSU EITARO , UEDA MOTOHISA , SASAKI TAKESHI , YOMO TAKATSUGU , MINE HIROAKI , OBINATA MAKI , MIYAMURA TSUYOSHI
IPC分类号： G06F13/10 , G06F9/445
摘要： PROBLEM TO BE SOLVED: To appropriately set a device controller having two operation modes corresponding to the installation state of a device driver.
SOLUTION: The device controller is operated in the two operation modes of an old operation mode in which it is operated by an old device driver and a new operation mode in which it is operated by a new device driver. For an OS, there is the case that the old device driver is introduced but the new device driver is not introduced. A BIOS sets the device controller to the old operation mode and activates a computer. In the operation environment of the OS, the presence/absence of the new device driver is inspected. When the new device driver is detected, control is shifted to the BIOS and the device controller is set to a new operation mode.
COPYRIGHT: (C)2007,JPO&INPIT
摘要翻译：要解决的问题：适当地设置具有与设备驱动器的安装状态相对应的两种操作模式的设备控制器。
解决方案：设备控制器在旧操作模式的两种操作模式下操作，其中它由旧设备驱动器操作，并且由新设备驱动器操作的新操作模式。对于一个操作系统，有一种情况是引入了旧的设备驱动程序，但没有引入新的设备驱动程序。 BIOS将设备控制器设置为旧的操作模式并激活计算机。在OS的操作环境中，检查新设备驱动程序的存在与否。当检测到新的设备驱动程序时，控制转移到BIOS，设备控制器设置为新的操作模式。版权所有（C）2007，JPO＆INPIT

5. 发明专利

JP2013145475A Method of protecting password and computer 有权
标题翻译：保护密码和计算机的方法
公开(公告)号：JP2013145475A
公开(公告)日：2013-07-25
申请号：JP2012005717
申请日：2012-01-15
申请人： Lenovo Singapore Pte Ltd , レノボ・シンガポール・プライベート・リミテッド
发明人： HAGIWARA MIKIO , KASAMATSU EITARO , TSUKAMOTO YASUMICHI , ARAKI NAOYUKI
IPC分类号： G06F1/00 , G06F21/31 , G06F21/87
CPC分类号： G06F21/45 , G06F1/3203 , G06F21/554 , G06F21/572 , G06F21/88
摘要： PROBLEM TO BE SOLVED: To protect an SSD password from invalid access in an S4 state.SOLUTION: A password is set to SSD. An OS shifts to an S3 state at a time t1, and a BIOS shifts to an S4 state at a time t3. Invalid attachment/detachment is performed to the SSD at a time t4. When the attachment/detachment of the SSD is detected at a time t6, a CPU is reset, a normal basic POST code is executed, and password input is requested. When password authentication is a success, the CPU is reset at a time t7 and a simple POST code for encoding boot to the S3 state in a short time is executed. When the attachment/detachment of the SSD is not detected, the simple POST code automatically sends a password to the SSD without requesting the password input and the boot to the S3 state is ended. The OS performs resume processing from the S3 state to an S0 state.
摘要翻译：要解决的问题：在S4状态下保护SSD密码无效访问。解决方案：将密码设置为SSD。在时间t1，OS切换到S3状态，并且在时间t3切换到S4状态。在时间t4对SSD执行无效的附件/拆卸。当在时间t6检测到SSD的附接/拆卸时，CPU被复位，执行正常的基本POST代码，并且请求密码输入。当密码认证成功时，CPU在时间t7被复位，并且执行用于在短时间内将引导编码引导到S3状态的简单POST代码。当未检测到SSD的附接/拆卸时，简单的POST代码自动向SSD发送密码，而不需要输入密码并且S3状态的引导结束。 OS执行从S3状态到S0状态的恢复处理。

6. 发明专利

JP2012243237A Method for improving reliability in activation and shortening post time and computer 有权
标题翻译：提高活动和休眠时间和计算机可靠性的方法
公开(公告)号：JP2012243237A
公开(公告)日：2012-12-10
申请号：JP2011115540
申请日：2011-05-24
申请人： Lenovo Singapore Pte Ltd , レノボ・シンガポール・プライベート・リミテッド
发明人： ARAKI NAOYUKI , SASAKI TAKESHI , TSUKAMOTO YASUMICHI , KASAMATSU EITARO
IPC分类号： G06F9/445 , G06F1/24
摘要： PROBLEM TO BE SOLVED: To provide an activation method of a computer for compatibly stabilizing an operation and shortening POST time.SOLUTION: A BIOS_ROM 33 stores a first POST code and a second POST code for ending processing in a shorter time period than the first POST code. After a processor 11 is reset and before loading of an OS is started, an opening sensor 39 detects presence/absence of opening of a cover lid and determines a possibility that physical access is performed to an internal device. The first POST code is executed when it is determined that the possibility of the physical access is high, and the second POST code is executed when it is determined that the possibility of the physical access is low.
摘要翻译：要解决的问题：提供一种用于兼容地稳定操作并缩短POST时间的计算机的激活方法。解决方案：BIOS_ROM 33存储第一POST代码和第二POST代码，用于在比第一POST代码更短的时间段内结束处理。在处理器11被复位并且在OS的加载开始之前，打开传感器39检测盖盖的打开是否存在，并且确定对内部设备进行物理访问的可能性。当确定物理访问的可能性高时，执行第一POST代码，并且当确定物理访问的可能性低时，执行第二POST代码。版权所有（C）2013，JPO＆INPIT

7. 发明专利

JP2011076134A Computer protecting privilege level of system management mode 有权
标题翻译：计算机保护系统管理模式的特权级别
公开(公告)号：JP2011076134A
公开(公告)日：2011-04-14
申请号：JP2009223662
申请日：2009-09-29
申请人： Lenovo Singapore Pte Ltd , レノボ・シンガポール・プライベート・リミテッド
发明人： ISHIDA NORIHITO , INADA TOYOAKI , KASAMATSU EITARO , YOSHIYAMA NORITOSHI
IPC分类号： G06F21/22 , G06F21/24
CPC分类号： G06F21/572 , G06F21/74 , G06F2221/2105
摘要： PROBLEM TO BE SOLVED: To protect SMM (system management mode) of a computer, whereas obtaining of a privilege level of SMM poses a major security threat since an important code of the computer is rewritten and an OS cannot recognize which program uses the SMM privilege. SOLUTION: An SMM code is loaded into an SMRAM area of a main memory, and a video BIOS and a system BIOS are loaded into a general area thereof. A hash value of the video BIOS is preliminarily computed, and a vector address of INT10h is obtained and stored in the SMRAM area. When an authentication code calls the video BIOS by INT10h instruction, the hash value is computed in advance to verify the validity, and a vector table is rewritten with the preliminarily obtained vector address, whereby the valid video BIOS can be executed by the INT10h instruction. COPYRIGHT: (C)2011,JPO&INPIT
摘要翻译：要解决的问题：为了保护计算机的SMM（系统管理模式），而获得特权级别的SMM构成主要的安全威胁，因为计算机的重要代码被重写，并且操作系统无法识别哪个程序使用 SMM特权。解决方案：将SMM代码加载到主存储器的SMRAM区域中，并且将视频BIOS和系统BIOS加载到其一般区域中。预先计算视频BIOS的散列值，并获得INT10h的矢量地址并将其存储在SMRAM区域中。当认证码通过INT10h指令调用视频BIOS时，提前计算散列值以验证有效性，并用预先获得的矢量地址重写矢量表，由此可以通过INT10h指令执行有效的视频BIOS。版权所有（C）2011，JPO＆INPIT

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式