公开(公告)号：DE10392320T5

公开(公告)日：2005-02-17

申请号：DE10392320

申请日：2003-02-13

Applicant: INTEL CORP

Inventor： SUTTON JAMES II ,  KOZUCH MICHAEL ,  GRAWROCK DAVID

IPC: G06F21/00 ,  G06F9/40

Abstract: The method involves loading a component of an operating system into a specific region (275) of a memory by the active one of the CPUs (210,220,230) of a multi-processor system (200). The identity of the loaded component is registered. The active CPU is made to jump to a known entry point in the specific region. Independent claims are also included for the following: (1) article of manufacture comprising computer readable medium storing operating system loading program; (2) method of securing a region in computer memory; and (3) apparatus to load trustable operating system.

公开(公告)号：HK1052767A1

公开(公告)日：2003-09-26

申请号：HK03104971

申请日：2003-07-09

Applicant: INTEL CORP

Inventor： GRAWROCK DAVID

IPC: G06F20060101 ,  G06F9/445 ,  G06F21/00

Abstract: In one embodiment, an integrated circuit device comprises a trusted platform module and a boot block memory unit covered by a common package. The boot block memory unit is in communication with the trusted platform module and provides boot information to the trusted platform module. An example of the boot information includes a boot block code.

公开(公告)号：DE10397004A5

公开(公告)日：2014-01-30

申请号：DE10397004

申请日：2003-02-13

Applicant: INTEL CORP

Inventor： SUTTON II JAMES ,  GRAWROCK DAVID ,  KOZUCH MICHAEL

IPC: G06F9/445 ,  G06F21/00

公开(公告)号：DE112005001654B4

公开(公告)日：2011-07-21

申请号：DE112005001654

申请日：2005-07-08

Applicant: INTEL CORP

Inventor： BRICKELL ERNEST ,  SUTTON JAMES II ,  HALL CLIFFORD ,  GRAWROCK DAVID

IPC: H04L9/30

Abstract: Verfahren, das umfaßt: Erzeugen einer verschlüsselten Datenstruktur (514), die einer Vorrichtung (506) zugeordnet ist, wobei die verschlüsselte Datenstruktur (514) einen Privatschlüssel (516) und einen Privatschlüssel-Digest (518) umfaßt; Erzeugen eines Kennzeichners anhand eines pseudozufällig erzeugten Werts (508) für die verschlüsselte Datenstruktur (514); Speichern des Kennzeichners und der verschlüsselten Datenstruktur (514) auf einem entnehmbaren Speichermedium (522) zur Verteilung mit einem System (504), das die Vorrichtung (506) umfasst, wobei das entnehmbare Speichermedium (522) eine Vielzahl von Kennzeichnern und verschlüsselten Datenstrukturen (514) für Vorrichtungen aus einer Klasse von Vorrichtungen umfasst, die die Vorrichtung (506) umfasst; und Speichern des pseudozufälligen Werts (508) in einem nichtflüchtigen Speicher in der Vorrichtung (506), wobei der pseudozufällige Wert (508) zum Erzeugen des Kennzeichners im System (504) verwendet wird, um die verschlüsselte Daten (522) zu extrahieren.

公开(公告)号：DE60331646D1

公开(公告)日：2010-04-22

申请号：DE60331646

申请日：2003-03-28

Applicant: INTEL CORP

Inventor： SUTTON JAMES II ,  GRAWROCK DAVID

IPC: G06F21/00 ,  G06F21/24 ,  G06F1/00 ,  G06F21/20 ,  H04L9/08 ,  H04L9/10 ,  H04L29/06

Abstract: In one embodiment, a method comprises generating a cryptographic key pair associated with a data center. The method also includes storing a private key of the cryptographic key pair within a platform. The private key is used to sign a value stored in the platform for validation of inclusion of the platform into the data center. In an embodiment, the private key is revoked upon determining that the platform has been compromised. In one embodiment, the private key may be revoked in each of the platforms of the data center.

公开(公告)号：GB2419987B

公开(公告)日：2006-09-27

申请号：GB0601322

申请日：2003-03-20

Applicant: INTEL CORP

Inventor： SUTTON JAMES ,  GRAWROCK DAVID

IPC: G06F12/14 ,  G06F21/00 ,  G06F1/00 ,  G06F21/24

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.

公开(公告)号：HK1068430A1

公开(公告)日：2005-04-29

申请号：HK05100531

申请日：2005-01-20

Applicant: INTEL CORP

Inventor： SUTTON JAMES II ,  GRAWROCK DAVID

IPC: G06F12/14 ,  G06F1/00 ,  G06F21/24 ,  G06F

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.

公开(公告)号：DE10392470T5

公开(公告)日：2005-04-07

申请号：DE10392470

申请日：2003-03-20

Applicant: INTEL CORP

Inventor： SUTTON II JAMES ,  GRAWROCK DAVID

IPC: G06F12/14 ,  G06F1/00 ,  G06F21/24

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.

公开(公告)号：AU2003280494A1

公开(公告)日：2004-01-19

申请号：AU2003280494

申请日：2003-06-27

Applicant: INTEL CORP

Inventor： GRAWROCK DAVID ,  WISEMAN WILLARD

IPC: G06F21/00

Abstract: An apparatus may include a root of trust for measurement (RTM) module coupled to a verified platform security property policy module and a comparison module. The comparison module may operate to prevent transfer of control to an operating system (and/or halt the boot process) if a policy included in the platform security property policy module is violated. A system may include a memory coupled to a processor, a platform security property policy module, and a comparison module. The memory may include an RTM. A method may include beginning execution at an entry point within an RTM, determining that the RTM is trustworthy, determining that a main initialization code associated with a platform is trustworthy and transferring control to the main initialization code, and otherwise, refraining from transferring control to the main initialization code.

公开(公告)号：AU2003213080A1

公开(公告)日：2003-09-09

申请号：AU2003213080

申请日：2003-02-13

Applicant: INTEL CORP

Inventor： GRAWROCK DAVID ,  SUTTON JAMES II ,  KOZUCH MICHAEL

IPC: G06F21/00 ,  G06F9/40

Abstract: The method involves loading a component of an operating system into a specific region (275) of a memory by the active one of the CPUs (210,220,230) of a multi-processor system (200). The identity of the loaded component is registered. The active CPU is made to jump to a known entry point in the specific region. Independent claims are also included for the following: (1) article of manufacture comprising computer readable medium storing operating system loading program; (2) method of securing a region in computer memory; and (3) apparatus to load trustable operating system.