公开(公告)号：EP3103013A4

公开(公告)日：2017-08-23

申请号：EP15746994

申请日：2015-01-30

Applicant: INTEL CORP

Inventor： ROTHMAN MICHAEL A ,  ZIMMER VINCENT J ,  YOU ZIJIAN

IPC: G06F9/44 ,  G06F9/48

CPC classification number: G06F9/4418 ,  G06F9/441 ,  G06F9/48 ,  G06F9/542

公开(公告)号：EP3103053A4

公开(公告)日：2017-07-05

申请号：EP15745775

申请日：2015-01-30

Applicant: INTEL CORP

Inventor： ROTHMAN MICHAEL A ,  ZIMMER VINCENT J ,  DORAN MARK S

IPC: G06F21/62 ,  G06F9/44 ,  G06F21/57 ,  G06F21/60

CPC classification number: G06F21/572 ,  G06F9/441 ,  G06F21/604 ,  G06F21/6281

Abstract: Technologies for media protection policy enforcement include a computing device having multiple operating systems and a data storage device partitioned into a number of regions. During execution of each of the operating systems, a policy enforcement module may intercept media access requests and determine whether to allow the media access requests based on platform media access policies. The media access policies may allow requests based on the identity of the executing operating system, the region of the data storage device, or the requested storage operation. Prior to loading a selected operating system, a firmware policy enforcement module may determine a region of the disk storage device to protect from the selected operating system. The firmware policy enforcement module may configure the data storage device to prevent access to that region. The media access policies may be stored in one or more firmware variables. Other embodiments are described and claimed.

Abstract translation: 媒体保护策略实施的技术包括具有多个操作系统的计算设备和划分成多个区域的数据存储设备。 在执行每个操作系统期间，策略实施模块可以拦截媒体访问请求并基于平台媒体访问策略确定是否允许媒体访问请求。 媒体访问策略可以允许基于正在执行的操作系统的身份，数据存储设备的区域或所请求的存储操作的请求。 在加载选定的操作系统之前，固件策略实施模块可以确定要保护所选择的操作系统的磁盘存储设备的区域。 固件策略实施模块可以配置数据存储设备以防止访问该区域。 媒体访问策略可以存储在一个或多个固件变量中。 描述并要求保护其他实施例。

公开(公告)号：EP3063622A4

公开(公告)日：2017-07-05

申请号：EP13896677

申请日：2013-10-30

Applicant: INTEL CORP

Inventor： ROTHMAN MICHAEL A ,  ZIMMER VINCENT J ,  KROGH DANIEL M

IPC: G06F9/24 ,  G06F3/06 ,  G06F9/44 ,  G06F9/445 ,  G06F12/02 ,  G06F21/57

CPC classification number: G06F3/0607 ,  G06F3/0655 ,  G06F3/0688 ,  G06F9/44505 ,  G06F12/0246 ,  G06F21/575 ,  G06F21/79 ,  G06F2212/7202

Abstract: Technologies for providing services to a non-volatile store include a computing device having a non-volatile store policy that defines a minimum amount of reserved space in the non-volatile store. The mobile computing device receives a call for services to the non-volatile store, determines useable free space in the non-volatile store based on the non-volatile store policy, and responds to the call for services based on the useable free space. Technologies for platform configuration include a computing device having a firmware environment and an operating system. The firmware environment determines information on configuration settings inaccessible to the operating system and exports the information to the operating system. The operating system determines a new configuration setting based on the exported information, and may configure the computing device at runtime. The operating system may securely pass a configuration directive to the firmware environment for configuration during boot. Other embodiments are described and claimed.

Abstract translation: 用于向非易失性存储提供服务的技术包括具有定义非易失性存储中的最小预留空间量的非易失性存储策略的计算设备。 移动计算设备接收对非易失性商店的服务调用，基于非易失性商店策略确定非易失性商店中的可用空闲空间，并且基于可用空闲空间响应于对服务的调用。 用于平台配置的技术包括具有固件环境和操作系统的计算设备。 固件环境确定有关操作系统无法访问的配置设置的信息，并将信息导出到操作系统。 操作系统基于导出的信息确定新的配置设置，并且可以在运行时配置计算设备。 操作系统可以在启动过程中安全地将配置指令传递给固件环境进行配置。 描述并要求保护其他实施例。

公开(公告)号：EP2601588A4

公开(公告)日：2017-03-01

申请号：EP11815248

申请日：2011-08-03

Applicant: INTEL CORP

Inventor： SWANSON ROBERT C ,  BULUSU MALLIK ,  ZIMMER VINCENT J

IPC: G06F13/14 ,  G06F13/16 ,  G06F21/57 ,  G06F21/72 ,  G06F21/74 ,  G06F21/79 ,  G06F21/85

CPC classification number: G06F21/572 ,  G06F21/72 ,  G06F21/74 ,  G06F21/79 ,  G06F21/85 ,  G06F2221/2107 ,  G06F2221/2113 ,  G06F2221/2115

Abstract: In one embodiment, a peripheral controller coupled to a processor can include a storage controller. This storage controller can control access to a non-volatile storage coupled to the peripheral controller. The storage may include both secure and open partitions, and the storage controller can enable access to the secure partition only when the processor is in a secure mode. In turn, during unsecure operation such as third party code execution, visibility of the secure partition can be prevented. Other embodiments are described and claimed.

公开(公告)号：EP2939080A4

公开(公告)日：2017-02-22

申请号：EP13869225

申请日：2013-11-21

Applicant: INTEL CORP

Inventor： GOVINDARAJU KANIVENAHALLI ,  ZIMMER VINCENT J

IPC: G06F1/32

CPC classification number: G06T1/20 ,  G06F1/324 ,  G09G5/18 ,  G09G2330/021 ,  Y02B60/1217 ,  Y02D10/126

Abstract: Methods and apparatus are disclosed to manage power consumption at a graphics engine. An example method to manage power usage of a graphics engine via an application level interface includes obtaining a policy directive for the graphics engine via the application level interface, the policy directive identifying a threshold corresponding to power consumed by the graphics engine operating in a first graphics state. The example method also includes determining a power consumed by the graphics engine during operation. The example method also includes comparing the power consumed to the threshold of the policy directive, and when the threshold is met, setting the graphics engine in a second graphics state to cause the graphics engine to comply with the policy directive.

公开(公告)号：EP2810158A4

公开(公告)日：2015-09-16

申请号：EP13743648

申请日：2013-01-24

Applicant: INTEL CORP

Inventor： ROTHMAN MICHAEL A ,  ZIMMER VINCENT J ,  DORAN MARK S ,  KINNEY MICHAEL D

IPC: G06F9/24 ,  G06F9/30

CPC classification number: G06F9/4406

公开(公告)号：EP2622533A4

公开(公告)日：2014-03-12

申请号：EP11830034

申请日：2011-09-30

Applicant: INTEL CORP

Inventor： SAKTHIKUMAR PALSAMY ,  SWANSON ROBERT C ,  ROTHMAN MICHAEL A ,  BULUSU MALLIK ,  ZIMMER VINCENT J

IPC: G06F9/22 ,  G06F9/44 ,  G06F13/14 ,  G06F21/22

CPC classification number: G06F13/105 ,  G06F9/4812 ,  G06F21/572 ,  G06F2221/2105

公开(公告)号：EP3161657A4

公开(公告)日：2018-05-30

申请号：EP14895738

申请日：2014-06-24

Applicant: INTEL CORP

Inventor： HANEBUTTE ULF R ,  YAO JIEWEN ,  ZIMMER VINCENT J

IPC: G06F15/177 ,  G06F9/4401 ,  G06F21/57 ,  G06F21/62

CPC classification number: G06F9/4401 ,  G06F21/575 ,  G06F21/62

Abstract: Computing devices, computer-readable storage media, and methods associated with providing an operating system (OS)-absent firmware sensor layer to support a boot process are disclosed herein. In embodiments, a computing device may include a processor and firmware to be operated on the processor. The firmware may include one or more modules and a sensor layer. The sensor layer may be configured to receive, in the OS-absent environment, sensor data produced by a plurality of sensors. The sensor layer may be further configured to selectively provide the sensor data to the one or more modules via an interface of the sensor layer that abstracts the plurality of sensors. Other embodiments may be described and/or claimed.

公开(公告)号：EP3198509A4

公开(公告)日：2018-05-16

申请号：EP15844129

申请日：2015-08-19

Applicant: INTEL CORP

Inventor： POORNACHANDRAN RAJESH ,  ZIMMER VINCENT J ,  SHAHIDZADEH SHAHROK ,  SELVARAJE GOPINATTH

IPC: G06F21/57 ,  G06F21/73 ,  G06F21/74

CPC classification number: G06F21/73 ,  G06F21/55 ,  G06F21/575 ,  G06F21/74

Abstract: Technologies for verifying hardware components of a computing device include retrieving platform identification data of the computing device, wherein the platform identification data is indicative of one or more reference hardware components of the computing device, accessing hardware component identification data from one or more dual-headed identification devices of the computing device, and comparing the platform identification data to the hardware component identification data to determine whether a hardware component of the computing device has been modified. Each of the one or more dual-headed identification devices is secured to a corresponding hardware component of the computing device, includes identification data indicative of an identity of the corresponding hardware component of the computing device, and is capable of wired and wireless communication.

公开(公告)号：EP3161710A4

公开(公告)日：2017-11-29

申请号：EP14895993

申请日：2014-06-25

Applicant: INTEL CORP

Inventor： YAO JIEWEN ,  ZIMMER VINCENT J ,  PAYNE BRIAN S ,  ADAMS NICHOLAS J

IPC: G06F21/53 ,  G06F9/54 ,  G06F21/57

CPC classification number: G06F21/577 ,  G06F8/65 ,  G06F9/4401 ,  G06F9/4411 ,  G06F9/445 ,  G06F21/53

Abstract: Embodiments related to hardware configuration reporting and arbitration are disclosed herein. For example, an apparatus for hardware configuration reporting may include: a processing device having a trusted execution environment (TEE) and a non-trusted execution environment (non-TEE); request service logic, stored in the memory, to operate within the TEE to receive an indication of a request from arbiter logic, wherein the request represents a hardware configuration register; and reporting logic, stored in the memory, to operate within the TEE and to report an indicator of a value of the hardware configuration register represented by the request to the arbiter logic. Other embodiments may be disclosed and/or claimed.