Patent application number | Description | Published |
20080256107 | Integrating data with a contact - A system and method for integrating data with a contact is disclosed. The technology initially receives a first data element from a contact and provides a representation of the first data element. The representation of the first data element is then coupled with the contact on a contact list. A second data element is then received from the contact and a representation of the second data element received is also provided. The representation of the second data element is then coupled with the contact on the contact list, such that the representation of the first data element and the representation of the second data element are concurrently coupled with the contact on the contact list. | 10-16-2008 |
20090187655 | Secure platform management device - A platform management device configured to control the functionality of a provisioned electronic device is disclosed. The platform management device includes a processor operative to execute commands. A memory maintains a series of instructions that when executed by the processor, causes the processor to: ( | 07-23-2009 |
20100037291 | SECURE COMPUTING ENVIRONMENT USING A CLIENT HEARTBEAT TO ADDRESS THEFT AND UNAUTHORIZED ACCESS - Techniques for securing a client. An operating system agent is one or more software modules that execute in an operating system of a client, such as a portable computer. Portions of the operating system agent may monitor resources of the client. The operating system agent sends a message, which describes an operational state of the operating system agent, to a BIOS agent. The BIOS agent is one or more software modules operating in a BIOS of the client. The BIOS agent performs an action based on a policy that is described by policy data stored within the BIOS of the client. The BIOS agent performs the action in response to either (a) the operational state described by the message, or (b) the BIOS agent not receiving the message after an expected period of time. | 02-11-2010 |
20100037312 | SECURE COMPUTING ENVIRONMENT TO ADDRESS THEFT AND UNAUTHORIZED ACCESS - Techniques for securing a client. A BIOS agent stores policy data within a BIOS of the client. The BIOS agent is one or more software modules that execute in the BIOS of the client. The policy data describes one or more policies which the client should follow. When an operating system agent detects that a condition, specified by a particular policy of the one or more policies, has been met, the operating system agent performs one or more actions specified by the particular policy, such as disabling the client, retrieving a file from the client, erasing a file from the client, or encrypting a file on the client. The operating system agent is one or more software modules that execute in the operating system of the client. | 02-11-2010 |
20100037323 | RECEIVING POLICY DATA FROM A SERVER TO ADDRESS THEFT AND UNAUTHORIZED ACCESS OF A CLIENT - Techniques for securing a client. When a client, such as a portable computer, undergoes a change in operational state, an operating system agent sends a state message to a server. The state message describes the change in the operational state of the client. The operating system agent is one or more software modules that execute in an operating system of the client. The client receives a policy message from the server. The policy message contains policy data, which a BIOS agent stores in the BIOS of the client. The policy data identifies one or more security policies which the client should follow. | 02-11-2010 |
20100120406 | Secure platform management with power savings capacity - An electronic device, for example, a laptop computer includes a processor, a transceiver module, for example, a Bluetooth module and a memory. The memory includes a platform proximity agent, which may be implemented as a series of instructions, which when executed by the processor, causes the processor to receive a Bluetooth signal from a corresponding provisioned Bluetooth device, for example, a cellular telephone. Next, determine whether the received signal exceeds both a strength threshold level and a predetermined time threshold level, where the signal strength and time threshold levels are established when the laptop and a corresponding cell phone are paired during a provisioning process. When the received signal strength and duration both exceed the corresponding policy based thresholds, the laptop enters (or remains in) a full power state with full access to the monitor and the platform. On the other hand, when the received signal strength and duration both fall below (or are less than) the corresponding policy based threshold, the laptop enters (or remains in) a reduced power, or locked state. | 05-13-2010 |
20100138616 | Input-output virtualization technique - Methods, systems, apparatuses and program products are disclosed for managing device virtualization in hypervisor and hypervisor-related environment which include both pass-thru I/O and emulated I/O. | 06-03-2010 |
20100174820 | Network connection manager - Methods, systems, apparatuses and program products are disclosed for managing connections to telecommunications networks, especially networks that deploy Internet Protocols and the like. | 07-08-2010 |
20100174924 | HIERARCHICAL POWER MANAGEMENT - Methods, systems, apparatuses and program products are disclosed for providing power/energy control. | 07-08-2010 |
20100241821 | Inter operating system memory hotswap to support memory growth a non-virtualized system - Methods, systems, apparatuses and program products are disclosed for managing memory multiple OSes within a single computer and the like. | 09-23-2010 |
20100241839 | Loading operating systems using memory segmentation and ACPI based context switch - Methods, systems, apparatuses and program products are disclosed for managing multiple OSes within a single computer and the like. | 09-23-2010 |
20110055536 | FILE SYSTEM FOR DUAL OPERATING SYSTEMS - Methods, systems, apparatuses and program products are disclosed for managing, activating and controlling file systems sharing among two or more O/S (Operating Systems) and/or the like within a computing apparatus or within a single computer operational session or context. | 03-03-2011 |
20110099547 | APPROACHES FOR INSTALLING SOFTWARE USING BIOS - Approaches for installing software, configuration changes, or content on a machine using BIOS residing thereon. BIOS executing on a client contains an injector module, which is a component detects whether a bootstrap program is installed on the client, and, barring a valid reason for the absence of the bootstrap program, installs the bootstrap program on the client. The bootstrap program is a software program, stored by the operating system of the client, which determines whether an OS component program is installed and executing on the client, and, barring a valid reason for the absence of the OS component program, installs the OS component program on the client. The OS component program monitors the actions of the user of the client to ascertain whether any legitimate changes have been made to the software programs installed thereon and installs any additional desired software, configuration changes, or content on the client. | 04-28-2011 |
20110296412 | APPROACHES FOR SECURING AN INTERNET ENDPOINT USING FINE-GRAINED OPERATING SYSTEM VIRTUALIZATION - Approaches for executing untrusted software on a client without compromising the client using micro-virtualization to execute untrusted software in isolated contexts. A template for instantiating a virtual machine on a client is identified in response to receiving a request to execute an application. After the template is identified, without human intervention, a virtual machine is instantiated, using the template, in which the application is to be executed. The template may be selected from a plurality of templates based on the nature of the request, as each template describe characteristics of a virtual machine suitable for a different type of activity. Selected resources such as files are displayed to the virtual machines according to user and organization policies and controls. When the client determines that the application has ceased to execute, the client ceases execution of the virtual machine without human intervention. | 12-01-2011 |
20130055256 | APPROACHES FOR AUTOMATED MANAGEMENT OF VIRTUAL MACHINES FOR RUNNING UNTRUSTED CODE SAFELY - Approaches for transferring data to a client by safely receiving the data in or more virtual machines. In response to the client determining that digital content, originating from an external source, is to be received or processed by the client, the client identifies, without human intervention, one or more virtual machines, executing or to be executed on the client, into which the digital content is to be stored. In doing so, the client may consult policy data to determine a placement policy, a containment policy, and a persistence policy for any virtual machine to receive the digital content. In this way, digital content, such as executable code or interpreted data, of unknown trustworthiness may be safely received by the client without the possibility of any malicious code therein from affecting any undesirable consequence upon the client. | 02-28-2013 |
20130132691 | APPROACHES FOR EFFICIENT PHYSICAL TO VIRTUAL DISK CONVERSION - Approaches for providing a guest operating system to a virtual machine. A read-only copy of one or more disk volumes, including a boot volume, is created. A copy of a master boot record (MBR) for the one or more disk volumes is also stored. The read-only copy may be, but need not be, made using a Volume Shadow Copy Service (VSS). A virtual disk, for use by the virtual machine, is created based on the read-only copy of the one or more disk volumes and the copy of the master boot record (MBR), wherein the virtual disk comprises the guest operating system used by the virtual machine. In this way, a single installed operating system may provide both the host operating system and the guest operating system. | 05-23-2013 |
20130191924 | Approaches for Protecting Sensitive Data Within a Guest Operating System - Approaches for preventing unauthorized access of sensitive data within an operating system (OS), e.g., a guest OS used by a virtual machine. Dummy data may be written over physical locations on disk where sensitive data is stored, thereby preventing a malicious program from accessing the sensitive data. Alternately, a delete operation may be performed on sensitive data within an OS, and thereafter the OS is converted into a serialized format to expunge the deleted data. The serialized OS is converted into a deserialized form to facilitate its use. Optionally, a data structure may be updated to identify where sensitive data is located within an OS. When a request to access a portion of the OS is received, the data structure is consulted to determine whether the requested portion contains sensitive data, and if so, dummy data is returned to the requestor without consulting the requested portion of the OS. | 07-25-2013 |
20140259159 | Securing File Trust with File Format Conversions - Approaches for ensuring a digital file does not contain malicious code. A digital file in an original format may or may not contain malicious code. An intermediate copy of the digital file in an intermediate format is created from the digital file in the original format. The intermediate format preserves a visual or audio presentation of the digital file without supporting metadata or file format data structures of the original format. A sterilized copy of the digital file is created from the intermediate copy. The sterilized copy is in the original format. The sterilized copy comprises a digital signature indicating that the sterilized copy has been converted from the intermediate format to the original format. Advantageously, the sterilized copy is guaranteed to not possess any malicious code. | 09-11-2014 |
20140380315 | Transferring Files Using A Virtualized Application - Approaches for transferring a file using a virtualized application. A virtualized application executes within a virtual machine residing on a physical machine. When the virtualized application is instructed to download a file stored external to the physical machine, the virtualized application displays an interface which enables at least a portion of a file system, maintained by a host OS, to be browsed while preventing files stored within the virtual machine to be browsed. Upon the virtualized application receiving input identifying a target location within the file system, the virtualized application stores the file at the target location. The virtualized application may also upload a file stored on the physical machine using an interface which enables at least a portion of a file system of a host OS to be browsed while preventing files in the virtual machine to be browsed. | 12-25-2014 |