会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Computer system including a bus bridge for connection to a security services processor
    • 计算机系统包括用于连接到安全服务处理器的总线桥
    • US07334123B2
    • 2008-02-19
    • US10429132
    • 2003-05-02
    • Dale E. GulickGeoffrey S. StronginLarry D. Hewitt
    • Dale E. GulickGeoffrey S. StronginLarry D. Hewitt
    • H04L9/00G06F9/44G06F15/00
    • G06F21/74G06F21/85G06F2221/2105
    • A computer system including a bus bridge for bridging transactions between a secure execution mode-capable processor and a security services processor. The bus bridge may include a transaction source detector, a configuration header and control logic. The transaction source detector may receive a security initialization transaction performed as a result of execution of a security initialization instruction. Further, the transaction source detector may determine whether the secure execution mode-capable processor is a source of the security initialization transaction. The configuration header may provide storage of information associated with the security services processor. The control logic may determine whether the security services processor is coupled to the bus bridge via a non-enumerable, peripheral bus. The control logic may also cause the configuration header to be accessible during a boot-up sequence in response to determining that the security services processor is coupled to the non-enumerable, peripheral bus.
    • 一种计算机系统,包括用于桥接安全执行模式处理器和安全服务处理器之间的事务的总线桥。 总线桥可以包括事务源检测器,配置头和控制逻辑。 事务源检测器可以接收由于执行安全初始化指令而执行的安全初始化事务。 此外,事务源检测器可以确定安全执行模式处理器是否是安全初始化事务的源。 配置头可以提供与安全服务处理器相关联的信息的存储。 控制逻辑可以确定安全服务处理器是否经由不可枚举的外围总线耦合到总线桥。 响应于确定安全服务处理器耦合到不可枚举的外围总线,控制逻辑还可以使得配置头在引导序列期间可访问。
    • 2. 发明授权
    • Secure execution box
    • 安全执行箱
    • US07065654B1
    • 2006-06-20
    • US09852372
    • 2001-05-10
    • Dale E. GulickGeoffrey S. Strongin
    • Dale E. GulickGeoffrey S. Strongin
    • H04L9/00
    • G06F21/85G06F21/72
    • A system and method for secure computing. The system includes a processor, one or more secured assets coupled to the processor, and security hardware. The processor is configured to operate in various operating modes, including a secure operating mode. The security hardware is configured to control access to the secured assets dependant upon the operating mode of the processor. The security hardware is configured to allow access to the secure assets in the secure operating mode, preferably only in the secure operating mode. The method includes switching the computer system between operating modes, while allowing or restricting access to the secured assets based on the operating modes. The second operating mode comprises a secure operating mode. The method restricts access to the secured assets in the first operating mode and permits access to the secured assets in the secure operating mode.
    • 一种用于安全计算的系统和方法。 该系统包括处理器,耦合到处理器的一个或多个安全资产以及安全硬件。 处理器被配置为在各种操作模式下操作,包括安全操作模式。 安全硬件被配置为根据处理器的操作模式控制对安全资产的访问。 安全硬件被配置为允许以安全操作模式访问安全资产,优选仅在安全操作模式下。 该方法包括在操作模式之间切换计算机系统,同时基于操作模式允许或限制对安全资产的访问。 第二操作模式包括安全操作模式。 该方法限制了在第一操作模式下对安全资产的访问,并允许以安全操作模式访问安全资产。
    • 4. 发明授权
    • Enhanced security and manageability using secure storage in a personal computer system
    • 在个人计算机系统中使用安全存储来增强安全性和可管理性
    • US07216362B1
    • 2007-05-08
    • US09853395
    • 2001-05-11
    • Geoffrey S. StronginDale E. Gulick
    • Geoffrey S. StronginDale E. Gulick
    • G06F12/14G06F12/00G06F7/04G06F13/00
    • G06F12/1441G06F7/582G06F12/1458G06F21/53G06F21/72
    • A method and system for enhanced security and manageability using secure storage. The system may include a crypto-processor and a memory coupled to receive memory transactions through the crypto-processor. The memory transactions are passed to the memory by the crypto-processor. The system may include a first processor, a second processor coupled to the first processor, and a storage device operably coupled to the first processor through the second processor. The second processor is configured to control access to the storage device. The method includes transmitting a request for a memory transaction for a storage location in the storage device and receiving the request for the memory transaction at the crypto-processor. The method also includes determining if the memory transaction is authorized for the storage location, and passing the request for the memory transaction to the storage device if the memory transaction is authorized for the storage location.
    • 一种使用安全存储来增强安全性和可管理性的方法和系统。 该系统可以包括加密处理器和耦合以通过密码处理器接收存储器事务的存储器。 存储器事务由加密处理器传递到存储器。 该系统可以包括第一处理器,耦合到第一处理器的第二处理器,以及通过第二处理器可操作地耦合到第一处理器的存储设备。 第二处理器被配置为控制对存储设备的访问。 该方法包括向存储设备发送对存储位置的存储器事务的请求,并在密码处理器处接收对存储器事务的请求。 该方法还包括确定存储器事务是否被授权用于存储位置,并且如果存储器事务被授权用于存储位置,则将存储器事务的请求传递到存储设备。
    • 6. 发明授权
    • Secure booting of a personal computer system
    • 安全启动个人计算机系统
    • US07007300B1
    • 2006-02-28
    • US09870890
    • 2001-05-30
    • Frederick D. WeberDale E. GulickGeoffrey S. Strongin
    • Frederick D. WeberDale E. GulickGeoffrey S. Strongin
    • H04K1/00H04L9/32H04N7/16
    • Methods for securing booting a personal computer system. One method includes establishing a secret between two or more devices and securing the secret in each of the two or more devices. Another method includes processing BIOS code instructions and accessing security hardware. The method also includes accessing a first device, locking the security hardware, and calling boot code. Another method includes reading a secret from a first location, storing the secret in a secure location different from the first location, and locking the first location. Another method includes requesting authentication for a device, receiving authentication for the device, and setting a timer associated with the device. Another method includes requesting authentication for a device, failing authentication for the device, and preventing access to the device upon failing authentication for the device.
    • 用于确保启动个人计算机系统的方法。 一种方法包括在两个或更多个设备之间建立秘密,并且在两个或更多个设备中的每一个中确保秘密。 另一种方法包括处理BIOS代码指令和访问安全硬件。 该方法还包括访问第一设备,锁定安全硬件和调用引导代码。 另一种方法包括从第一位置读取秘密,将秘密存储在与第一位置不同的安全位置,并锁定第一位置。 另一种方法包括请求对设备的认证,接收设备的认证,以及设置与设备相关联的定时器。 另一种方法包括请求设备认证,设备认证失败,以及在设备认证失败时阻止对设备的访问。
    • 10. 发明授权
    • Personal computer security mechanism
    • 个人电脑安全机制
    • US06832317B1
    • 2004-12-14
    • US09853437
    • 2001-05-11
    • Geoffrey S. StronginDale E. Gulick
    • Geoffrey S. StronginDale E. Gulick
    • H04K100
    • G06F21/85G06F21/72
    • A device, method, and system for authenticating devices in a computer system. The device includes a storage location for storing a GUID. The device is configured to provide the GUID to a master in the computer system during a trusted setup. The device is further configured to provide at least an indication of the GUID during a data transaction. The computer system includes a master device and a device comprising a storage location for storing a GUID. The device is configured to provide the GUID to the master device during a trusted setup. The device is further configured to provide at least an indication of the GUID during a data transaction. The method includes providing a GUID and receiving a request for a data transaction. The method also includes transmitting data in the data transaction and at least an indication of the GUID in the data transaction and authenticating the data using at least the indication of the GUID in the data transaction.
    • 用于在计算机系统中验证设备的设备,方法和系统。 该设备包括用于存储GUID的存储位置。 该设备被配置为在可信设置期间向计算机系统中的主设备提供GUID。 该设备还被配置为在数据交易期间提供GUID的至少一个指示。 计算机系统包括主设备和包括用于存储GUID的存储位置的设备。 设备配置为在可信设置期间向主设备提供GUID。 该设备还被配置为在数据交易期间提供GUID的至少一个指示。 该方法包括提供GUID并接收对数据事务的请求。 该方法还包括在数据事务中传送数据和至少在数据事务中的GUID的指示,并且至少使用数据事务中的GUID的指示来认证数据。