Patent application number | Description | Published |
20080244079 | COMPUTER PATCH MANAGEMENT IN "ROAD WARRIOR" CONTEXTS - Methods and arrangements for facilitating and streamlining patch management in “road warrior” and analogous contexts. Particularly, there are broadly contemplated herein, in accordance with at least one presently preferred embodiment of the present invention, methods and arrangements for facilitating determinations of suitable times for enabling system updates and/or downloads. | 10-02-2008 |
20080244096 | DISKLESS CLIENT USING A HYPERVISOR - An arrangement for facilitating remote booting in diskless client systems as just described. To this end, there is broadly contemplated herein the employment of a hypervisor that can freely accommodate a variety of booting arrangements for a given OS. This then ensures that few if any modifications, especially costly ones, would need to be made to the OS to ensure greater versatility. | 10-02-2008 |
20080244254 | MULTI-MODE COMPUTER OPERATION - A mobile device, such as a laptop or notebook computer, capable of booting from at least two environments. If a remote environment is present, the mobile device may boot from the remote environment. The mobile device may also boot from the local environment. | 10-02-2008 |
20090089590 | MERGING EXTERNAL NVRAM WITH FULL DISK ENCRYPTION - Methods and arrangements for managing a flash drive, hard disk, or connection between the two, in a manner to ensure that sensitive data is not decrypted at any time when it would be vulnerable. Accordingly, in a first implementation, the data may preferably be encrypted as it first goes into a flash drive and decrypted when it comes out of the flash drive. In another implementation, the flash drive may be logically bound to the hard disk, so that they would both use the same encryption key. In yet another implementation, if a hard disk is moved to another system, then the flash drive may also preferably be simultaneously moved. | 04-02-2009 |
20090089875 | LOCAL VERIFICATION OF TRUSTED DISPLAY BASED ON REMOTE SERVER VERIFICATION - In a system with a main memory, a network adapter, and a display, a transaction security module in communication with the network adapter. The transaction security module acts to: establish a secure identification item with an entity which positively identifies the entity; accept an application OS of the entity; and initiate a guest OS with the entity; the network adapter acting to connect with the entity subsequent to initiation of a guest OS; and the display acting to display the secure identification item subsequent to connection with the entity. | 04-02-2009 |
20090138868 | Techniques for Providing Software Patches to a Computer System - A technique for providing a software patch to an associated computer system includes receiving, at a wireless communication device, a communication. Next, it is determined, at the wireless communication device, whether the communication is associated with a software patch available for the associated computer system. When the communication is associated with the software patch, a notification is sent from the wireless communication device to the associated computer system that the software patch is available. | 05-28-2009 |
20090222651 | S3 BIOS OPERATING SYSTEM SWITCH - Arrangements for employing a system BIOS (basic input/output system) to handle email during a suspended state (such as an “S3” state as will be better understood herebelow). Preferably, the BIOS is employed to “jump” between two suspended images such that, e.g., two more powerful OS's can be employed to manage the mail function. | 09-03-2009 |
20090222889 | REMOTE DISABLEMENT OF A COMPUTER SYSTEM - Methods and arrangements for ensuring that, when a computer system is stolen or otherwise misplaced, the system is rendered unusable (i.e., locked down). Conventional solutions have required software running on the system to perform the lockdown action, but in accordance with at least one preferred embodiment of the present invention is the linkage of TPM (Trusted Platform Module) and AMT (Active Management Technology) solutions whereby an AMT arrangement can remove secure data or identifiers so that any encrypted data present on the system will become unusable. | 09-03-2009 |
20090222909 | Password Management Outside of a Bios - In accordance with at least one presently preferred embodiment of the present invention, there is broadly contemplated herein the managing of a POP not solely in the BIOS but at least partly in a more secure location. In accordance with a particularly preferred embodiment of the present invention, this location could be in a NVRAM (non-volatile random access memory) inside a TPM (trusted platform module). Most preferably, this location will contain code that the BIOS preferably will need to access and employ in order to complete the booting of the system. | 09-03-2009 |
20090313478 | ARRANGMENTS FOR INTERFACING WITH A USER ACCESS MANAGER - Arrangements which permit the employment of dedicated user-access management architecture with more than text-based access. Particularly contemplated herein are arrangements for accepting user identifiers that are then communicated to an intermediate user-delineating architecture (i.e., architecture configured for permitting access to encrypted data or sections of a computer on a user-specific basis) in a manner to permit the user-delineating architecture to perform its own task of unlocking data or sections of a computer. | 12-17-2009 |
20090327687 | ARRANGEMENTS FOR ESTABLISHING MANAGEMENT ENGINE DEFAULT SETTINGS - The employment of a process of applying user-defined defaults to a management engine or analogous arrangement, wherein a system BIOS calls or recalls such defaults, as needed, from NVRAM responsive to the need for a reset of defaults. | 12-31-2009 |
20100057440 | MULTI-LANGUAGE SUPPORT IN PREBOOT ENVIRONMENT - Systems and methods for providing multi-language support in a pre-boot environment are supplied. User interface type information, such as keyboard type information and translation tables, are ascertained and provided to the pre-boot environment of the apparatus, allowing the apparatus to properly receive and/or translate multi-language inputs in an appropriate fashion. | 03-04-2010 |
20100083357 | REMOTE REGISTRATION OF BIOMETRIC DATA INTO A COMPUTER - Systems and arrangements for permitting the transmission of fingerprint authentication data to a system remotely, while also permitting the system to employ such data as well as passwords in order to operate a computer system, while ensuring a reliable level of security for any group or organization using such systems and arrangements. | 04-01-2010 |
20100162373 | MANAGEMENT OF HARDWARE PASSWORDS - In the context of computer systems, the generation of preboot passwords at a server instead of at a client. Preferably, preboot passwords generated at the server are distributed to the client, and a process is offered whereby a user can establish his/her own proxy, not known to the server, that can be used to release the stored passwords to the client hardware. Since the passwords are generated at the server, management of the passwords is greatly facilitated since they are generated at the site where they are stored. This also makes it easy to implement management features such as a group policy, since the password generation software will be able to make logical connections between users and hardware. | 06-24-2010 |
20100250959 | SECURITY FOR STORAGE DEVICES - The invention broadly contemplates a security solution for storage devices that is inexpensive and robust. The invention allows a store of system specific data to be used to release the hard disk key of full-disk encryption (FDE) drives. This system specific data is passed to the FDE drives and used to calculate the actual encryption key. This allows for safe disposal of an FDE drive containing confidential data, as the lack of available system specific decryption data makes decryption virtually impossible. | 09-30-2010 |
20110126033 | SYSTEMS AND METHODS FOR ELECTRONIC DEVICE POWER MANAGEMENT - Embodiments of the invention implement one or more power management policies on one or more devices in order intelligently to manage the finite amount of battery power available while maximizing synchronization between connected devices. | 05-26-2011 |
20110154010 | SECURITY TO EXTEND TRUST - An exemplary apparatus includes one or more processors; memory; circuitry configured to hash a value associated with core root of trust measurement code and system management code; store the hash in a secure register; load an operating system; validate a certificate associated with the core root of trust measurement code and validate a certificate associated with the system management code; based on the validated certificates, provide an expected hash associated with the core root of trust measurement code and the system management code; decide if the expected hash matches the hash stored in the register; and, if the expected hash matches the hash stored in the register, commence a dynamic root of trust measurement session. Various other apparatuses, systems, methods, etc., are also disclosed. | 06-23-2011 |
20110238541 | AUDIT TRAILS FOR ELECTRONIC FINANCIAL TRANSACTIONS - An exemplary method includes transmitting, via a network interface, at least a currency amount in an attempt to confirm a financial transaction; responsive to the transmitting, receiving a confirmation indicator for the financial transaction; storing at least the currency amount in non-volatile memory; hashing at least the currency amount to generate a hash and storing the hash in a secure non-volatile memory; hashing at least the currency amount stored in the non-volatile memory to generate a verification hash; and in an attempt to verify at least the financial transaction, comparing the verification hash to the hash stored in the secure non-volatile memory. Various other apparatuses, systems, methods, etc., are also disclosed. | 09-29-2011 |
20120239917 | Secure Boot With Minimum Number of Re-Boots - Systems, methods and products are described that provide secure boot with a minimum number of re-boots. One aspect provides a method including receiving an indication to boot from a power off state at a computing device; responsive to authenticating a user at one or more input devices, releasing a value derived from authenticating the user at the one or more input devices; responsive to releasing the value, unlocking one or more encrypted drives with a previously established alternate credential; and thereafter proceeding to boot from the power off state. By not having to call the non-BIOS software each boot, this minimizes the number of reboots for each boot cycle. | 09-20-2012 |
20120239939 | Secure Resume for Encrypted Drives - Systems, methods and products are described that provide secure resume for encrypted drives. One aspect provides a method including: receiving an indication to resume from a suspended state at a computing device; responsive to authenticating a user at one or more input devices, accessing a value in a BIOS derived from authenticating the user at the one or more input devices; responsive to accessing the value, releasing a credential for unlocking one or more encrypted drives; and thereafter proceeding to resume from the suspend state. | 09-20-2012 |
20140201512 | DATA STORAGE FOR REMOTE ENVIRONMENT - A method can include receiving operating system environment settings via a network; storing the received operating system environment settings to a storage device; establishing an operating system environment according to the stored operating system environment settings; receiving information via the network; instructing the established operating system environment according to the received information; and, in response to the instructing, transmitting via the network information generated at least in part by the established operating system environment. Various other apparatuses, systems, methods, etc., are also disclosed. | 07-17-2014 |
20140208132 | WAKE ON CLOUD - A method can include receiving a request to access a specified resource associated with a user account; and, in response to the request, transmitting, to a network address associated with the user account, instructions for waking a system or device from a sleep state and for accessing the specified resource. Various other apparatuses, systems, methods, etc., are also disclosed. | 07-24-2014 |